When a user logs into the portal (or BMDB, ECAS, or any other EDRN application), the username and password are checked as follows:

  1. The user must exist in the IC LDAP server.
  2. The DMCC checks the password. If it's valid, the user's logged in.
  3. If it's invalid or expired, then the IC LDAP server checks the password.
  4. If it's valid, then the user's logged in. Otherwise, nope.

When Users Ask For Help Logging In

If a user needs help logging in and contacts the Informatics Center, we recommend handling that user as follows:

  1. Look up the user in the DMCC at the EDRN Secure Site (short link: http://edrn.me/T) and ensure the person still has a record. If not, you may wish to create and/or update the record in the IC LDAP, or inform the user that s/he is no longer welcome at EDRN.
  2. If the user does exist in the DMCC, ask the DMCC if the user's password has expired. Contact Rocyeann Malnik to find out.
  3. If Rocyeann replies yes, that the account is OK, point the user to the DMCC's forgotten password page.
  4. If Rocyeann answers no, that the account has expired or was deleted, you may:


The EDRN Portal has its own method of locking out failed login attempts. This is an NCI requirement. The other EDRN applications (BMDB, ECAS, etc.) do not have this feature.

On the Portal only, after 5 failed attempts, the username is locked out for 15 minutes.

You can manually reset the number of attempts for a username to zero on the Login Lockout Control Panel. To do so:

  1. Visit the Login Lockout Control Panel (short link: http://edrn.me/s9).
  2. Check the box by the username(s).
  3. At the bottom, click the button "Reset selected accounts".

The DMCC will treat a password as expired after some period of time (90 days, perhaps). This is separate from the Portal's lockout facility.

Setting IC Passwords

It's possible to set the password of a username in the IC LDAP server. This allows you to log in a username even if that username's DMCC-assigned password is invalid or has expired, or if the DMCC deleted the user. To do so:

  1. Visit the EDRN Informatics Center LDAP Control Panel (short link: http://edrn.me/j) and log in.
  2. Click the "Search" button on the left.
  3. In the "Search Filter" field, type anything like the following:
    • cn=Anna Herrington, to look for the common name (cn) "Anna Herrington".
    • cn=*Anna*, to look for any common name (cn) with "Anna" in it.
    • sn=Herring*, to look for any surname (sn) that starts with "Herring".
    • uid=aherrington, to look for the username (uid) "aherrington".
    • mail=*@jpl.nasa.gov, to look for any email address that ends with "@jpl.nasa.gov"
  4. Click the "Search" button below the form.
  5. Click on the "uid=USERNAME" link of the person you want.
  6. In the "Password" field, type a new password. To the right of the field, ensure "SHA" is selected from the list of password algorithms.
  7. Click "Update Object" at the bottom.

Forgotten Usernames and Passwords

If a user has forgotten his/her username, we can use the IC LDAP server's search feature to look it up. Use the steps above to search for a user by common name (cn), surname (sn), or other attributes. The username is the "uid" property, which you can communicate to the hapless user.

If the user has an EDRN Secure Site password assigned by the DMCC and knows his/her username, the best way to reset the forgotten password is to visit the Secure Web Site Forgotten Password Manager (short link: http://edrn.me/R6) and enter the username. Follow the instructions that then appear.

If the user doesn't have an EDRN Secure Site password assigned by the DMCC, you can assign a IC site password and communicate it to the user. See "Setting IC Passwords" above.

Changing Your Password

Once a user knows his/her password, it can be changed as follows:

For an EDRN Secure Site password controlled by the DMCC:
Visit the Secure Site Password Change Manager (short link: http://edrn.me/UP). Enter the username, old password, and new password twice, and click Submit.
For passwords in the IC LDAP server:
Log into the EDRN Portal. Click your name in the upper-right corner and choose "Preferences". Click the "Password" tab. Enter your current password and your new password twice, then click "Change Password".


The portal caches information, such as who is in what group, to speed things up. If you modify who's in a group or if a recently updated password doesn't take affect, try clearing the RAM cache in the Portal's application server. To do so:

  1. Visit the control panel for the application server that runs the Portal (short link: http://edrn.me/Yr).
  2. Click on the "RAMCache" tool.
  3. Click the "Statistics" tab.
  4. Check the box of each item listed on the left, then click the "Remove" button.

Note that if you see "Nothing is in the cache", then there is nothing to clear at this time.