System Identity Manager (SIM)¶
As of February 2023 the Office of Advanced Research Computing (OARC) has released a new web-based account management application: System Identity Manager (SIM).
One time SIM user registration¶
Important
All current and perspective users and faculty sponsors of the Hoffman2 Cluster, who have not already done so, need to register into the new account management system. To do so:
If you already have an account on the cluster:
log into the Hoffman2 Cluster and run the following command at the shell prompt:
$ mylink
and follow the instructions that will be printed on the screen.
If you do not have a Hoffman2 Cluster account yet (or have forgotten your username and/or password):
visit SIM at: https://sim.idre.ucla.edu.
Accessing SIM¶
Attention
SIM uses your UCLA Logon ID for authentication.
If you don’t have a UCLA Logon ID, please visit the UCLA Identity and Accounts Manager, you can create your UCLA Logon ID by following these directions:
- Visit: https://accounts.iam.ucla.edu and select the CREATE A UCLA LOGON ID button:
Check the box next to I agree to the Terms of Service
Click the I AGREE TO THE TERMS OF USE button
- In the new page that will load, select the option that best describe your situation, i.e.:
I HAVE A 9 DIGIT UCLA ID NUMBER (UID)
I DO NOT HAVE A 9 DIGIT UCLA ID NUMBER (UID)
The UCLA Identity and Accounts Manager recommends: "If you are a student, alumnus, faculty, staff, or contractor, please create a UCLA Logon with your 9 Digit UCLA ID Number (UID) to ensure access to university resources."
UCLA Logon ID is not a service of our OARC HPC Systems Research Technology Group. As their web page says, “email us at help@it.ucla.edu, or give us a call at 310-267-HELP (4357).”
After acquiring a UCLA Logon ID you can proceed to access SIM.
Please refer to: Requesting an account section to learn who can and how to become a Hoffman2 Cluster user or Faculty Sponsor.
Requesting an account¶
Note
If you are using a computer on Mednet in the David Geffen School of Medicine (DGSOM) you may need to first connect to the campus VPN in order to reach SIM. Should you have any issues, please submit a ticket to our helpdesk.
Overview¶
In order to use the Hoffman2 Cluster, you will need to apply for a user account.
Important
All user accounts need to be sponsored by a UCLA faculty or researcher that qualifies under UCLA Policy 900 as a principal investigator.
We use a web-based account management application, the System Identity Manager (SIM) , for sponsor registration, user account requests, and to manage your Hoffman2 Cluster account. Please note, the SIM uses the UCLA Federated Authentication Service to authenticate access, therefore you need to have a UCLA Logon ID in order to access SIM. UCLA Logon ID is not a service of the OARC HPC Systems Research Technology Group, if you have difficulty with it consider contacting the UCLA IT Support Center.
Warning
All operations relative to cluster accounts and managing resources for your group (such as approving new users, renew expired accounts etc.) are performed on System Identity Manager, SIM, Hoffman2 faculty sponsors will NOT be notified by email messages when a new user is requesting their sponsorship or access to their resources. Faculty sponsors will therefore need to periodically visit their account on SIM to approve pending applications. Likewise users with pending applications will need to visit SIM to check the status of their application.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Applying for a user account¶
After acquiring a UCLA Logon ID you are ready to register with SIM and apply for a user account on the Hoffman2 Cluster provided that your academic adviser is already registered as a Hoffman2 Cluster Sponsor.
Important
Please note, each person is allowed only one Hoffman2 Cluster user account.
If you require access to multiple research groups, please submit a request to add/join a secondary group via our online helpdesk.
Important
New users:Should your academic adviser not be listed in the sponsor / principal investigator drop-down list on the Request a cluster account web form, your adviser will need to register with SIM and request to become a sponsor. If you are a UCLA faculty or researcher that qualifies under UCLA Policy 900 as a principal investigator, please register as a Hoffman2 Cluster sponsor first, before applying for a user account.
Who is eligible to become a Hoffman2 Cluster user¶
UCLA Faculty
UCLA Student
UCLA Staff
Note
Cluster access can be authorized for people not affiliated with UCLA from Hoffman2 Cluster sponsors who have purchased nodes on the Hoffman2 Cluster by written request to the IDRE Accounts Administrator.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Register as a Sponsor¶
There is no charge for being a sponsor or for sponsoring user accounts. Please register with SIM and check the box to become a sponsor.
Important
New Sponsors:After becoming a Hoffman2 Cluster sponsor, please visit the Sponsor responsibilities page to learn more about your responsibility as a Hoffman2 Cluster sponsor.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Who is eligible to become a Hoffman2 Cluster Sponsor¶
UCLA faculty and researchers that qualify under UCLA Policy 900 as principal investigators.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Users - managing your account¶
User responsibilities¶
When you are granted access to the Hoffman2 Cluster, you accept:
Each person is allowed only one Hoffman2 Cluster user account. If you require access to multiple research groups, please submit a request to add/join a secondary group via our online helpdesk.
Hoffman2 Cluster user accounts are single user IDs and are not to be shared. If sharing is detected, your account will be disabled.
All accounts on the Hoffman2 Cluster are governed by a set of Security Policies, which include UCLA Policy 401: Minimum Security Standards for Network Devices and UCLA Policy 404: Protection of Electronically Stored Personal Information. Please read and familiarize yourself with these UCLA and Hoffman2 Cluster policies.
Personal information and other sensitive data, including statutory, regulatory, and contractually protected data - for example, human subjects research, restricted research, student and educational data, and personal health information (PHI) - are prohibited on the Hoffman2 Cluster.
You are expected to keep your contact information current for cluster-wide communication. To do so, please login into your My Profile page of the System Identity Manager at: https://sim.idre.ucla.edu/sim/profile and update your Hoffman2 Cluster identity profile.
If you have any questions, please open a new support ticket via our helpdesk
Account expiration¶
Hoffman2 Cluster user accounts must be renewed annually by your sponsor, typically on the anniversary of the account’s creation date. Expired user accounts that are not renewed will be scheduled for deletion from the system, including any permanent data in their home and scratch directories. For more information, please see below Data retention.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Data retention¶
Data in your home directory never expires as long as your user account is active. If your access to the Hoffman2 Cluster is revoked by your sponsor or if your account expires, your account will be disabled and you will be given a grace period to find a new sponsor. After the grace period, your account will be removed from the system and any data on your home and scratch directories will be removed from the system. Please see the page, Storage for more details on the available cluster file systems.
If your sponsor has purchased additional project storage, any data on your sponsor’s purchased project directory will be transferred to your sponsor or their appointed delegate.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Password Processes¶
Please adhere to the following rules when creating your password:
You cannot use your username or a significant portion of it in your password.
You need to have a minimum of 8 characters.
You need to have at least 5 unique (different) characters.
You need to have at least one character from 3 different character classes.
The character classes are: UPPERCASE CHARACTERS, lowercase characters, digits (0-9), and punctuation (( !#%&)(+*-,/.;=<?>@[ ]_^`{ }|~ )).
You do not have to additionally change your password on the compute nodes. It usually takes 10-20 minutes for your new password to propagate to all the cluster nodes.
Tip
You can refer to the web-page Choose a secure password to learn more about how to choose a good password.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Create a password¶
After your user account is created you can set your password on SIM (the link below will take you to the page where your password can be set):
Retrieve your cluster username¶
To see your cluster username visit SIM (the link below will take you to the page with your Hoffman2 Cluster account details):
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Request a new sponsor¶
To request a new sponsor, visit SIM and open a support ticket by clicking on the Support link in the upper right corner of the webpage:
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Change your email address¶
To set your preferred email address for Hoffman2 Cluster correspondence, please update your profile on SIM (the link below will take you to the account profile page where your email address can be updated):
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Request membership to a secondary Unix group¶
To request access to a secondary Unix group, e.g. gaussian, please make a request on SIM (the link below will take you to the page with your Hoffman2 Cluster account details):
Note
If the secondary Unix group you are trying to join is not requestable under your SIM account, you will need to request access via our helpdesk
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Sponsors - managing your group¶
Warning
All operations relative to managing accounts and resources in your group (such as approving new users, renew expired accounts etc.) are performed on System Identity Manager, SIM, you will NOT be notified by email messages when a new user is requesting your sponsorship or access to your resources, you will therefore need to periodically visit your account on SIM.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Sponsor responsibilities¶
As a Hoffman2 Cluster sponsor you are expected to manage the authorization to use the cluster of the various user accounts you have sponsored (and which constitute your Hoffman2 group).
A Hoffman2 Cluster sponsor is required to:
Approve or deny new user requests on SIM
Approve or deny user renewals on SIM
Supervise your sponsored users use of Hoffman2 Cluster computational resources
Keep your email address current on your SIM account profile
Respond promptly to messages from the Hoffman2 Cluster administrators (e.g., in case of suspected unauthorized access)
Communicate to the Hoffman2 Cluster administrators if you no longer wish or qualify to be a sponsor
Manage your group and your resources on SIM (you have the option of assign a delegate to carry on account related functions)
Update the sponsorship SIM page if you no longer wish to sponsor a particular person’s account
Update us if a sponsored user is no longer eligible (e.g., if a student graduates and leaves UCLA)
Tip
If you have any account related problems or questions, contact us at: accounts@idre.ucla.edu (please set your email client to accept or whitelist email from accounts@idre.ucla.edu).
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.
Managing your users¶
Warning
You will NOT be notified by email messages when a user is requesting your sponsorship or access to your resources, you will therefore need to periodically visit your account on SIM.
Appointing a delegate¶
You can Appoint a delegate to approve and renew cluster accounts on your behalf by navigating to the Resources page of SIM
New user¶
You and any appointed delegate can approve or deny new account requests by vising SIM. SIM does not send notifications, accordingly you may want to check SIM for new account requests.
User renewal¶
Each year on, or near the date of the original account application, user accounts need to be renewed to ensure continuation of services. You and any delegate can check on SIM the status of user renewals.
Expired user¶
If an account is not renewed, it expires. When an account has expired, the Accounts Administrator may contact you about the disposition of the account and its files. If you agree, the account will be disabled and the user will no longer be able to login or use Hoffman2 Cluster services.
Note
Respond to inquires regarding expired accounts to prevent user termination and/or manage user data.
Deleted user¶
An account which has been disabled for six months will be deleted. Both the account and all $HOME and $SCRATCH files owned by that account will be removed from the system. Ownership of the user directory in purchased storage will be reassigned to you or your delegate.
Note
Be aware that disabled accounts will be deleted after six months.
Questions or comments? Visit our support online help desk at: https://support.idre.ucla.edu.