Installing Globus Connect Personal
Once you have a Globus account for your Stanford identity, you may begin to configure Globus Connect personal. This downloading and installing the Globus Connect Personal software, performing initial setup, and configuring both the software and your new collection.
Admin Access Required
You will need administrative access to your machine in order to install Globus Connect Personal. If you do not normally have access to install software, talk to your IT contact before you proceed.
Network Access Required
Globus Connect Personal needs to be able to make outbound Internet connections. If Globus Connect Personal reports problems connecting, talk to your IT contact. Connections must be allowed out to 126.96.36.199/29 port 2223 (for control traffic), and to any Internet host on TCP and UDP ports 50000-51000 (for data transfer). Connections must also be allowed to AWS S3 on TCP port 443 (HTTPS), for the new version check to succeed.
Install Globus Connect Personal
Globus have written a set of detailed installation guides explaining how to install Globus Connect Personal:
Only Mac OS X 10.7 and later versions are supported, on Intel CPUs only.
A recent version of Windows is required. If your version of Windows no longer receives patches from Microsoft, Globus Connect Personal may not work.
A recent Linux distribution is required. Supported distributions include CentOS, Debian, Fedora, Linux Mint, openSUSE, Red Hat, and Ubuntu. If the distributor has End-Of-Lifed your distribution, Globus Connect Personal may not work. To use the GUI frontend to Globus Connect Personal, Tcl/Tk must be installed.
The instructions linked above will walk you through downloading Globus Connect Personal, installing it, and creating a collection representing your local machine.
Unexpected Login Prompt?
As part of the setup process, a web browser will be launched and you will be asked to log in to Globus. If you did not expect this, go back to the top of this page and look at the links in the first paragraph.
High Assurance Endpoints
At this time, Stanford does not have the Globus subscription needed to support High Risk data. So, please leave the high assurance option off for now, and do not install Globus Connect Personal on a system containing High Risk data.
Configure your Endpoint
At the end of the setup, you were shown a Setup Successful screen, with a link to “show collection details”. Click on that link.
When you click on the link, you will be taken to your collection’s information page. The only things filled in will be the name and (optionally) the description you entered during initial setup, as well as your Globus identity (as the owner of the collection).
Most of the fields are empty, and a few should be filled in. Click on the Edit Attributes button, and make the following changes:
Change the Contact E-mail to be your email address.
Change the Organization to
Stanford University, and change the Department to be the name of your Group (such as your Lab), your Department, or your School.
If your machine has access to Moderate Risk data, Force encryption must be set to
Yes. Otherwise, the setting is is optional.
Once you save changes, then configuration is complete! Congratulations!
At this time, your Globus Connect Personal collection is configured to provide access only to you, and only to files that live in your home directory.
If you would like Globus Connect Personal to access other parts of your system, read on. If you would like to give other people access to files on your machine, first give Globus Connect Personal access to those directories, and then enable Globus Plus.
Add Allowed Paths
When Globus wants to perform an operation on your system (such as a write, or listing the contents of a directory), two security checks are performed:
The user running Globus Connect Personal must be allowed to perform the operation. This check is enforced by the OS, and cannot be changed by Globus.
Globus Connect Personal must allow access to the directory.
To change the list of allowed paths, click on the Globus toolbar (or menu bar) icon to bring up the Globus Connect Personal menu:
In the Globus Connect Personal menu, choose Preferences; when the Preferences window appears, go to the Access tab.
To allow access to additional directories, use the button to add an entry. Once added, use the Writeable box to give write access; if that box is not checked, the access will be read-only.
The Shareable checkbox is used to allow sharing for a directory. This feature is only available as part of Globus Plus.
To remove an entry, click on it to select the entry, and then click on the button to delete the entry.
Changes are immediate
Changes to access configuration take effect immediately. If you delete access to a directory that has a transfer in progress (or you disable write access to a directory being written to), the affected transfers will begin to fail.
Globus Connect Personal’s access configuration is Default-Deny: If a directory is not covered by at least one access rule, then it will not be accessible through Globus Connect Personal.
Conversely, if a directory is covered by multiple access rules, only the most-specific rule will apply. For example, let’s say you have three access rules:
In the above configuration, Globus will allow write access to all of the
directory, except for the
X directory, which will be kept read-only.
That’s it! You now have Globus Connect Personal fully configured. You can now make transfers from—and, if your allowed write access, to—your collection!
If you would like to share files from your collection with other people, you should now proceed to enable Globus Plus.