The password change pages have been moved to the new CERN Users Portal.

Account Types

Accounts have been categorized in three possible types: Primary, Secondary and Service accounts.

Primary Primary account
  • Main account for a person
  • Automatically created
Secondary Secondary account
  • Alternative account
  • Belongs to a person, cannot be re-assigned
  • No mailbox
  • Attached to a primary account
Service Service account
  • Represents a service
  • Assigned to a person, can be re-assigned
  • Can have its own mailbox
  • Attached to a primary account

OC5 Subsidiary Rules concerning accounts

The use of Primary Account, Secondary Account and Service Accounts is regulated by the OC5 Subsidiary Rules concerning "Identities, Authentication & Authorization" (IAA).
Before creating or using any account, please verify that your use is compatible with these OC5 Subsidiary Rules

Primary Accounts

The Primary Account is the main login for a person.
Each person at CERN has one and only one Primary Account, which is created automatically.
You are not allowed to create new Primary Accounts.

Secondary Accounts

A Secondary Account is an alternative login.
A Secondary Account could be, for example, a login for testing purposes, or an account with privileges (administrator account).
Secondary accounts are personal, i.e. once you create a Secondary account, you cannot re-assign it to someone else.
Secondary accounts have no mailbox. A secondary account will have by default an email address equal to the login name (e.g. mysec@cern.ch) and all mails sent to that address will be redirected to your primary account.
You can create up to 5 Secondary Accounts for yourself.
After you leave CERN, your Secondary Accounts will be disabled, and deleted after a grace period of 6 months.

Service Accounts

A Service Account is a login representing a service.
A Service Account could be, for example, a login for an application that needs to run with its own credentials.
Service accounts can be re-assigned, i.e. after you create a Service account, you can set someone else as the new owner of the account. Please note that Approval of the new owner is needed to complete the operation.
Service accounts can have a mailbox which is configured, by default, to forward all messages to the owner's primary account. Alternatively, you can configure it to reconfigure to a given address without going though a mailbox
You can create up to 20 Service Accounts for yourself.
Once you leave CERN, your Service Accounts will be automatically transferred to your Team Leader or Supervisor.

Created: 2/4/2025
Last reviewed: 2/4/2025
Tools:
Send the page Send  |  Printable version Print