iCE project setup
Researchers/supporters can request a new iCE project by contact servicedesk@surf.nl. Each iCE project will get a Collaboration Organisation (CO) in SRAM and the iCE project lead (requestor of the iCE project) will be invited to the corresponding CO. Each project lead will get the role of an SRAM admin in their respective CO and will have the privileges to invite collaborators and organize them in groups in the SRAM portal for their CO.
In this Section, you will find details of how to manage membership as a CO admin as well as a regular iCE project member.
For CO administrators
As administrator you will be invited to an SRAM CO with admin privileges. In the instructions below we have used the iCE project name as ice-poc-surf (which is also the name of the CO). You will receive an email similar to the following:
After following the invitation instructions you will able to manage your Collaboration via the sram.surf.nl dashboard. If your institution is not listed (while following the invitation instructions), please contact your IT administrator and SURF heldesk (servicedesk@surf.nl)
Inviting a member to your CO
To invite a member to your collaboration click on the Members tab in your SRAM Collaboration. Then click on the Invite members button. In the Invitees field add one or more email accounts, select Regular user as the Role, and select one or more groups. Optionally, you can select a membership expiration date, an invitation message, and an invitation expiration date. After double checking the inserted information, click Invite. Please note that only a CO admin can perform this action.
Inviting an admin to your CO
As for the members invitation, to invite an admin to your collaboration click on the Admins tab in your SRAM Collaboration. Then click on the Add admin(s) button. In the Invitees field add one or more email accounts, select Admin as the Role, and select one or more groups. Optionally, you can select a membership expiration date, an invitation message, and an invitation expiration date. After double checking the inserted information, click Invite.
Adding a group to your CO
Groups are essential for the group management of your organisation in iCE. More about group management can be found on this page. To create a group click on the Groups tab inside your SRAM Collaboration and then click on the Create new group button. Add the name (beginning with 'ice'), the short name of the group, and (optionally) a description that will later help you remember its purpose, and then click Save. At present, group names require an 'ice' prefix, though this restriction will shortly be removed. Please note that only a CO admin has the ability to add groups.
Assign members to a group within a CO
To assign existing users to a group click on the Groups tab in your SRAM Collaboration and then click on the group you would like to assign members to. Then use the Search and select to add members bar to select the members you would like to add to the group. You can assign multiple members to multiple groups. Please note that only a CO admin can perform this action.
Removing a member from a CO
To remove a member from your collaboration click on the Members tab in your SRAM Collaboration. Then select the checkbox of one or more members and click on the Delete button that appears above the members list.
Important note: When a member is removed from your collaboration, the member is also removed from iCE. The ownership of the data owned by the removed member will be transferred to the admin group of your collaboration/project.
To login to iCE you will first need an SRAM (SURF Research Access Management) account.
For iCE project members (CO non-admin)
To have an SRAM account you need to be invited by your CO admin. When an admin of your collaboration invites you, you will receive the following email:
By following the instructions provided in the invitation email you will land in the following SRAM overview page:
Access credentials for your iCE project
To login to iCE you will need your SRAM username and a token as a password. You will find your SRAM username by clicking on your name and Profile in the top right corner of the SRAM dashboard page. Your username is the SRAM internal username.
To create a new token, click on the Tokens tab in your SRAM dashboard.
Click the button Create new token, and enter a name and (optionally) a description, and click the Save button.
Important note: For security, your newly created token is only visible until saving. Please copy the token before clicking the Save button or before closing the page.
Now that you have your username and token at hand, you are ready to login. You need access to a server which has the iRODS client (iCommands) installed (it is open source so you can install it also on your laptop). Please add the following configuration file under ~/.irods/irods_environment.json and change the irods_user_name value with your SRAM internal username and also the iCE project name. Please ensure that you:
- enter your iCE project name without any spaces or hyphens
- only alter the specified items (do not enter your PAM password in the authentication parameter)
{
"irods_client_server_negotiation": "request_server_negotiation",
"irods_encryption_algorithm": "AES-256-CBC",
"irods_encryption_key_size": 32,
"irods_encryption_num_hash_rounds": 16,
"irods_encryption_salt_size": 8,
"irods_host": "snow-icat.irods.surfsara.nl",
"irods_port": 1247,
"irods_user_name":"YOUR SRAM USERNAME HERE",
"irods_zone_name": "snow",
"irods_cwd": "/snow/home/ICE PROJECT NAME",
"irods_home": "/snow/home/ICE PROJECT NAME",
"irods_client_server_policy": "CS_NEG_REQUIRE",
"irods_ssl_certificate_chain_file":"/etc/pki/tls/certs//localhost_and_chain.crt",
"irods_ssl_dh_params_file":"/etc/irods/dhparams.pem",
"irods_ssl_verify_server": "none",
"irods_authentication_scheme": "pam_password"
}
Then run the following command to login:
$ iinit Enter your current PAM password: [YOUR SRAM TOKEN HERE] $
Congratulations! You are now connected to iCE!