Solution for Enterprise Identity, Scholarly Collaborations, and Guest Management
COmanage Class:
Managing Identities & Collaborations Workshop
What is COmanage?
COmanage is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. COmanage can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
Workshop Overview
March 22 – 25, 2021
This virtual workshop is a hands-on workshop, providing a conceptual understanding of COmanage, and the technical know-how to get this solution up and running. Whether you represent a research computing center or central IT, you can expect to learn:
- how to deploy COmanage using the InCommon Docker images from the InCommon Trusted Access Platform and configure it for basic use
- configure COmanage so that it works in a way that is customized for your organizational needs
- how to model your organization or collaboration, and to set up enrollment flows and data processing to get the right people using the right services
- basics of identifier management and group/role provisioning and management
- gain experience with the Docker container version of COmanage
How the Workshop is Delivered
This workshop is designed to support live engagement with instructors and other participants, while still enabling students to complete self paced work and to practice new skills. Yes, it’s the best of both worlds!
- Sign into Canvas to complete self-paced learning of the COmanage basics the week of March 15th
- Join us for live classes (via Zoom), spanning 5 half days to reduce video conferencing fatigue
- Hours between 12:00 – 5:00 ET from March 22 – 25, 2021
- Engage in conversation and ask questions in a dedicated Slack channel
- Sign in a week before class
- Keep the discussions going for two weeks after class
- Leverage a virtual machine to complete class labs. Keep on practicing in your VM for two weeks post-class.
- Access the course materials for 3 months after the workshop ends.
Tuition Schedule
| Collaboration Success Program Alumni | InCommon Participant | Non-Participant | |
| Early Bird Rate* | $1,500 | $1,800 | $2,300 |
| Regular Rate | $1,500 | $2,000 | $2,500 |
*Early bird rates available until February 26, 2021
Preparing for the Workshop
Detailed preparation instructions will be available and distributed prior to the class.
- The training makes use of Virtual Machines (VMs), in this case derived from Amazon Marketplace Images (AMI) loaded on Amazon Web Services. The training team will provide access instructions when you arrive for the first day of training.
- You will need to have an SSH client on your laptop you can use to SSH into the VM.
- You will need root/administrator access on the computer you will be bringing to class so that you can modify the local hosts file.
- Your VM will be available during the training and for two weeks after the training. After two weeks, the VM will no longer exist, so be sure to save anything you need within two weeks of the end of the training.
Curriculum Outline
Days One and Two: Understanding COmanage’s Structure
As with most tools, COmanage uses a specific structure for modeling people and organizations. After getting an overview of the purpose of COmanage, you will get to work installing your own version of COmanage, and starting the process of modeling a simplified organization or collaboration and the people that you will register and manage within COmanage
Sample Agenda:
CO101 – Getting to Know COmanage
COmanage has superpowers in linking to other systems and in automating workflows for enrollment and provisioning. On day two, you will customize and build your own enrollment flows, and will set up provisioning so your newly-registered people can be set up to access systems outside of COmanage. You will also set up offboarding policies and learn about the ways that COmanage can be configured or extended to do things that we won’t be able to cover during our time together.
CO201 – Installing COmanage Using the InCommon Docker Images
In this lesson, you will gain a conceptual understanding of COmanage, what it can do, and how it integrates with other tools and processes. You will better know what you don’t know, and will have a general scaffolding to build additional knowledge.
In this lesson, you will learn how to install COmanage and configure it for basic use.
BREAK
CO310 – Modeling People in COmanage
COmanage is a registry for people. In this lesson you will learn how people are represented within COmanage. You will explore how COmanage stores and manages information about people and how this information is linked to systems outside of COmanage. You will learn the types of roles that people can play and the privileges that are granted in COmanage as a result. Also covered is how to manage user authentication.
LUNCH
CO320 – Modeling Organizational Structures in COmanage
When using COmanage with your organization or collaboration, the people that you have registered will naturally fall into groups, perhaps by organizational unit, project team, or the activities that a group of people can do. In this lesson, you will learn how these structures are modeled within COmanage and understand which structures to use to meet your needs.
Day Three and Four: Understanding COmanage’s Superpowers
Sample Agenda:
CO330 – Linking to Systems Outside of COmanage
One of COmanage’s superpowers is in linking the registered people to their representations in your other systems. These systems include both “inbound systems”, or “systems of record” as well as “outbound systems” or “provisioned systems”. In this lesson you will learn how COmanage interprets systems of records as sources and links them to the registered people. You will also learn how COmanage shares information about registered people with systems so that these systems can make decisions about the rights and access privileges the person has.
CO340 – Workflows: Enrollment
Another one of COmanage’s superpowers is in being able to manage workflows related to your registered people. A key one of these workflows is the enrollment workflows, or the creation of registered people within COmanage. In this lesson you will learn how enrollment workflows work and how to customize them to meet your needs. You will get to know the common ways that enrollment workflows are initiated, for example, by invitation, self-signup, or account linking. You will understand how to link your registered people to the organizational structures that you created and your “inbound systems” or “systems of record.”
CO350 – Workflows: Provisioning
The last step of the enrollment workflow is enabling provisioning, or the links between your registered people and “outbound” or “provisioned” systems. These links will enable these “provisioned systems” to make decisions about the rights and access privileges that the person has. In this lesson we will learn the basic structure for enabling these linkages, and review how to set up several commonly provisioned systems.
CO360 – Workflows: Offboarding
Eventually people that you have registered will no longer have a connection to part or all of your organization or collaboration. In this lesson we will learn how offboard people: how to unwind provisioning, roles and COmanage access. We will review workflow policies to handle the common reasons for offboarding, and learn how to set up automatic processing.
CO370 – Extending COmanage
During this workshop, we learned the basics of COmanage, though it can do so much more. During this lesson, you will whet your appetite for other topics to explore related to COmanage. You will learn how COmanage can be extended through plug-ins, and will be exposed to some of the ways that COmanage can handle more complicated use cases. We will discuss resources for continuing on your COmanage learning journey, and how to connect with the broader COmanage community for support and inspiration.
Ready to Enroll?
Payment, Cancellation and Refund Policy
All cancellations received on or before 11:59 PM EST on Friday, March 12, 2021 are entitled to a full conference refund less a $20 administrative fee. There will be no refunds after this date. If you cancel after 11:59 PM EST on Friday, March 12, 2021 and have not paid by any other means, your credit card will be charged the cost of the registration fee. If you cancel your registration after 11:59 PM EST on Friday, March 12, 2021 you may name another person from your organization to take your place for meetings that allow transferred registrations. To cancel, transfer, or make changes to your registration, please contact meetingregistration@internet2.edu. Thank You.
