The normal login for people in OCTO (and Admin, and a few others) is a Windows login to the Clinpharm domain which is controlled from the OCTO servers. This login is entirely separate from the logins provided by ITS (formerly known as OUCS) to control access to the wider university services. A few people in OCTO do not have active ITS accounts, but there are a number of instances in which they are necessary.
There are two types of ITS account, which use the same user name (typically DONCnnnn, unless you have worked elsewhere in the university in which case you retain your old user name), but have independent passwords and need to be set up separately:
The first is the SSO [Single Sign-On] account, also known as the Webauth account, or Nexus account. This account comes into existence when your university card is issued, and your university email address is created at the same time.
The second is the Remote Access account. It is necessary to have the SSO account set up before a Remote Access acount can be created alongside it.
New staff should receive a document from ITS with an activation code for an SSO account, but this is only valid for a month. If you do not have an active SSO account, I can enable it for you on request.
You will then receive from me a document with your login name, a "Rescue Code" and the url at which to use it. Follow through the (slightly tedious) process, which will require you to give your card number, name and date of birth, and the rescue code, then set a security question, then a (complex) password. This password expires after a year, and you will get reminder emails about it in good time, with a link to the place to change it.
Note that new staff may also receive login information from IMSU; this can be ignored, as OCTO does not use any IMSU facilities for end-users.
If you require a remote access account (most likely to use Eduroam), you must first have your SSO account set up.
This is done on the ITS Registration page, which will ask for your SSO login first. Find the link to set up a remote access account and follow the process through.
The password for the remote access account is separate from the SSO account, and ITS say it should be different; however, it doesn't expire every year like the SSO password, lasting five years instead.