Users

Users

From AT&T Support Wiki

Users
Jump to: navigation, search

Settings > Administration > Users __NUMBEREDHEADINGS__ A user is a person who can access the platform, run applications, and view or modify data, as specified by their privileges.

Contents

1. About Users

A User has a login identity, password, email address, and other descriptive attributes. That information is stored in a User record. You create such a record when you add a user.

The assignments made in the User record determine the user's privileges:

  • The Team a user belongs to determines which data is shared with other users.
  • A user's Access Profile specifies global privileges for viewing and modifying data that is available to them. It also specifies administrative privileges.
  • Application Access settings determine which applications the user can run, and which Roles they can assume in those applications.
  • A user's Role determines their ability to view and modify data for individual application Objects. If a user has multiple Roles available, they choose which one is in force at any given time.
Learn more: User, Team and Role Guidelines

2. Working with Users

File:Lock-tiny.gif

Users that have the User Management permission can add new users in the platform 
Learn More: Available Permissions

2.1 Add a User

To Add New Users:

  1. Click Settings > Administration > Users
  2. Click the [New User] button
  3. Fill in the User Settings.
    • Note that some fields are required.
    • See this information about selecting a User Name.
  4. Click [Save]
  5. In the Application Access page, specify the applications the user can access and the roles they can assume in those applications.

2.2 Edit a User

To Edit User Information:

  1. Click Settings > Administration > Users.
    The default view displays all Active Users. You can select another type of user, if required, from the Views icon.
  2. Click the Edit link next to the name of the user you want to edit.
  3. Modify the User Settings. Note that some fields are required.
  4. Click [Save]
  5. In the Application Access page, make changes to the list of applications the user can access and the roles they can assume in those applications.
  6. Optionally, choose one of the following actions:

File:notepad.png

Note: The ability to edit users is subject to the Permissions Hierarchy restrictions.

2.3 Reset a User Password

  1. Click Settings > Administration > Users
  2. Click the [Reset Password] button
  3. Use the Lookup to Select a User
  4. Click [Save].
    The user's password is reset and a temporary password is emailed to the user's email address.

File:notepad.png

Note:

  • The user is required to change the Password and verify the Security Question at Login.
  • Users who are recognized via the LDAP Configuration are not included in the list of users whose password can be reset. Such changes must be made in the LDAP directory.

2.4 Customer Support Login

A Service Provider's Customer support often needs to login to a tenant, so they can help with its configuration. The Customer Support Login lets them login as the admin user in the specified tenancy, to do that.

File:Lock-tiny.gif

Users that have the Customer Support Login Permission permission can Login by Proxy to a Tenant 

To Login by Proxy to a Tenant:

  1. Open the Tenants object
  2. Navigate to the Tenant of interest
  3. In the Quick Links section, click the Customer Support Login link to login as this user
    • This Login by Proxy is tracked in the Audit Log, and is visible to the user
  4. When the investigation is complete, click the Switch Back link to exit the Proxy Login and revert to your last login state

2.5 Proxy Login as this User

As an administrator responsible for a number of Users, it is often convenient to diagnose user issues by logging in via proxy. With this login, you gain full access to all actions available to the user. (Each action performed during a Proxy Login is audited and logged.)

File:Lock-tiny.gif

Users that have the Proxy Login Access permission can Login as another user to troubleshoot problems that may arise in a user's account 

When a Proxy Login is initiated, a dialog box opens to remind the user that a record of these actions will be created. The user can opt to continue or cancel the action.

To execute a proxy login
  1. Click Settings > Administration > Users
  2. Select a user
    If your role has the capability to do a proxy login, the [Proxy Login] button is visible.
  3. Click the [Proxy Login] button.
    A confirmation dialog appears.
  4. Click [OK]
  5. If this is a first-time login, you may need to answer a Security Question
    • The name of the user will appear on the screen, in place of your username
  6. Perform any necessary troubleshooting activities

File:notepad.png

Note: You can only login-by-proxy as a member of your team or one of its subteams, as specified by the Permissions Hierarchy restrictions.

To close a proxy login session
  1. Click the Switch Back link
  2. Confirm that your login name appears on the screen, which indicates that you have successfully closed the Proxy Login session

2.6 Manage Proxy Login Permissions

Grant Users the ability to Login as selected Users or a group of users in a Team.

File:Lock-tiny.gif

Users that have the Proxy Login Configuration permission can enable Proxy Login for users 

To enable the Proxy Login rights:

  1. Click Settings > Administration > Users
  2. Select the user of interest
  3. Click the [Proxy Login Permissions] button
    • By default, no Users or Teams are displayed
    • The Default Proxy Login settings grant this user Proxy Login rights to All Users and Teams
    • If Users or Teams are selected, then this user has Proxy Login rights to the selected Users/Teams, only
  4. Click the [Edit] button to modify the Default Proxy Login settings
  5. Choose the desired Users or Teams
  6. Click [Save]
Considerations
  • The User/Team relationship is additive, meaning that:
  • If a Team is selected, all Users on that team are available for Proxy Login by the selected user
  • If individual Users are selected, only those individual Users are available for Proxy Login by the selected user
  • If a Team is selected, and individual Users in that team are also selected, then the addition of those users makes no difference (because the Users are already members of the selected Team)
  • However, if those Users move to a new Team in the future, then this permission will apply to those Users in their new Team

2.7 Deactivate a User

When a user leaves your organization, you manage the change by Deactivating that user. That action frees up a License that can be applied to a new user, while preserving the former user's history of record ownership, activities, tasks, and so on. (The delete operation is not allowed, for reason.

File:thumbsup.gif

Tip: In a large organization, it is good practice to create a team to hold deactivated users.

To deactivate a user:

  1. Remove the user from all but one team - see Remove Team Members
  2. Deactivate the User
    • Click Settings > Administration > Users
    • Open the user record, and deselect (uncheck) the Active checkbox. (Verify that the Active checkbox is not checked).

This user is now deactivated, and the License is now free to assign to another user.

Tips
  • Deactivating a user will not change your Subscription Plan
  • To change the number of licenses in your subscription, modify your Subscription Plan

See also: Customize the Users Object

3. User Settings

File:notepad.png

Note:

  • Empty fields are not shown when viewing user settings. They appear only when editing.
  • For a user who is recognized via LDAP Configuration, only the user's Team membership, initial Application, and application Role can be changed. All other information comes from the LDAP directory, where it can be modified.

3.1 Basic Information

First Name The first name of the user
Last Name The last name of the user
Company The company where the user is employed
Title The professional title of the user
User License Type License Type; choose Site User or Platform User
(This option appears only in a tenant-management domain.)
Reports To The person on your team to whom this new user reports to
Access Profile Select an Access Profile from the lookup window
Employee Number The user's work or sales territory and employee number; if a user supports multiple territories, include each territory, separated by commas

3.2 Locale Information

Time Zone Time Zone, based on Time Zone Codes
Date Format Choose a Date Format from the drop-down list.

3.3 Login Information

Email The email address to use for sending and receiving email through the platform
Username Username is a unique name associated with each User. Username is required to Login, can be an email address or an alphanumeric text string.
Active Makes this User's account active
Single Sign-On

If Single Sign-On is enabled, one of the following options is displayed, depending on the configuration:

  • Single Sign-On - Pass Thru
Supply address information for a custom authentication server.
  • Single Sign-On - Delegated Authentication
  • Checkbox
  • If checked, Single Sign-on is enabled for this user
  • Single Sign-On - SAML
  • Either a Federation Id or platform User Id field is displayed.
  • If blank, Single Sign-on is disabled for this user
  • Enter a value to enable Single Sign-On for this user
  • UserId is the Record Id of the user that is logged in
  • Federated Identity acts as a user's authentication across multiple IT systems or organizations

3.4 Team Membership Information

Primary Team Each user must be assigned to a Primary Team
  • When a user is assigned to a Primary Team, any previous primary team assignment is replaced

3.5 Address and Contact Information

Phone The user's telephone number, including area code
Mobile Phone The user's mobile phone number, including area code
Fax The user's fax number, including area code
Street Address The user's street address
City The user's city
State The user's state or province
Postal/Zip Code The user's postal or zip code
Country The user's country
Receive Newsletter Get emailed newsletters from the company, whenever they are sent
Send Welcome & Login Information by Email Notify the user by email of changes in their account

When a User is added, the record remains in the database, and the tasks and activities associated with that user are tracked in the Audit log.

3.6 For Developers

When using the REST API to Add a User, the password is optional, and not required. Password policies are implicit and are applied automatically when a new user record is created.

Learn more: Add a User (Record)
Personal tools