Document Actions
1.
Overview
Up one level
Overview of the GRIA client management package
The GRIA Client Management package is run by a client organisation for its own internal use. It provides a membership service, a registry service and a Kerberos single-sign-on service.
-
The membership service
-
This is used to manage groups of users. Managers can create new groups and control which users are members of which group. Members of a group can use the service to get a SAML token proving that they are members. This token can be used at other services, including services running in different domains.
- The registry service
-
This can be used to store groups of resources. For example, you could use a registry to keep track of every SLA your company has with other organisations. - The Kerberos STS
This service issues X.509 credentials based on users' local Kerberos or Active Directory credentials. For example, a user can log in to their Windows desktop by entering their Windows username and password, as usual, and then automatically be issued with an X.509 certificate which they can use to access remote resources.
The following sections describe how to install and configure the service.
