The MPCDF SelfService is a platform for MPCDF users to manage their user accounts and external guests. It is the successor of the "roaster" system and extends it by various self-management functionalities. Guests are not able to log in to the platform but can use it to accept invitations and reset their passwords.
MPCDF users invite guests to let them gain access to specific services provided by the MPCDF in order to let them participate in projects or share files. Guests use the credentials they chose when registering on this platform to log in to those backend services. Access to the services may be granted or revoked on a per-service basis at any point.
The services available on the SelfService platform are:
This manual details how MPCDF users can administer their own accounts and manage guest users
Here, the users may subscribe themselves to MPCDF services. For technical reasons it is not possible to unsubscribe from a service.
This page shows the user's data such as room and telephone number. It is meant to provide an easy way for the user to check their details for correctness. At this point it is not possible to change those values yourself and the MPCDF support needs to be contacted in case of any errors.
Here, an external person can be invited to use one or more MPCDF services. Note that persons with an MPG account should apply for an MPCDF account of their own and cannot be invited as guest users.
To invite someone it is necessary to provide the guest's full name and email address. An optional custom message to the guest can be included. At least one service must be selected from the list shown. Note that this selection cannot be changed until the guest has accepted the invitation. If a wrong selection was made it is best to revoke the invitation and send a new one. The inviation is valid for 7 days and the guest account expires after 2 years if not prolonged by the inviter. The inviter receives a confirmation email when the invitation is sent and once more when it has been accepted.
In case the guest is invited to use the DataShare service, the guest is not assigned a storage quota but instead uses the quota of their inviter. The inviter can then share dedicated folders with the guest to exchange data and share storage space.
The inviter is responsible for any content uploaded by the guest. It is therefore important to make sure the correct email address is used during the invitation process. As stated in the Terms of Use signed by the inviter when their MPCDF account was created, the MPCDF reserves the right to withdraw access to their services without any notice or explanation if the uploaded content violates the MPCDF Terms of Use or the law.
The guest receives an invitation email with a link that contains a token associated with the invitation in the database. Once the guest clicks that link a page is opened where the guest can check whether their name is spelled correctly and change it if not, choose a username of their liking, and set a password for their new account that needs to be used to log in to the backend services. The guest is presented with the Terms of Use for Guest Users and has to accept them before the account can be activated. It can then take up to 20 minutes for the backend services to register the new account.
Multiple guests can be invited using this option. A CSV file containing the invitees' details may be uploaded here. The uploaded file needs to meet these requirements:
After uploading the file the invitees are listed for review and may be assigned one or more services they should be allowed to use. We recommend also specifying a keyword (such as a project name) so that the invited guests may be easily identified later on. Optionally, a message may be included that will get prepended to the individual invitation email that each invitee receives. This is in contrast to the invitation of a single guest where the inviter's message gets appended to the email. The reasoning for this is that bulk imports usually imply a bigger event such as the formation of a project and the inviter needs to make an important announcement to the invitees.
After accepting the disclaimer and submitting the form a summary of succeeded and failed invitations is shown. An error message explaining what went wrong is shown next to each failed invitation. An invitation may fail for example due to the invitee already having a regular MPCDF account. In this case the user should log in to the SelfService and opt in for the service themselves. The list of failed invitations may be downloaded as a CVS file so that a corrected version can be uploaded if needed.
If a guest already exists and has the importer as inviter the SelfService ensures that the guest gets assigned all services specified druing the import while retaining any additional access rights already present.
This page lists the guests the user has sent invitations to. The list contains the guest's full name, username, email address, the date of invitation, an "Active" flag, and a button called "Details and Edit" that leads to a dedicated page for editing this guest.
The "Active" flag shows whether the guest is able to log in to any backend services. It may show "No" either because the guest has not accepted the invitation yet or because the guest account has been (temporarily) disabled by the inviter on the guest edit page. If the guest account is disabled, login to the backend services is not possible regardless of what services are assigned to the guest.
The list is sortable by any text-based column through clicking on the column headers. It can be searched with the search function of the browser which in many cases is invoked with the key combination "Ctrl-F".
This page shows all details of the individual guest. These are: full name, email address, date of acceptance of the Terms of Use, account expiry date, and date of invitation.
If the user has not accepted the invitation yet, only two more buttons are shown:
After the guest has accepted the invitation, the following buttons are shown instead of the previously mentioned ones:
This manual decribes the functionalities accessible to MPCDF guests
Once you received an invitation from an MPCDF user you have 7 days to go to the provided link and register as a guest user. After 7 days the link expires and your data is deleted from the database. The link also expires after a successful registration. If you have lost your invitation mail please ask your inviter to resend it.
On the registration page you have the chance to correct any spelling mistakes in your name. You are provided with a preliminary username that you can change to your liking. Note that any username you choose will always start with 'g-'. For the username you may use any latin character and arabic numbers, for your full name a range of European characters and dashes are allowed.
You will need to set a password for your account. Please consult our password policy for password requirements and make sure you use a password that cannot be guessed easily. Also note that reusing existing passwords is not allowed since this makes your account very vulnerable to password reuse attacks.
After you have accepted the Terms of Use you can activate your account. Please note it can take up to 20 minutes for your account to be synchronized to the backend services. After this period you will be able to log in to the services you were invited to use.
| Service | 2fa |
|---|---|
| SSH login on gatenull.mpcdf.mpg.de | required |
| SSH login on (afs)gate.mpcdf.mpg.de | not yet supported (required after Nov. 11th 2020) |
| VPN | optional (required after Nov. 11th 2020) |
| SelfService | required after token enrollment |
Please check if you are actually subscribed to the service you cannot access by logging in to the SelfService and navigating to "My Account > Services". You can grant yourself access to the services there. If you also cannot log in to this platform or any other MPCDF service then your password or account may have expired. If you find that you are already subscribed to the service you are trying to log in to please contact support.