A. Name: Policy on the Duration of PennNames
B. Number: 2005mmdd-pennnames-duration
C. Author: M. Muth (ISC Networking)
[ ] proposed [ ] under review [X] approved [ ] rejected [ ] obsolete
E. Date proposed: 2004-12-15
F. Date revised: N/A
G. Date approved: 2005-11-28
H. Effective date: 2005-12-06
II. Authority and Responsibility
Information Systems and Computing has custodial responsibilty
and accountability for the University of Pennsylvania's PennNames
service which is integral to the operation
of the Penn-wide user namespace.
III. Executive Summary
This policy specifies the duration of PennNames, and the
under which ownership may be transferred.
The purpose of this policy is to specify the terms under which
are associated with a particular member of the Penn community over time
across organizations. This policy also specifies a process under which
organizational sponsorship and user association may be
V. Risk of Non-compliance
If PennNames are not handled in compliance with this policy,
access to systems, applications, and/or data may occur and access to
University-wide services may fail or be impaired, potentially resulting
in inconvenience to end users.
- The set of all usernames that could be assigned to users of
or services, in which those usernames are unique.
- A PennName is a username which is unique to each
individual at Penn. It may be used on multiple systems at Penn for that
individual's accounts. Association between an individual and the
PennName is maintained using the PennNames service (see References,
below). A PennName may also be a reserved name which is not
explicitly tied to a particular individual. These are often used for
mailing lists, aliases, or accounts not tied to a particular person
- PennNames is a service to support migration to and
maintenance of a common University namespace. It consists of a
database, a set of system administrator tools, and basic policies.
- PennName sponsor
- This is a school, center or service that uses
PennNames to register its use of a PennName for a service or system. A
particular PennName may have multiple sponsors if an individual has (or
had) access to multiple systems or services at Penn (see References,
below), or if multiple systems have role accounts or mailing lists by
the same name.
- Penn ID
- A unique eight-digit number issued to Penn and UPHS
affiliates. University offices frequently require a Penn ID
as a unique ID, similar to employee ID number. PennCard holders will
Penn ID printed on their PennCard -- it is the middle 8-digit sequence
of numbers. A Penn ID is generated when an
individual is added to Penn Community, either manually or via feeds from
SRS and Payroll systems.
This policy covers change and transfer of PennNames.
VIII. Statement of policy
- The PennName will be associated with an individual indefinitely,
regardless of the following events:
unless the PennName is transferred, as
- the username's removal from the sponsor's system(s); or
- the individual's separation from Penn, whether through
graduation, retirement, resignation, termination or death
- Individuals may change their PennName under the following
In such cases, the former PennName
is not available for reuse, except in the case of transfer,
per Statement of
Policy number 3.
- legal name change;
- PennName deemed offensive;
- typographical, technical, or administrative error discovered
within 1 business week of creation, as long as the PennName only has
been used in ways that can easily be undone (e.g. accounts can be
renamed, but publication of an email address cannot be reversed);
- harrassment; or
- transfer of their PennName (see Statement of Policy number 3).
- If an individual or group wishes to be assigned a PennName already
in use or take a PennName out of circulation,
the following process may be used:
- The requester may contact his or her computing director.
- The requester's computing director may negotiate with the other
sponsor(s), and, where feasible, the current holder of the PennName, to
reach a resolution. The current holder may participate in the
negotiation, but does not have veto power. The University, as issuer and
owner of the PennName, is the governing authority during this process.
- For the purpose of transfer negotiations, the Information Security
Officer will act as the computing director responsible for PennKey
- If all are in agreement, the PennName may be transferred from
current holder to the requester or taken out of circulation.
- ISC must notify the current holder about the transfer, if the
transfer results in the deletion or renaming of the current holder's
authentication or authorization credentials for a sponsor's system or
service. The last known contact information will be used to attempt to
notify the holder of the transfer.
- If a PennName is changed or transferred, the transferring and
organizations must be responsible for removing any system,
data access authorized on the basis of that PennName.
- PennName changes will be reported to sponsors by ISC, so
authorization changes can be made.
- PennNames created prior to July, 2004 that do not have Penn IDs
associated with them by January 1, 2006 will be made available for
IX. Recommendations and Best Practices
- Local support providers (LSPs) should encourage users to select
PennName carefully, since opportunities for change are extremely
limited. In most cases, the PennName a user selects will become the
username for their Penn email account. LSPs should have users create
their PennKey before their school account, to encourage a standard
method for PennName selection.
- Transfer of a PennName should not be undertaken lightly, given the
resulting inconvenience to the former holder of the name.
- In certain cases transfer may be impossible, given the inability
of certain systems to rename accounts.
A. Verification: Verification of this policy will occur when
PennNames support staff process PennName change or transfer requests
the course of troubleshooting.
B. Notification: Notification of compliance issues will be
PennNames sponsors, associated LSPs and computing directors.
C. Remedy:New PennName change and transfer requests must
policy. Existing conflicts created prior to this policy should be
soon as possible. A server or service with many names out of
compliance may be
deemed non-PennNames compliant and therefore experience loss of or
access to University-wide services.
D. Financial Implications: The PennName sponsors and ISC
staff time costs associated with PennName changes and transfers.
E. Responsibility: Responsibility for complying with this
lies with PennName sponsors and ISC.
F. Time Frame: This policy is a formal statement of working
that has been in place since 1997 (see References, below). The first
step in a
PennName change (addition of sponsorship for a new PennName) that
policy can be done within 2 business days; completion of the change
of old sponsorships) is subject to the time frame determined by each
Transfer of a PennName that is already in use can take substantially
and is subject to the time frame determined by each sponsor.
G. Enforcement: Failure to comply with policy and with the
process will lead to denial of a PennName change or transfer
Appeals should be escalated within the affected organizations, for
resolution by the respective IT Directors. If the conflict cannot be
resolved, the IT Directors should present their cases in writing to the
Network Policy Committee (NPC). The NPC will recommend a resolution. If
either of the parties reject the NPC's recommendation, they should take
the issue up with the heads of their respective schools or centers. The
Vice President of Information Systems & Computing should be
consulted if further resolution is required.