1 == how to add an account to ud-ldap ==
5 A Debian Account Manager (DAM) will submit an RT ticket to ask that an account
6 be created for a new member of the Debian Project.
8 Initially, the RT ticket will be assigned to a Debian Keyring Maintainer (DKM)
9 so that Debian's Keyring may be updated with the user's GPG key.
11 Subsequently, the RT ticket will be assigned to a Debian System Administrator
12 (DSA) so that Debian's LDAP may be updated.
14 This HOWTO documents DSA's actions relating to such tickets.
16 The RT ticket will contain the following details in a GPG-signed message:
17 * the user's account type ("uploading DD")
18 * the user's GPG key fingerprint
19 * the user's full name (first name, middle name, last name)
20 * the user's forwarding address
21 * the user's preferred account name
23 === Procedure for New Accounts ===
25 Step 1: Download the GPG-signed message from RT and verify the signature.
26 Ensure that the message has been signed by a DAM (for a list of DAMs, see
27 https://wiki.debian.org/DAManager or https://www.debian.org/intro/organization).
29 Step 2: Create an entry in LDAP by executing ud-useradd on draghi.
32 you@home~$ ssh db.debian.org
33 you@draghi~$ ud-useradd
36 You will be prompted to enter the fingerprint; the preferred account name; the
37 first, middle and last names; and the forwarding address. Some of these values
38 will be extracted from the GPG key, if available.
40 Use the @debian.org for the debian-private subscription.
42 Accept the randomly generated password.
44 Step 3: Confirm account creation.
46 Step 4: Resolve the RT ticket. Enter the 'final information collected' emitted
47 by ud-adduser as the message of the resolution action. Carbon copy the
48 forwarding address and da-manager@debian.org.
50 Step 5: Add a welcome message for the account name to the #debian-devel topic on IRC.
52 === Procedure for Upgrading Guest Accounts ===
56 Step 2: Remove the GPG key from guest-keyring.
59 you@home~$ sudo apt-get install jetring
60 you@home~$ git clone ssh://db.debian.org/git/guest-keyring.git
61 you@home~$ cd guest-keyring
62 you@home~$ ./del-key <fingerprint>
64 you@home~$ git add debian-guest/delete-<fingerprint substring>
65 you@home~$ git commit -a
68 Step 3: Modify the LDAP entry.
71 you@draghi~$ ud-guest-upgrade <account>
72 you@draghi~$ ldapmodify -ZZ -x -D uid=$USER,ou=users,dc=debian,dc=org -W -h db.debian.org
73 <paste the ud-guest-upgrade output> ldapvi -ZZ -D uid=<you>,ou=users,ou=debian,ou=org
76 Step 4: Email welcome-message-Debian to the user, substituting parameters.
78 Step 5: Resolve the RT ticket. Carbon copy the forwarding address and
79 da-manager@debian.org.