07. MPIM Overview Presentation

advertisement
Market Participant Identity
Management Overview (MPIM)
Role of Account Management at ERCOT
Introduction
Welcome to Texas Market Link (TML)
Market Participant Identity Management
(MPIM)
The following slides provide a tour of the new MPIM application to familiarize
you with managing your USA certificate and your users certificates. It should
be used as a compliment to the Introduction and Use of Market Participant
Identity Management (MPIM) and Digital Certificates document.
This tour will explain:
–
–
–
–
The User Interface (UI)
Business functions allowed by the system
When to expect Market Participant communications
Contact information for Help
MPIM OVERVIEW
Page 2
Overview Objectives
This overview presentation provides how to:
Access MPIM
Receive your ERCOT Digital Certificate (DC)
Create a new MP User
Create DC for MP User
Modify a current MP User’s information and Roles
Terminate and remove all access for a MP User
Add or revoke a MP User’s certificate
Run different reports for your entity
MPIM OVERVIEW
Page 3
Current vs. New Digital Certificate Functionality
Before Implementation
After Implementation
Digital Certificates (DC) were shipped via Fed
Ex in 5 – 6 business days from ERCOT
authorization.
Receive two emails one containing the URL and
the other containing the password. DC can then
be picked up the same day they are authorized.
MP USA could not revoke DC
MP USA has the ability to revoke DC, with the
exception of another MP USA.
The MP USA would access the TML to request
User DC.
The MP USA will access MPIM via TML link to
request User DC.
The MP USA had the ability to have a
centralized mailbox for all DC.
Digital Certificates will now be delivered to each
user’s email address for their DC.
The MP USA managed all User DC renewals.
Individual User can manage their own DC
renewal.
No reporting functions.
MP USA can now run reports for their entity.
MPIM OVERVIEW
Page 4
Overview Topics
• Receiving your MP USA Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 5
Receiving a Digital Certificate
Once ERCOT has received a Market Participant’s
Application or Notice of Change of Information form
(NCI), then ERCOT will begin the process of issuing
the Digital Certificate (DC) for the MP USA(s) upon ERCOT authorization.
ERCOT USA will then enroll the new USA(s) via the Market Participant
Identity Management (MPIM) system.
MPIM OVERVIEW
Page 6
Receiving a Digital Certificate (cont’d)
After ERCOT USA has created an MP USA Account, the MP USA will receive an
informational email notification from MPIM similar to the one below.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: <Type> Creation <User (First Name Last Name)>
Dear <User (First Name Last Name)>,
Your account has successfully been created. Please contact your requestor <Requestor (First name Last
Name)>, regarding the information for your account.
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
At this point, the MP USA does not have a Digital Certificate.
MPIM OVERVIEW
Page 7
Receiving a Digital Certificate (cont’d)
Upon authorization the ERCOT USA will then grant the MP USA a DC. Two
notifications will be sent to the MP USA; one email containing a certificate URL link
and ...
Email containing certificate URL
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: Certificate Pickup URL<User (First Name Last Name)>
Dear <User (First Name Last Name)>,
Your VeriSign Digital Certificate has been requested. Please contact your requestor <Requestor (First Name
Last Name)> for the next steps to download your digital certificate.
Certificate URL: <Certificate URL>
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
MPIM OVERVIEW
Page 8
Receiving a Digital Certificate (cont’d)
… another containing a certificate password.
Email containing certificate password
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: Certificate Pickup <User (First Name Last Name)>
Dear <User (First Name Last Name)>,
Your VeriSign Digital Certificate has been requested. Please contact your <Requestor (First Name Last Name)> for
the next steps to download your digital certificate.
Certificate URL Password: <Random generated password>
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
•A one time use password for ERCOT Digital Certificate is valid for 5 Days.
•On day 6, MP USA will have to contact ERCOT Client Services at (512) 248-3900.
MPIM OVERVIEW
Page 9
Receiving a Digital Certificate (cont’d)
To download new DC, MP USA will contact ERCOT Client Services for
their Username / Employee ID. Next click on the URL in the email and
the ERCOT Digital Certificate (EDC) page will load. Using the
Password from the email, the Employee ID from ERCOT Client
Services and the DUNS number, fill out the login screen and download
the certificate.
MPIM OVERVIEW
Page 10
Receiving a Digital Certificate – EDC
Click Yes
MPIM OVERVIEW
Page 11
Receiving a Digital Certificate – EDC (cont’d)
Click OK
MPIM OVERVIEW
Page 12
Receiving a Digital Certificate – EDC (cont’d)
Do not close browser during download!
MPIM OVERVIEW
Page 13
Receiving a Digital Certificate – EDC
Click Yes
At this point, your Digital Certificate has been downloaded.
MPIM OVERVIEW
Page 14
Overview Topics
• Receiving your MP USA Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 15
Accessing MPIM
• Only users that have completed the mandatory paperwork and are in
compliance with ERCOT Protocols, “User Security Administrator and
Digital Certificates” regarding User Security Administrators (USA), will
be granted access to MPIM.
• Each Market Participant must appoint a USA and has the option to
register a Secondary USA. A Secondary USA is encouraged because
they will prevent the loss of ERCOT resource functionality in the event
the Primary USA is unavailable or leaves.
• Once the MP USA has been created in MPIM and receives their Digital
Certificate, they can access MPIM through a link on TML. Please note
that the MPIM system will eventually be accessed through the Nodal
Market Information System (MIS).
MPIM OVERVIEW
Page 16
Accessing MPIM as a MP USA
Navigate to the TML Portal by inserting the following URL in a browser
window: https://tml.ercot.com.
Once prompted, select a certificate that corresponds to the entity you
are managing, highlight the MP USA certificate, and click OK.
MPIM OVERVIEW
Page 17
Accessing MPIM - TML
Once in TML, click on the Identity Management link.
MPIM OVERVIEW
Page 18
Overview Topics
• Receiving your MP USA Digital Certificate
• Accessing MPIM
• Managing Users
–
–
–
–
–
–
Create User Accounts
Grant Certificates
Modify User Accounts
Terminate User Accounts
Run Reports
MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 19
Managing Users – Create MPIM User Account
MP USA clicks on the Create link.
For more details to create MPIM User Account, please refer to Section 2.3 “Create MPIM
User Account” of the Introduction and Use of Market Participant Identity Management
(MPIM) and Digital Certificates document.
MPIM OVERVIEW
Page 20
Managing Users – Create MPIM User Account (cont’d)
MP USA fills out the required fields, assigns roles and clicks on the Submit
button. Note: The MP USA can select the Role Information link to learn which
applications/resources the MP User will access by receiving the role(s).
User’s Email Address
Adds a selected role
Removes a selected role
Adds all roles
Removes all roles
MPIM OVERVIEW
Page 21
Managing Users – Create MPIM User Account
After the MP User account is successfully created, the following e-mail is
generated and sent to the MP User. The notification is sent to the e-mail
address provided during account creation.
======================================================================
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: User Creation <User First Name User Last Name>
Dear <User (First Name Last Name)>,
Your account has successfully been created. Please contact your USA, <Requestor
(First name Last Name)>, regarding the information for your account.
If you have a question related to this email, please contact the ERCOT Helpdesk at
(512) 248-6800.
Thank you,
MPIM Administrator
MPIM OVERVIEW
Page 22
Managing Users – Create Application Programming
Interface (API) MPIM User Account
In order to create an API account within the MPIM system, the MP USA
will start at the MPIM Manage User screen.
For more details to create MPIM API Account, please refer to Section 2.4 “Create
Application Programming Interface (API) MPIM Account” of the Introduction and Use of
Market Participant Identity Management (MPIM) and Digital Certificates document.
MPIM OVERVIEW
Page 23
Managing Users – Create Application Programming
Interface (API) MPIM User Account (cont’d)
MP USA checks the API check box, fills out the required fields, assigns roles and
clicks on the Submit button.
Heselmeyer, Sarah
Email address of API server
manager
• The API_ text will be prepended to the employee ID when the request is submitted.
Employee ID should be the server or application name. EXAMPLES: API_SERVER_NAME or
API_APPLICATION_NAME (min 4/max 19 characters)
• First Name, Last Name and e-mail address should the contact information for the server/application
owner.
MPIM OVERVIEW
Page 24
Managing Users – Create Application Programming
Interface (API) MPIM User Account (cont’d)
After the API/MP User account is successfully created, the following e-mail is
generated and sent to the User. The notification is sent to the e-mail address provided
during account creation.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: User Creation <User First Name User Last Name>
Dear <User (First Name Last Name)>,
Your account has successfully been created. Please contact your USA,
<Requestor (First name Last Name)>, regarding the information for your
account.
If you have a question related to this email, please contact the ERCOT
Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
MPIM OVERVIEW
Page 25
Overview Topics
• Receiving your MP USA Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 26
Managing Users – Creating User Certificate in
MPIM
After user account is created the MP USA is ready to create the associated users
DC. MP USA clicks on the Certificates link.
For more details to create MPIM User and API Digital Certificates, please refer to
Section 2.6.1 “Creating User Certificate” in the Introduction and Use of Market
Participant Identity Management (MPIM) and Digital Certificates document.
MPIM OVERVIEW
Page 27
Managing Users – Creating User Certificate in MPIM
(cont’d)
MP USA enters search parameters for a User (employee id, first name, or last
name). MP USA clicks the Search button.
MPIM OVERVIEW
Page 28
Managing Users – Creating User Certificate in
MPIM (cont’d)
MP USA checks the boxes of the User(s) for whom certificates should be generated.
MP USA clicks the Submit button.
•
•
•
•
Multiple users can be granted certificates.
After the certificate is granted, the user must download the certificate before it will be considered Valid.
Certificates in any status but Valid or Revoking will appear on the Request Certificates page.
Certificates in Valid or Revoking status will appear on the Revoke Certificate page when the radio button
is selected.
MPIM OVERVIEW
Page 29
Managing Users – Creating User Certificate in
MPIM (cont’d)
The MP User receives the following two e-mails with information on how to retrieve their Digital
Certificate.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: Certificate Pickup <User (First Name Last Name)>
Dear <User (First Name Last Name)>,
Your VeriSign Digital Certificate has been requested. Please contact your requestor <Requestor (First Name Last
Name)> for the next steps to download your digital certificate.
Certificate URL Password: <Random generated password>
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: Certificate Pickup URL<User (First Name Last Name)>
Dear <User (First Name Last Name)>,
Your VeriSign Digital Certificate has been requested. Please contact your requestor <Requestor (First Name Last
Name)> for the next steps to download your digital certificate.
Certificate URL: <Certificate URL>
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
•A one time use password for Digital Certificate is valid for 5 Days.
•On day 6, the User will have to contact their MP USA. MP USA will re-issue certificate for the User.
•User will contact MP USA for their Employee ID.
MPIM OVERVIEW
Page 30
Overview Topics
• Receiving your MP USA Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 31
Managing Users – Modifying a User and API MPIM
Account with Roles
MP USA clicks on the Modify link.
For more details to Modify MPIM User, please refer to Section 2.5 “Modifying an
User and API MPIM Account with Roles” in the Introduction and Use of Market
Participant Identity Management (MPIM) and Digital Certificates document.
MPIM OVERVIEW
Page 32
Managing Users – Modifying a User and API
MPIM Account with Roles (cont’d)
MP USA enters search parameters for a User (employee id, first name,
or last name). MP USA clicks the Search button.
MPIM OVERVIEW
Page 33
Managing Users – Modifying a User and API
MPIM Account with Roles (cont’d)
MP USA selects a User.
MP USA clicks on the Submit button.
MPIM OVERVIEW
Page 34
Managing Users – Modifying a User and API
MPIM Account with Roles (cont’d)
MP USA modifies the required fields if needed.
If a change is made to your First/Last Name or Email address through a
modification, the MP USA must then revoke and reissue a new certificate through
MPIM. This will update any new changes on the Digital Certificate.
MPIM OVERVIEW
Page 35
Managing Users – Modifying a User and API
MPIM Account with Roles (cont’d)
After the user account is successfully modified, the following e-mail will be
sent to the User.
**NOTE**: The assignment of roles may generate additional e-mails.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: user@ercot.com
Cc:
Subject: MPIM Notification: User Modified <User (First Name Last
Name)>
Dear <User (First Name Last Name)>,
Your account has successfully been modified. Please contact your USA,
<Requestor (First name Last Name)>, regarding the information for your
account.
If you have a question related to this email, please contact the ERCOT
Helpdesk at 512-248-6800.
Thank you,
MPIM Administrator
MPIM OVERVIEW
Page 36
Overview Topics
• Receiving your Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 37
Managing Users – Terminating a MPIM User
Account
MP USA clicks on the Terminate link.
For more details to Terminate MPIM User Digital Certificates, please refer to
Section 2.7 “Terminating a MPIM User Account” in the Introduction and Use of
Market Participant Identity Management (MPIM) and Digital Certificates
document.
MPIM OVERVIEW
Page 38
Managing Users – Terminating a MPIM User
Account (cont’d)
MP USA enters search parameters for a User (employee id, first name,
or last name). MP USA clicks the Search button.
MPIM OVERVIEW
Page 39
Managing Users – Terminating a MPIM User
Account (cont’d)
MP USA checks the boxes of the User(s) they would like to terminate.
MP USA clicks on the Submit button.
**NOTE**: Terminating a user will remove the user from the MPIM system and
also revoke the user’s certificate and roles.
**NOTE**: Once a user is Terminated, the account cannot be reactivated. A new
account will need to be created for the User with a new Employee ID.
MPIM OVERVIEW
Page 40
Managing Users – Terminating a MPIM User
Account (cont’d)
MPIM sends a revoke certificate email to the MP USA.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: requestor@ercot.com
Cc:
Subject: MPIM Notification: Certificate Revoked <User (First Name Last Name)>
Dear <Requestor (First Name Last Name)>,
The certificate belonging to <User (First Name Last Name)> has successfully been revoked.
If you have a question related to this email, then please contact the ERCOT Helpdesk (512) 248-6800.
Thank you,
MPIM Administrator
MPIM sends a successful notification to the MP USA.
From: helpdesk@ercot.com
Date: 10/01/2007 12:00 PM
To: requestor@ercot.com
Cc:
Subject: MPIM Notification: User Disabled <User (First Name Last Name)>
Dear <Requestor (First Name Last Name)>,
The account belonging to <User (First Name Last Name)> has successfully been disabled. If the User had any
resource accounts and/or certificates, then those accounts and certificates have also been successfully revoked.
If you have a question related to this email, then please contact the ERCOT Helpdesk at (512) 248-6800.
Thank you,
MPIM Administrator
MPIM OVERVIEW
Page 41
Overview Topics
• Receiving your Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 42
Managing Users – Reports
MP USA clicks on the Reports link.
For more details to Run Reports for MPIM User Digital Certificates, please refer
to Section 2.8 “Reporting” in the Introduction and Use of Market Participant
Identity Management (MPIM) and Digital Certificates document.
MPIM OVERVIEW
Page 43
Managing Users – Reports (cont’d)
MP USA clicks the link for the desired Report Type
• Each report can be viewed in three formats: on screen, csv, and pdf.
• Because some entities have many users, the reports may take longer than a few seconds
to load.
• Current Status Report will contain all Active Users for the Market Participant.
• Full Report will contain all users, including inactive users for the Market Participant.
MPIM OVERVIEW
Page 44
Managing Users – Reports (cont’d)
If your organization’s ERCOT registered unique identifier (DUNs number plus
four) contains 13 digits, it will appear in scientific notation. Also, if the unique
identifier begins with a zero; the leading zeros will be cut off. To correct this in the
downloaded MPIM reports, please follow the steps below.
• MP USA right clicks on desired Report Type and Save Target to desired
location.
• Open Excel and click on Data Tab
• Select Import External Data
• Click on Import Data
• Go to Desired File to be imported and click Open to import file
MPIM OVERVIEW
Page 45
Managing Users – Reports (cont’d)
•Text import wizard should appear, choose file type as Delimited
MPIM OVERVIEW
Page 46
Managing Users – Reports (cont’d)
• Select Delimiters as Tab and Comma then Click next
MPIM OVERVIEW
Page 47
Managing Users – Reports (cont’d)
• In Data Preview select third column in Column Data Format select Text then
click Next and Finish
MPIM OVERVIEW
Page 48
Managing Users – Reports (cont’d)
• Click ok to Import Data into Excel and Duns number should display correctly
MPIM OVERVIEW
Page 49
Managing Users – Summary Diagram
MP USA
Perform MP USA
duties
TML
Access MPIM
through TML using
an MP USA Digital
Cert.
MPIM MP
Note: The specific format of
each of these emails can be
found in the Introduction and
Use of Market Participant
Identity Management (MPIM)
and Digital Certificates
Document.
MP User
Notifications sent to MP User
from MPIM
Create – Grant
Roles
This diagram describes the
duties of an MP USA and
their relationship to the MP
User through MPIM. MPIM
will automatically generate
notifications to the MP
User’s email address.
MP User
Access applications
using Certificate
Email
confirming the
MP User is
created
Modify – Grant
Roles
Email
confirming the
MP User has
changed
Terminate
Email
confirming the
MP has been
terminated
Email
confirming the
MP User Cert
has been
revoked
Grant / Revoke
Certificate
Email with Cert
Password
Email with URL
Email
confirming the
MP User Cert
has been
revoked
Reports
MPIM OVERVIEW
Page 50
Overview Topics
• Receiving your Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 51
Managing Users – MPIM Errors
Below are examples of Error messages that may occur if the MP USA
does not enter all required fields in the MPIM tool.
• Each field in MPIM has
specific form edits that
confirm that the
information entered meets
requirements.
• Some fields have multiple
edits which can be
generated depending on
the information that is
entered.
MPIM OVERVIEW
Page 52
Managing Users - MPIM Errors (cont’d)
When MPIM does not complete a request because of connectivity or
configuration issues, an error notification is sent to the MP USA and to the
Helpdesk. The MP USA will need to contact the ERCOT Helpdesk for more
information.
MPIM OVERVIEW
Page 53
Overview Topics
• Receiving your Digital Certificate
• Accessing MPIM
• Managing Users
– Create User Accounts
– Grant Certificates
– Modify User Accounts
– Terminate User Accounts
– Run Reports
– MPIM Errors
• Losing MP USA access
• Reference Documents / Important Contact information
MPIM OVERVIEW
Page 54
Losing MP USA Access - Assignment
When Market Participant request NCI for changes to MP USA the ERCOT
USA will remove their USA role. The following email is received by the former
MP USA.
MPIM OVERVIEW
Page 55
Contacting ERCOT
• ERCOT Helpdesk – Technical Issues
– (512) 248-6800 option 3
– Send an email to helpdesk@ercot.com
– Contact the ERCOT Helpdesk with any technical issues. (The site
is giving me this error.)
• ERCOT Client Services – Business Issues
– (512) 248-3900
– Contact Client Services with any questions about business
processes. (How do I….?)
• NOTE: Only the MP USA should contact ERCOT in regards to
MPIM and Digital Certificate problems.
MPIM OVERVIEW
Page 56
Questions?
MPIM OVERVIEW
Page 57
Download