This section provides details about the MyAccess Guest Account Management System. The Guest Account Management System allows authorized sponsors create an Active Directory account for a guest.
A guest is someone who is affiliated with UCSF, and who's identity can be vouched for by members of pre-defined Guest Account Sponsor Groups. Guests usually only need access to one or a few UCSF resources, and for a limited time. Therefore, they do not fall into any other affiliate category.
Since MyAccess uses Shibboleth for its web-based authentication service, it is best if guests can authenticate to an application using their home institution credentials, instead of creating a guest account for the person. This requires more effort to set up, but it is far better for everyone if this can happen. If you have an application and you want people from other UC schools, Stanford, and any number of other higher educational institutions to be able to use your application, it would be better if the MyAccess team sets your application up as part of the InCommon federation. For more information on this process, please send email to email@example.com that you need to allow people from InCommon institutions to have access to your application. You can see a really great example of this concept in action on the UCSF Wiki login page: https://wiki.library.ucsf.edu/ucsf-ds.jsp
Guests, like any other affiliate, are given a UCSF ID Number (02 ID), and their record will be sent to Active Directory, MyAccess Single-Sign-On (SSO) and the Enterprise Directory Service (EDS). This means that a guest will be able to get a Active Directory account (which is usually the whole reason for being put into the system as a guest), and the guest's information will be available to any application which has access to UCSF identity data. Having an Active Directory account allows the guest to use the MyAccess SSO service, and the Campus Wireless (UCSFwpa) network.
Guest Account Sponsor
A Guest Account Sponsor is a UCSF administrator who agrees to take on the responsibility of approving guest requests. There are currently a number of Sponsors on the UCSF campus. If you would like become a Sponsor, please send email to firstname.lastname@example.org indicating that you have a need for guest access to your application(s), and why.
As of August, 2012, all affiliates (guests are a type of affiliate) who use the network (use of MyAccess constitutes network use) will be charged $11/month. Since the affiliate can not be directly charged, the department of the sponsor of the guest will be charged. This means that the department associated with the sponsor group will be charged if the guest uses any MyAccess service (MyAccess SSO to log into an application or Wireless) during the month. If the guest uses a MyAccess service 1 or more times during the month, the department will be charged $11. If the guest does not use any MyAccess service during the month, the department will not be charged.
Information Necessary to Establish Group
To establish a UCSF employee as a sponsor the following information is required:
UCSF ID (02 ID)
Once you have provided this we will arrange a time when we can walk you through what it takes to be a sponsor.
Each sponsor can login into the Guest Account application, https://myaccess.ucsf.edu/guests and begin to sponsor accounts.
Information Required For Guests Account
The following information collected as part of the guest account creation process. Required fields are marked in bold:
- First Name
- Middle Initial
- Last Name
- Name Suffix
- Email Address
- Date of Birth
- Country of Birth
- Reason requesting the account
Once the account is approved, the person is associated with the department to which the sponsor group is associated.