NOAA GFDL - Geophysical Fluid Dynamics LaboratoryGFDL - Geophysical Fluid Dynamics Laboratory

Accounts & Passwords

All scientific users at GFDL are issued 3 accounts upon initial account creation. This includes a GFDL local Active Directory (AD) account, NOAA email account and a RDHPCS account. Each of these are completely separate from the other and are contained within their own domain.

The GFDL local Active Directory (AD) account is used for accessing GFDL specific hosts/devices,this includes some internal applications such as Service Desk.Your GFDL AD password does not expire once set, but you can still change or reset it at any time. Once you update your password it cannot be changed for 24 hours.

Your NOAA Email Messaging System (ICAM) password is a part of your NOAA email and Google account. This password will NEVER be used to access any devices. It is ONLY used for email and ICAM sites. This may help you determine which password to use when. If you are ever not sure about which password to use when authenticating into a service or host, try both your GFDL and NOAA account. The usernames should be the same. When changing your GFDL and NOAA passwords, you may choose to set them to be the same for convenience. That password will need to still meet the strength criteria for each domain. The NOAA ICAM passwords, technically, never needs to be changed.

Both your NOAA Email and ICAM accounts will need to be configured with Yubikey. Steps on how to do so can be found here:

RDHPCS utilizes YubiKey for authentication.  This is used to log into the R&D HPCS Super Computers. More Information can be found here: Configuring Yubikey for the NOAA RDHPCS

GFDL AD Password and PrivacyIDEA

Your Active Directory (AD) password is associated with your local GFDL account; additionally PrivacyIDEA is used to manage your YubiKey for GFDL-hosted services. This account is managed by Technical Services at the GFDL. If you want to change, reset, or unlock  this password, you can use https://passwords.gfdl.noaa.gov and click on Reset Password or Unlock Account. When prompted, you will need to enter your First.Last username, at which point instructions for resetting or unlocking your password will be automatically sent to your NOAA GMail account. If you incorrectly enter your CAC/PIV pin more than 3 times you will need to set up an appointment to have it unlocked. Please email oar.gfdl.help@noaa.gov for more instructions if this happens. For information on setting up your YubiKey with PrivacyIDEA to work at the GFDL, please refer to our documentation here:

Registering a token with PrivacyIDEA

ICAM Password

Your ICAM password is most closely associated with your GMail and G Suite account. This account is managed by NOAA directly, and not by the GFDL. If you wish to change your ICAM password or are enabling Multi-Factor Authentication during your initial setup, you can use https://passwords.gfdl.noaa.gov and then click the yellow Access ICAM button. Sign in with your First.Last and ICAM password and follow the instructions to change your password. If you have lost your ICAM password or believe that there is an issue with your account, please contact GFDL Operations (609-452-6560) or open a HelpDesk ticket by emailing oar.gfdl.help@noaa.gov.