[an error occurred while processing this directive]

	<title>MFCF Resource Sponsorship</title>
	<meta
		name="Description"
		content="Instructions for sponsoring MFCF resources."
	/>
	<style type="text/css">
		dl,ol,ul { margin-left: 2em; }
	</style>

[an error occurred while processing this directive]

<h1><acronym>MFCF</acronym> Resource Sponsorship</h1>

<h2>Preface</h2>
<p>
	<acronym>MFCF</acronym>'s automated resource management software
	works on many systems,
	including <acronym>UNIX</acronym> (Solaris, IRIX, Linux),
	Mac, and Active Directory.
	Not all machines are administered this way,
	but wherever possible, it will be best if they are.
</p>

<h2>Introduction</h2>
<p>
	The essential purpose of account managment
	(or any general resource allocation system)
	isn't so much to allow one to create accounts
	as it is to keep track of why the accounts exist.
	In particular the most valuable information it provides
	is letting one know when it is safe to delete an account.
</p>
<p>
	Unless there is a security issue,
	when Professor Smith asks you to
	<q>delete John Doe's account on general.math</q>,
	that's really not what he means,
	and it is definitely not what you should do.
	Instead, what he means is that he no longer wants
	to be responsible for that account,
	and what you should do is remove his sponsorship
	of that account.
</p>
<p>
	The accounts management software keeps track of all resource
	sponsorships.
	John's account may very well be sponsored by several professors
	for different purposes; but that's something you don't need to know.
	If your removing Smith's sponsorship happens to leave the account
	without any sponsors, the accounts software will automatically
	arrange for the account to be deleted;
	but if the account still has at least one sponsor,
	it will remain, possibly with disk quotas automatically adjusted.
	Either way, you don't need to worry about or even know about it.
</p>
<p>
	To enable this to work, all user accounts must be maintained using
	this same sponsorship mechanism.
	If even a few are created by hand (for <q>convenience</q>),
	it won't take long until there are dozens or hundreds of such accounts,
	and getting rid of them, even when you know they should be gone,
	will be almost impossible.
</p>
<p>
	All computing resources must be allocated using
	<acronym>MFCF</acronym>'s sponsorship database.
	(One obvious exception is the accounts that were created by
	the vendor and come with the basic operating system.
	Another exception is those accounts needed for xhiered packages.
	But in either case, the accounts management system knows about
	these special accounts and prevents the sponsorship software
	from affecting them.)
</p>

<h2>Resources</h2>
<p>
	The sponsorship database can control resources such as
	printer quotas, mail aliases, dialin-modems, software licences,
	and computer accounts on Unix, Linux, Macs, and Active Directory.
</p>
<p>
	After information is entered into the sponsorship database
	it is compiled using the <q>sponsor_resources</q> command.
</p>
<p>
	The <q>accounts-master</q> command runs <q>sponsor_resources</q>,
	and the actual resources (other than computer accounts) are updated.
	It also updates a few web pages and prepares
	student information from the Registrar's data
	for computer account updates.
</p>
<p>
	The <q>accounts_client</q> program is used to update computer
	accounts on a specific machine or on all sponsored machines.
</p>
<p>
	Generally, all resources are updated by software that compares
	what is sponsored against what is actually there
	and then adjusts reality to match the sponsorship information.
</p>

<h2>Updates</h2>
<p>
	For most resources and attributes, the software updates happen right away.
	Computer accounts however are not immediately deleted.
</p>
<p>
	Instead, unsponsored accounts are put into a state of grace
	for typically 3 weeks.
	During this time the accounts are still usable,
	but with restricted disk quota and no special group memberships.
	Mail is sent each week to remind the user to copy files and mail elsewhere.
</p>
<p>
	After the grace period, the account is given a shell that
	displays an appropriate message and prevents logins.
</p>
<p>
	At the end of the month, the account is actually deleted.
	(Active Directory accounts are disabled and marked as expired,
	 but not deleted.)
</p>

<h2>Sponsorship Database</h2>
<p>
	All sponsorship information in the database is maintained in a
	hierarchical structure as described below,
	with a sponsor as the root of each tree.
</p>

<h3>Sponsors</h3>
<p>
	Each sponsor has various attributes,
	mostly for billing purposes.
</p>
<dl>
	<dt>Sponsor</dt>
	<dd>The sponsor's name.</dd>
	<dt>Department</dt>
	<dd>The sponsor's department.</dd>
	<dt>Address</dt>
	<dd>Further mailing information
		if name and department aren't sufficient.</dd>
	<dt>Email</dt>
	<dd>The sponsor's e-mail address.</dd>
	<dt>Billing</dt>
	<dd>
		This says what happens to bills at the end of each term.
		It can be omitted, but will have the values
		<q>Automatic</q> if the sponsor's financial accounts
		are automatically charged (e.g. research grants)
		or <q>NoCharge</q> if no charges are actually made
		(e.g. the Dean's sponsorship of classroom equipment).
	</dd>
	<dt>Statements</dt>
	<dd>
		This says what happens to the sponsor's monthly statements.
		It is normally omitted, but can have either or both of the values
		<q>NoWeb</q> to prevent publishing them
		or <q>NoPaper</q> to prevent sending paper statements.
	</dd>
	<dt>Subsidy</dt>
	<dd>
		This lists any subsidies the sponsor is eligible for.
		Currently the only possible value is <q>FirstConnection</q>,
		indicating that the Dean will pay the cost of the sponsor's
		first internet connection.
		(Actually the first four as of this writing.)
	</dd>
</dl>

<h3>Bill-Codes</h3>
<p>
	Each sponsor will have one or more bill-codes for charging purposes.
	These are normally <small>UW</small> Financial Services account numbers,
	but in some cases (e.g. internal sponsorship with no real billing)
	other codes may be used (check with the accountING people for
	what is appropriate).
</p>


<h3>Classes</h3>
<p>
	Each bill-code will have one or more classes associated with it.
	Classes are a generalization of (and in fact include)
	the student classes assigned by the Registrar.
	They allow the grouping of multiple users requiring
	the same resources.
</p>
<p>
	Other information may be associated with each class,
	most of which applies only to the Registrar's classes
	and is used for automatically updating various web pages.
</p>
<dl>
	<dt>Class</dt>
	<dd>
		This is the name of the class.
		Names that contain no upper-case characters are reserved
		for those automatically generated from the Registrar's data
		(e.g. <q>co350</q>).
		Other class names typically consist of a keyword and a number
		(e.g. <q>Admin100</q>).
	</dd>
	<dt>Description</dt>
	<dd>
		This is a short description of the class,
		which should be sufficient to distinguish it from other
		similar classes and to allow one to decide whether
		someone should be in it or not.
	</dd>
	<dt>Usage</dt>
	<dd>
		This defines the primary use of the class.
		It must be one of <q>Research</q>, <q>Administration</q>,
		<q>Maintenance</q>, or <q>Teaching</q>.
		Since it can affect the charges billed to other users,
		the most financially significant value is <q>Maintenance</q>,
		which should be reserved for staff who are assigned resources
		only for the purpose of maintaining that machine.
		So for instance, an account for maintaining web pages on a
		web server would not count as Maintenance, since those web
		pages are part of the normal purpose of the machine.
		But an account for making sure the web server is running
		correctly would count as Maintenance.
		A general guide-line would be whether or not the account
		would be needed in a world where things never go wrong.
	</dd>
	<dt>Subsidy</dt>
	<dd>
		This indicates whether resources sponsored in this class are
		eligible for the Dean's subsidy.
		By default, they are, and this is normally used only to
		prevent incorrectly applying a subsidy
		(e.g. a Math professor might be sponsoring an account
		for a colleague from a different faculty).
	</dd>
	<dt>Instructors</dt>
	<dd>
		This lists the name of the professor, class instructor(s), et al.
		for Registrar-sponsored classes.
	</dd>
	<dt>Enrollment</dt>
	<dd>
		This is the estimated number of students
		in a Registrar-sponsored class.
	</dd>
	<dt>Load</dt>
	<dd>
		This is the estimated <acronym>CPU</acronym> usage
		for a Registrar-sponsored class.
		It may be <q>low</q>, <q>moderate</q>, <q>high</q>, or <q>heavy</q>.
	</dd>
	<dt>Requirements</dt>
	<dd>
		This is a short list of extra requirements for the Registrar-sponsored
		class (e.g. specific software packages).
	</dd>
	<dt>Fee</dt>
	<dd>
		This specifies any lab-fee required for the class.
	</dd>
</dl>

<h3>Resources</h3>
<p>
	Each class may contain a number of different resources.
</p>
<dl>
	<dt>Computing</dt>
	<dd>
		Resources for computer accounts,
		including hostname(s), group membership(s), and disk quota.
	</dd>
	<dt>Printing</dt>
	<dd>
		Resources for printers, including page quotas.
		A sponsoring account name may also be given,
		overriding the class name that would have been used by default
		(for the <q>lpr -Raccount</q> parameter).
	</dd>
	<dt>MailAlias</dt>
	<dd>
		Requests for automatic mail redirection
		(e.g. jdoe@math &mdash;&gt; JohnDoe@Rogers.com).
	</dd>
	<dt>PPP</dt>
	<dd>
		Dial-in phone access.
	</dd>
	<dt>Licences</dt>
	<dd>
		Software licences.
	</dd>
</dl>
<p>
	Each of the above resources may have other attributes.
</p>
<dl>
	<dt>Starts</dt>
	<dd>
		This sponsorship is ignored before this date.
	</dd>
	<dt>Expires</dt>
	<dd>
		This sponsorship is ignored after this date.
	</dd>
	<dt>AssignTo</dt>
	<dd>
		A list of userids (hosts for Licences) 
		to which the current resource is to be assigned.
		Note that this is ultimately the most important part of the data;
		without it, none of the other information in the database ever
		gets used for anything.
	</dd>
</dl>

<h3>Short-cuts</h3>
<p>
	A few additional attributes exist in the current implementation
	of the database for the convenience in entering the data.
</p>
<dl>
	<dt>External files</dt>
	<dd>
		Any list may have the form <q>&lt;filename</q>.
		The contents of that file will be decommented
		and processed as if they had been entered in the data at this point.
		Typically this is used in an <q>AssignTo</q> list,
		where the list of userids comes from an externally maintained file.
	</dd>
	<dt>Sponsors: Userids</dt>
	<dd>
		Normally all userids must be entered into the sponsorship database
		with an accompanying identifier (e.g. student <small>ID</small>)
		to provide redundancy to eliminate most mistakes from typos.
		Any userids that will appear many times for this sponsor
		can be entered in their full form in this list,
		and then any further references to them
		for this sponsor are allowed without the identifier.
	</dd>
	<dt>Class: MembershipStarts</dt>
	<dd>
		Any following membership lists will be ignored before this date.
	</dd>
	<dt>Class: MembershipExpires</dt>
	<dd>
		Any following membership lists will be ignored after this date.
		If start date was given, the expiry date may be expressed
		relatively (e.g. <q>+42Days</q>, <q>+2Terms</q>).
	</dd>
	<dt>Class: Members</dt>
	<dd>
		This attribute lists userids belonging to the class.
		They will not be automatically assigned any resources;
		that must still be done by specifying <q>*MEMBERS*</q>
		as a userid in an <q>AssignTo</q> trigger.
		The main use of this mechanism is when the same userid list
		is needed several times,
		especially when it comes from an external file.
	</dd>
</dl>

<h2>Other References</h2>
<div>
	<a href="/mfcf/info/overviews/accounting">
		Overview of MFCF accounting philosophy</a>.
<br />
	<a href="/mfcf/info/overviews/resource">
		Overview of MFCF resource allocation</a>.
</div>

[an error occurred while processing this directive]