User Administration

SECID-UADM-1.0 IT Security & Identity Version 1.0
Main purpose

Central management of user accounts and IT identities for all university members as a prerequisite for using all IT services.

Description

Every user of Jade University's IT resources needs a digital identity (username and password). The username format is XX#### (2 letters + 4 digits). Accounts are created automatically via a SAP interface (APPS-SAP). After receiving the credential sheet, the account is activated in the eIDentity Portal. The user account automatically provides access to email (Email (COMM-EMAIL-1.0)), Wi-Fi (WLAN / Wi-Fi (INFRA-WIFI-1.0)), PC Network System (WORK-PCVS-1.0), network drives (Data Drives (STORE-DRIVES-1.0)), as well as print and plot services.

Please Note:

Authentication overview:
- CCS, data drives, DMS, printing, email, eCampus, MFD, plotting, VPN, virtual desktops: single password
- PC network system: SSO (Kerberos)
- Moodle: single password (SSO in preparation)
- Video conferencing, time recording: SSO
- In PC network system: SSO Kerberos for data drives, printing, MFD, plotting

Requirements

University affiliation (students, staff, lecturers, guests)

Details
  • 1000–1999: Staff
  • 2000–8999: Students
  • 9000–9999: Others

Login types:
- Standard login: username only (e.g. ma1150)
- Domain login: username@hs-woe.de (e.g. ma1150@hs-woe.de)
- Important: domain login (@hs-woe.de) ≠ email address (@jade-hs.de / @student.jade-hs.de)

Services included per account:
- Email address Email (COMM-EMAIL-1.0)
- Wi-Fi access WLAN / Wi-Fi (INFRA-WIFI-1.0)
- PC Network System (WORK-PCVS-1.0) login
- Data Drives (STORE-DRIVES-1.0)
- Printing, plotting, MFD

Account activation:
Via eIDentity Portal under 'Activate Account'. Requires: username, initial password, and date of birth (from access data sheet). User sets a personal password.

Password rules:
- Minimum 8 characters, case-sensitive, digits, special chars (! + -)
- Umlauts NOT allowed; no expiration
- Change via eIDentity Portal; affects: CCS, printing, email, eCampus, eduroam, VPN, virtual desktops etc.
- Forgotten: present photo ID at HRZ or use eIDentity Portal recovery
- Password manager recommended: KeePassXC (PC), KeePassium/Strongbox (iOS), KeePass DX (Android)

eIDentity Portal functions:
- View/manage user account
- Change password
- Set security questions for password reset
- Set up smartphone recovery
- Increase email quota
- Activate external services: Adobe Creative Cloud, Cisco Webex, Microsoft 365
- Edit profile, upload presentation photo (133×100 px, max. 60 kB)
- Initial account activation

Access data sheet:
- Staff: distributed by HR department
- Students: via Jade eCampus 'Student Account' portlet eCampus (APPS-ECAMPUS-1.0)
- Contents: first name, last name, username, initial password, email, Wi-Fi parameters (SSID, authentication)

Account lifecycle:
- Creation: automated via SAP interface (APPS-SAP)
- Professors/staff/students: email 28 days before end → blocked 14 days after → deleted after 60 more days
- Lecturers: email 7 days before → blocked 215 days after → deleted after 180 more days
- Retirees: professors become affiliates, accounts extended yearly until calendar year end; notified in November, renewal on request

Information about account activation, password, and eID in the HRZ Wiki: https://hrz-wiki.jade-hs.de/de/tp/uadm/start

Sources:
[1] https://hrz-wiki.jade-hs.de/en/tp/uadm/start

Link to service
Open service
https://eid.jade-hs.de/
Service contact
Available for
Students Employees
Service lifecycle
Available from
Jan. 1, 2024