Role "Angehörige Organisationseinheit" (member organizational unit)
The role ““Angehörige Organisationseinheit” (member organizational unit) can be assigned in many organizational units of RWTH Aachen University. Depending on the category of the organization, the role is used
- to register employees of an organization who cannot register in Identity Management via a coupon for employees (of RWTH or UKA), e.g. organizations in the category “C.11. An-Institute”
- for the registration of persons who require access to the university's IT services for their work related-needs (and were previously provided via the partner procedure).
Responsibility of the management of an organizational unit
The head of the organizational unit is always responsible for assigning permissions via IdM role management. They can manage permissions themselves via the “Verwaltung Rollen” (role administration) role or delegate the administration of permissions to one or more employees in their organizational unit by assigning the “Verwaltung Rollen” role to them, making them role administrators.
Who can a coupon be issued to for the role "Angehörige Organisationseinheit"?
The procedure for issuing and withdrawing the role is carried out by the respective organizational unit under its own responsibility. In particular, the respective organizational unit shall ensure that a suitable number of people have the role “Verwaltung Rollen” in order for it to be capable of acting at all times.
Associated Organizations(esp. Cat. C.11, C.12, C.15, C.16 and C.31)
The role is intended to grant employees with an employment contract at the respective organizational unit access to services of RWTH Aachen University. It is the responsibility of the respective organizational unit to assign the role only to authorized persons and to obtain the necessary consent for the data collected in the course of the procedure. The role must be withdrawn in a timely manner at the end of the contract. The coupon may only be issued directly to the person who is to be authorized. An appropriate level of security must be ensured for this communication.
RWTH Organizations (Cat. A.03, A.04, B.01)
This role is intended to enable external persons to access the IT services of RWTH Aachen University if they cannot be granted access via another relevant procedure (e.g. procedure for external teaching staff). This access must also be necessary in the context of their work for the organization. A corresponding check is carried out by the role administrator of the organizational unit. An example could be a service technician from a maintenance company or an external project partner. The procedure is only intended for natural persons. No functional accounts used by several persons and no device accounts may be created.
If you, as the person responsible, become aware of the improper use of an account created via the “Angehörige Organisationseinheit” role, you are obliged to revoke the role immediately and inform the IT-ServiceDesk.
Rights and responsibilities of People with the role "Angehörige Organisationseinheit"
Persons who have the role “Angehörige Organisationseinheit” at an organizational unit are entitled to use various services of RWTH Aachen University within the scope of their work-related needs. They may not pass on their role coupons, credentials and usage authorizations to third parties. Which services can be used depends in particular on the category of the respective organizational unit.
When redeeming the coupon, you will be asked to link it to any existing account so that you are not listed more than once in the Identity Management and to ensure that all relevant authorizations are combined in one virtual identity. This is the only way to ensure that you can make optimum use of the services relevant to you.
By redeeming the coupon, you undertake to comply with all relevant regulations, in particular the RWTH Aachen University Network Code of Conduct and those of the respective services you use.
Holding a role is regarded as a substitute for a signature in various systems. Accordingly, the assignment of a role is often equated with an authorization to sign.
Misuse and access that is no longer required
If you notice any misuse of your account by third parties, you are obliged to contact your organization's role administrator immediately so that they can take appropriate action.
As soon as you no longer need access, contact your organization's role administrator so that they can delete your account - this is also in your own interest to prevent misuse of your account.
Related content:
