CBDS

Introduction

This covers some tasks required for managing users and systems for CBDS.

Prerequisites

• Knowledge of managing users in Linux
• Knowledge of creating WUIT ServiceNow Catalog tickets
• Access to servers required to complete the tasks.
• Some tasks require CyberArk access in order to make changes to Active Directory (AD).
• [OPTIONAL] Knowledge of SAS Management Console

Servers

• CBDS Servers in biostats.wusm.wustl.edu domain

  • Supporting Systems

    Host Name	VIP	OS	Purpose
    arachne	10.27.32.10	Linux	CBDS HTTP, Request Tracker 5 server
    jackdaw	10.27.32.50	Linux	CBDS NAS server
    wubios	10.27.32.1	Linux	Legacy HTTP, SMTP, Sympa server

  • Saturn HPC Cluster

    Host Name	VIP	OS	Status	Purpose
    saturn	10.27.32.65	Linux	Online	CBDS HPC login node
    saturn1	10.27.32.75	Linux	Online	CBDS HPC compute node
    saturn2	10.27.32.76	Linux	Online	CBDS HPC compute node
    saturn3	10.27.32.77	Linux	Online	CBDS HPC compute node
    saturn4	10.27.32.78	Linux	Offline	CBDS HPC compute node
    saturn5	10.27.32.82	Linux	Offline	CBDS HPC compute node
    saturn6	10.27.32.83	Linux	Online	CBDS HPC compute node
    saturn7	10.27.32.93	Linux	Offline	CBDS HPC compute node
    saturn8	10.27.32.66	Linux	Offline	CBDS HPC compute node
    saturn9	10.27.32.67	Linux	Online	CBDS HPC compute node
    saturn10	10.27.32.68	Linux	Online	CBDS HPC compute node

Tasks

Create Student Home Directories

Before anyone can have a home directory, be added to an Analysis Account, or access the Saturn or Student clusters, their WUSTL Key must be active.  Stop now if they cannot send or receive email using their WUSTL Key.  Before you can log into either bullion or jackdaw you must be either on the WUSM VPN or on the WUSM campus network. 

1. Log into bullion.biostat.wusm.wustl.edu via SSH (e.g. PuTTy, terminal, WSL, PowerShell and SSH, or Command and SSH). Shown using PowerShell and SSH:
   
2. Execute “sudo newuser-bullion WUSTLKeyUserName” where “WUSTLKeyUserName” is the user’s WUSTL Key Account name. “WUSTLKeyUserName” is normally the same as the user’s name preceding the “@” in their email address, but this is not always true.
   
   • The important thing to note above is the “OK” status for each of the servers contacted. The list of server names will change over time.
   • We executed newuser-bullion for the username “testuser”, which does not exist at WUSTL. That is why this error is indicated towards the top: “chown: invalid user: ‘testuser:testuser’” . Report any errors to Systems Managers.

New Personnel

• Receives personal NAS share on Jackdaw.
• Normally needs to be added to Analysis (or Project) Accounts. These are just AD Groups.
  • Requires CyberArk and ADUC Access. Request through WUIT ServiceNow Service Catalog

Create Faculty and Staff Home Directories

1. Log into jackdaw.biostat.wusm.wustl.edu via SSH (e.g. PuTTy, terminal, WSL, PowerShell and SSH, or Command and SSH). Shown using PowerShell and SSH:
   
2. Execute “sudo newuser-sasaccess ” where “” is the user’s WUSTL Key Account name. “” is normally the same as the user’s name preceding the “@” in their email address, but this is not always true.
   
   • The important thing to note above is the “OK” status for each of the servers contacted. The list of server names will change over time.
   • We executed newuser-sas-access for the username “testuser”, which does not exist at WUSTL. That is why this error is indicated towards the top: “chown: invalid user: ‘testuser:testuser’” . Report any errors to Systems Managers.

Create new Analysis (or Project) Account

• Requires CyberArk and ADUC Access
  • Request through WUIT ServiceNow Service Catalog
• May only be requested by PI, management, or leadership.

  • Log into jackdaw.biostat.wusm.wustl.edu via SSH (e.g. PuTTy, terminal, WSL, SSH). Shown using WSL and SSH:
    

  • Execute “sudo newuser-analysis ProjectName” where “ProjectName” is the name of the Project as defined by the requestor.

  • The important thing to note in the output is the “OK” status for each of the servers contacted. The list of server names will change over time.

Map NAS shares

• UNC path is \jackdaw.biostat.wusm.wustl.edu\SHARE_NAME.

Request SAS

• Requires WUIT ServiceNow Service Catalog request and CC with approval for funding.

Request Tracker 5

---
title: Request Tracker 5 Network Diagram
config:
  useFullWidth: true
  theme: base
  themeVariables:
    primaryColor: #aaaaaa
    primaryTextColor: #000000
---
C4Dynamic

Boundary(b0,"WUSM Network") {
    Boundary(b2,"WUSTL", $lineColor="red") {
        Component(osmtp,"osmtp.wustl.edu","WUSTL SMTP Relay Server","128.252.112.54, 128.252.112.55", $bgColor="darkgray", $fontColor="black", $lineColor="black")
    }

    Boundary(b1,"Data Center") {
        System(arachne,"arachne.biostat.wusm.wustl.edu","10.27.32.10")
        System(wubios,"wubios.biostat.wusm.wustl.edu","10.27.32.1")
    }

    Component(ihttp,"https://biostat.wusm.wustl.edu/rt5", "Apache", "10.27.32.37")
}

Boundary(b3, "Internet") {
    Component(lb,"https://biostat.wustl.edu/rt5", "Load Balancer", "128.252.187.46")
    Component(smtp,"rt.biostat.wustl.edu","SMTP Server", "128.252.112.54, 128.252.112.5")
}

Rel(lb, arachne, "HTTP")
Rel(ihttp, arachne, "HTTP")

Rel(smtp, wubios, "SMTP: Receive")
BiRel(wubios, arachne, "SMTP")
Rel(wubios, osmtp, "SMTP: Send")