GUMS is a "grid identity mapping service". It replaces the Globus grid-mapfile and it will map users (as described by their X509 certificate distinguished names, plus perhaps a VOMS role) to a user. It can obtains lists of users from an LDAP server, a VOMS server, or from manual configuration. It completely replaces the Globus grid-mapfile. In order to do so, a callout from Globus must be used. In the VDT, we provide PRIMA for this purpose.