MAINTAIN USER PROFILES#
The Maintain User Profiles (IMUS) screen is where you set up user profiles for professional, candidate, Employee Self Service users. All users when you created them in IMUS are also created at the database.
When a new USER is created/added, the initial password is assigned according to the rules on the IMAR form.
once a new user is added to the system, it cannot be deleted from within the application. User profiles are stamped on every record in the system when new records are added (CREATE_USER) or existing records are modified (CHANGE_USER). Even if the new user has not accessed the system, they cannot be deleted via the application.If a user is also an employee in this database, hire the employee first before adding them as a user as this will save an extra step. There is not a requirement for the user to be in the database as an employee but if they are, please note that there will be a limit on some extra features.
For example, the choice of working language in the application will be limited to English (US).
When a user signs in they will be checked to ensure that the userid and password are in sync and that the system date is between the supplied start date and end date. Once this is complete, if a Person code is tied to this user then the language preference will be picked up as set on the (IEPI) screen and applied to the sign in.
The application will cascade through the provided languages in order to supply an appropriate wording should the language specified not be available. This process will also set the country code used with a language for English to determine if the language will be either Canadian or US spelling and naming conventions.
You may select a user already in the system by scrolling through the following fields.
- User
- Description
On this screen you will set up all the users that will need to have access to the system. The Start Date defaults to today's date. Set the toggles settings for Create Allowed, Retrieve Allowed, Update Allowed and Delete Allowed.
The definition data for the Maintain User Profiles screen is stored in the P2K_AM_USERS, P2K_AM_EXECUTION_RIGHTS,P2K_AM_PREFERENCE_VALUES, P2K_AM_USER_ROLES, P2K_AM_ACCESSORS, P2K_AM_ACCESSOR_DETAILS and P2K_HR_IDENTITIES table.
- User
- This field provides the user's identification in the system.
- Description
- This field provides a description of the user; in many instances, this will be the user's full name.
- The user's email address is identified in this field. Many times this field will default in once you complete the Person Code field.
- Person Code
- This field provides the user's identity record.
- Name
- The user's full name will be provided in this field.
- Create/Retrieve/Update/Delete Allowed
- These toggles identify the exact execution rights the user has to the function.
Old System Access Information #
This area provides information regarding the user’s access to the application's legacy system.- Access Start Date /Access End Date
- These fields indicate the dates the user has/had access to the system.
- Last Access On
- The last date the user accessed the system will be displayed here.
- Logins to Date
- The current number of logins the user has made will be displayed here.
- Password Changed By
- If the user’s password has been changed, this field will indicate who changed the password.
- Password Changed On
- The date the password was changed will be displayed in this field.
Execution Rights tab#
If the user has full CRUD, you may further refine or restrict their access to individual aspects of the system. The level of access for a specific function may be controlled through the Execution Rights tab and the bottom of the screen, via a role or through the (IMER) screen. Adding of execution rights for a single or series of users should be an exception and not normal procedure.
- Function
- This field displays the function the user has execution rights to.
- Create/Retrieve/Update/Delete Allowed
- These toggles identify the exact execution rights the user has to the function.
Preferences tab#
If there are special preferences you wish to assign to a user they would get added to this tab.
- Preference
- This field will provide a drop down list where there user may select the preference code they wish to add.
- Priority
- Each preference added may be given a processing priority to determine which preference should be read first by the system.
- Value
- The appropriate value for the preference is indicated here.
Roles tab#
This section identifies all the roles assign to the user. The practice of adding roles should be employed to allow multiple or successive users with simple maintenance to duplicate for another user.Each user MUST be assigned the roles of
- P2K_USER, which will allow them to access to Personality data
- At least one other role, which will allow them access to specific functions within the application and to see their employee information.
- If Self Service is used a WWW_% Role must also be assigned
- Seq #
- If the user profile has been assigned more than one role, this field identifies the order in which the roles will be presented when the user logs in. All roles must have unique sequence numbers.
- This is important as there is a direct correlation between the sequence number and the order in which the icons are displayed in the Self Service header.
- The ‘WWW’ role with the lowest sequence number will be displayed furthest to the left whereas the role with the highest sequence number will be displayed furthest to the right.
- The role with the highest sequence reflects the default module that the user will be in when they sign into Self Service.
- Role
- This field allows you identify the role you wish to assign to the user.
- Role Type
- The role is categorized into a specific type in this field.
- Focus Role
- If the role indicated in the previous field is an execution role, the Focus Rule indicates which menu role will be used to allow access to the information.
- For example, a company may want to grant every employee the Employee role, however, depending on their union, each employee should have access to only specific information within the system. To do this, each employee will also be given a focus rule customized for their employment type.
- Description
- This field provides a short description of the role.
- Splash Menu
- This field allows the Administrator to assign a specific splash menu to a role.
Access#
This tab provides the user's access information. Once the user has been identified at the top of the screen and the screen saved, the system access information will automatically fill in with the new access start and end date. This tab is date sensitive and changes made in the areas below the date navigator may be split with a new effective date.This tab will record the dates on which the user's password was changed and you also have the ability to force a password change and also set/reset the password by using the Set/Reset Password button which will result in the following dialog to set or reset the user's password.
The 'Force Password Change on Next Login' will be toggled by default. When you save the new user, a password will be sent to user at the email address identified above.
Access information is data sensitive and this lets you track how many times the password is changed. The record is split and the password is kept in a hached format for each record, it is not decryptable. When a new password is put in, it is hached and the haches are compared to make sure they are the same.
Users are added and modified in the IMUS screen for the access dates that they are allowed into the system. If the End Date field is left empty, a default date of 31-Dec-3999 will be applied when the record is saved. This date can be changed at a later point if the user is either no longer making use of the application or is no longer with the company.
You can also use the access dates for a contractor or temporary team member. The access will only be assigned for the fixed period of time you indicate on the record.
- Access Start Date
- The Access Start Date identifies the earliest date the user is allowed access, regardless of the access status.
- Access End Date
- The Access End Date identifies the latest date the user is allowed access, regardless of the Access Status.
- Force Password Change on Next Login
- This toggle allows the security administrator to force the user to change their password on their next login.
- Set / Reset Password
- This action button allows the security administrator to reset a user's password by automatically bringing up the appropriate Reset Password screen. When a password is reset, a new password is assigned, a new effective access detail record is created, the access status is changed back to "Active" and the failed attempts are erased.
- Reactivate
- This action button allows the security administrator to reactivate a user's access in the event it has been locked out or disabled. During reactivation, a new effective access detail record is created, the Access Status is changed back to "Active" and the Failed Attempts are erased.
- Last Good Access
- The last date the user accessed the system will be displayed here.
- Logins to Date
- The current number of logins the user has made will be displayed here.
- Access Status
- The Access Status field indicates whether the user can access the system during the time period of the chosen date sensitive record. This field is maintained by the system but can also be entered manually.
- The allowed values are
Active | access is currently allowed (subject to the access start/end dates) |
Disabled | access is currently disabled (must be activated manually) |
Locked Out | user is currently locked out of the system (must be activated manually) |
Pending | user has been created but password has not yet been assigned |
- Both the Access Start/End Dates and the Access Status are checked before a user is allowed to log in.
- Failed Attempts
- The system shows the number of failed login attempts that the user has had since the last good login during the time period of the chosen date sensitive record.
- Password Has Been Set
- The system indicates via a toggle whether a password exists for the time period of the chosen date sensitive record.
Identities tab#
The tab is linked to the IEID-Self Service tab and will dynamically list any employee tied to the User Profile. The User Profile displayed in the IEID-Self Service tab, if any, is the User Profile in IMUS that will have a list of employees displayed in the Identities tab.For example: When you are in IMUS and you are focused on a user (ie. PEGGYP), the Identities tab is blank, however, when you are in IMUS and focused on the Self Service wser (ie. SS EMPLOYEE), then the Identities tab would list employees using that profile if they are tied to it in IEID.
Thus, the IEID Self Service tab is dynamically linked to the IMUS Identities tab only if that employee is tied to the Self Service User Profile.
- Person Code
- The person code associated to the user profile in focus.
- Last Name
- The last name of the employee associated to the user profile.
- First Name
- The first name of the employee associated to the user profile.
- Middle
- The middle name of the employee associated to the user profile.
- Entity
- The entity code the employee associated to the user profile is employed with.
- Employment Info
- This field gives a short summary of the employee's employment. The field will display their employment status and their hire/termination date.