...
- Are free for Lab employees & guestsaffiliates
- Are created only if requested
- Ideally, a new employee or someone in the new employee's department will request an account before a new employee's first day of work.
- Are usually created within 24 hours of being requested.
- Include:
- access to all Google Apps services available at LBL (e.g. Gmail, Calendar, Docs, Sites, etc.) See http://lbl.gov/google for more information.
- a Berkeley Lab email address, ("[email protected]"), that delivers to a Lab Gmail account with 25GB of free storage
- an LDAP username, that is used to sign in to many services at the Lab, including: Gmail, Google Docs, LETS, EH&S Training, etc.
...
The lab will no longer allow employees to retain accounts (including email) after termination unless those employees make arrangements to have a Lab employee sponsor their continued association as a an "guestaffiliate" at LBNL. It is possible to request email forwarding to a new address for up to one year.
...
Managing departing employees with a continuing relationship as guests an affiliate (though HR) is important because it ensures that an LBL employee is taking responsibility for their actions and business need. Remember that LDAP is not just email or collaboration access, it's access to ways to commit resources, buy things, and take responsibility for actions. For this reason LDAP must be managed more tightly then other systems, with strict rules about extensions. The rules about LDAP accounts (broadform institutional identity) are intentionally stricter then the baseline cyber security rules for scientific systems.
...
