This outlines how to take new membership and create their account in ACM's Active Directory domain as well as management of existing membership accounts.

membership-application-09-18-15.pdf
membership-application-09-18-15.odt

1. Have the applicant fill out a Membership Application form. If the form is not legible make the applicant fill out a new Membership Application.
2. Verify the form has been completed. In particular verify contact information and requested account name.

1. If the applicant is member of the National ACM, then the membership dues are waved. President/Treasurer/Vice President can collect the applicant's National ACM Membership number and sign off on the treasurer line. Todo: Determine a process to verify National ACM Membership.
2. If the applicant is not a member of the National ACM, then membership dues must be collected by President/Treasurer. The applicant must receive a receipt from the President/Treasurer. Once a receipt is issued, the President/Treasurer should sign off on the treasurer line. Collected membership dues must be recorded to the ledger/register. Don't forget to update the ledger.

1. Record physical membership application information into the ACM Membership sheet located in the ACM Google Drive.
2. From the ACM Membership sheet, process the new membership application as either a new membership or a renewal. For either account type, following the procedures listed below under Procedures.
3. Once the new membership application has been processed, sign off on the systems line to indicate the new membership application has been processed. Move the completed and signed membership application form to storage.

ACM Active Directory accounts are needed to log into any of the software systems provided for chapter member usage. The group membership of these accounts is used to track membership status as well as control access to specific systems and services.

Those wanting an account need to pay the ACM membership fee, do not process applications that have not been signed off on

Alumni, Defunct, NotPaid, Paid, Temp Note: If someone comes back to contribute and needs an account, flow is <NEW>,NotPaid,Defunct→Paid→Alumni. Note: Temp status is used for people who want temporary access. Cases include allocating accounts to professors to use cuda machine for class students. The goal of the Temp status is to remember they must be removed. Note: A defunct member is someone who has not paid for two years, the account has been deactivated and the member cannot access services.

<New>,NotPaid,Defunct → Paid (new membership or renewal)

Paid → NotPaid (person has not renewed membership at the end of the constitution specified grace period)

NotPaid → Defunct (1 term NotPaid accounts will decay at the end of the constitution specified grace period)

Defunct → <Deleted> (2 terms Defunct accounts will be deleted)

Paid,NotPaid,Defunct → Alumni (opt in renewal case for graduated members, Alumni status ignored after creation)

Temp → <Deleted> (cleared at the end of the term unless requested otherwise)

System Administrators/President/Treasurer/Vice President Note: If the officers can solve a problem, they should NOT call in the system administrators.

1. This must be done with the member present. If the member is not present, see below.
2. Login to chopin (or any other system with samba-tools (Samba 4 or greater).
3. Assuming you have administrative rights (group membership in the main admins group or ACMOfficers), execute the command:

samba-tool user setpassword <username you are changing> -H ldaps://sambaad1.acm.cs -U<your username>@acm.cs

1. The member will enter their new password. This new password must match the password requirements for ACM accounts.
2. You will have to input your password to confirm the member password reset.

Password Reset for non-present Members Login to <username>@acm.cs.uic.edu. Navigate to the officers scripts /opt/acm-officers. Under /membership run the passwdReset.sh <username> <email>. This will send a temporary password to the target username.

To allow access to the Windows Server, but not sudo, only add Domain Admins. For full access add ACMLanAdmins

AD Groups List

A basic list of the current members and alumni members can be found on the ACM Website

If you need the list of current paid members for official purposes, the CSV generation script is currently located at: https://acm.cs.uic.edu/~walter/paidmembers-to-csv.php You must log in with you ACM user/pass combo and your account must be a members of ACMOfficers

The Apache Directory Studio LDAP Browser should be installed on every ACM workstation. It can also be used on any machine that is connected to the ACM network provided it is configured correct to connect to one of the LDAP servers.

https://wiki.samba.org/index.php/Installing_RSAT_on_Windows_for_AD_Management