[{TableOfContents }]
!!!MAINTAIN USER PROFILES

The Maintain User Profiles (IMUS) screen is where you set up user profiles for professional, candidate, Employee Self Service users. All users when you created them in IMUS are also created at the database.

If a user is also an employee in this database, hire the employee first before adding them as a user as this will save an extra step.  There is not a requirement for the user to be in the database as an employee but if they are, please note that there will be a limit on some extra features. 

For example, the choice of working language in the application will be limited to English (US). 

When a user signs in they will be checked to ensure that the userid and password are in sync and that the system date is between the supplied start date and end date.  Once this is complete, if a Person code is tied to this user then the language preference will be picked up as set on the ([IEPI]) screen and applied to the sign in. 

The application will cascade through the provided languages always supply a wording should the language specified not be available.  This will also set the country code used with a language for English to determine if the language will be either Canadian or US spelling and naming conventions. 
You may select a user already in the system by scrolling through the following fields. 
X User 
X Description 

On this screen you will set up all the users that will need to have access to the system. The Start Date defaults to today's date. Set the toggles settings for Create Allowed, Retrieve Allowed, Update Allowed and Delete Allowed.




;User: This field provides the user's identification in the system.
;Description: This field provides a description of the user. A lot of times this will be the user's full name.
;Email: The user's email address is identified in this field. Many times this field will default in once you complete the Person Code field.
;Person Code: This field provides the user's identity record.
;Name: The user's full name will be provided in this field.

Create / Retrieve / Update / Delete Allowed 
!Old System Access Information 
This area provides information regarding the user’s access to..... 

Access Start Date /  Access End Date 
These fields indicate the dates the user has/had access to the system. 

Last Access On 
The last date the user accessed the system will be displayed here. 

Logins to Date 
The current number of logins the user has made will be displayed here. 

Password Changed By 
If the user’s password has been changed, this field will indicate who changed the password. 

Password Changed On 
The date the password was changed will be displayed in this field. 

----
!!Execution Rights

If the user has full CRUD, you may further refine or restrict their access to individual aspects of the system. The level of access for a specific function may be controlled through the Execution Rights tab and the bottom of the screen, via a role or through the IMER screen.

Function 
This field displays the function the user has execution rights to. 

Create / Retrieve / Update / Delete Allowed 
These toggles identify the exact execution rights the user has to the function. 

----
!!Preferences

If there are special preferences you wish to assign to a user they would get added to this tab.+
Preference
Priority
Value

----
!!Roles
This section identifies all the roles assign to the user.  
The practice of adding roles should be employed to allow multiple or successive users with simple maintenance to duplicate for another user. 
 
Seq # 

Role 
This field allows you identify the role you wish to assign to the user. 

Role Type 
The role is categorized into a specific type in this field. 

Focus Role
Description: This field provides a short description of the role. 

----
!!Access
This tab provides the user's access information. Once the user has been identified at the top of the screen and the screen saved, the system access information will automatically fill in with the new access start and end date.

%%information This tab is [date sensitive|DATE SENSITIVE] and changes made in the areas below the [date navigator|DATE SENSITIVE NAVIGATOR] may be split with a new effective date.%%
This tab will record the dates on which the user's password was changed and you also have the ability to Force a password change and also set/reset the password by using the Set/Reset Password button which will result in the following dialog, which can then be used to set or reset the user's password.

[{Image src='IMUS_SetPassword.JPG' align='center'}]

The 'Force Password Change on Next Login' will be toggled by default. When you save the new user, a password will be sent to user at the email address identified above.

Access information is data sensitive and this lets you track how many times the password is changed. The record are split and the password is kept in a hached format for each record, it is not decryptable. When a new password is put in, it is hached and the haches are compared to make sure they are the same.



----
[{Image src='IMUS_Roles.JPG' width='360' align='right' link='attach/IMUS/IMUS_Roles.JPG'}]
!!Roles

You can add or move role grants on this tab or the IMUR (Assign Roles) function be used.
----
[{Image src='IMUS_ExecutionRights.JPG' width='360' align='right' link='attach/IMUS/IMUS_ExecutionRights.JPG'}]
!!Execution Rights

!Section Headings within in each tab
;[FieldName|]:Definition
----
[{Image src='IMUS_Identities.JPG' width='360' align='right' link='attach/IMUS/IMUS_Identities.JPG'}]
!!Identities

%%warning This tab is for viewing purposes only; you may not edit the data.%%


[CLEANUP]




MAINTAIN USER PROFILES

The Maintain User Profiles (IMUS) form is used to create and update user profiles. This section explains the Maintain User Profiles screen and its associated fields. 
You may access this feature through the Screens/Forms menu: 
Application Administration > Security > Maintain User Profiles 
 
If a user is also an employee in this database, hire the employee first before adding them as a user as this will save an extra step.  There is not a requirement for the user to be in the database as an employee but if they are, please note that there will be a limit on some extra features. For example, the choice of working language in the application will be limited to English (US). 
When a user signs in they will be checked to ensure that the userid and password are in sync and that the system date is between the supplied start date and end date.  Once this is complete, if a Person code was tied to this user then the language preference will be picked up as set on the IEPI screen and applied to the sign in. 
The application will cascade through the languages supplied to always supply a wording should the language specified not be available.  This will also set the country code used with a language for English to determine if the language will be either Canadian or US spelling and naming conventions. 
You may select a user already in the system by scrolling through the following fields. 
X User 
X Description 
‘Maintain User Profiles’ Usage and Examples User 
The indvidual’s user name is identified in this field. 
Descrption 
This field provides a identifying description of the user, such as their full name. 
E-mail 
The user’s email address is displayed in this field. 
Person Code 
The user’s identifying employee number is displayed in this field. 
Name 
The user’s full name is displayed in this field. 
Create / Retrieve / Update / Delete Allowed 
Old System Access Information 
This area provides information regarding the user’s access to..... 
Access Start Date /  Access End Date 
These fields indicate the dates the user has/had access to the system. 
Last Access On 
The last date the user accessed the system will be displayed here. 
Logins to Date 
The current number of logins the user has made will be displayed here. 
Password Changed By 
If the user’s password has been changed, this field will indicate who changed the 
password. 
Password Changed On 
The date the password was changed will be displayed in this field. 
Maintain User Profiles (IMUS) - Execution Rights 
If specific execution rights are required for a user they may be added on the Execution Rights tab.  Adding of execution rights for a single or series of users should be an exception and not normal proceedure. 
 
Function 
This field displays the function the user has execution rights to. 
Create / Retrieve / Update / Delete Allowed 
These toggles identify the exact execution rights the user has to the function. 
Maintain User Profiles (IMUS) - Preferences 
 
Preference
Priority
Value

Maintain User Profiles (IMUS) - Roles 
This section identifies all the roles assign to the user.  
The practice of adding roles should be employed to allow multiple or successive users with simple maintenance to duplicate for another user. 
 
Seq # 
Role 
This field allows you identify the role you wish to assign to the user. 
Role Type 
The role is categorized into a specific type in this field. 
Focus Role
Description

This field provides a short description of the role. 
Maintain User Profiles (IMUS) - Access 
Users are added and modified in the IMUS screen for access dates that they are allowed into the system.  If the End Date field is left empty, a default date of 31-Dec-3999 will be applied when the record is saved. 
This date can be changed at a later point if the user is either no longer making use of the application or is no longer with the company. 
You can also use the access dates for a contractor or temporary team member.  The access will only be assigned for the fixed period of time you indicate on the record. 
 
Access Start Date The Access Start Date identifies the earliest date the user is allowed access, regardless of the access status. 
Access End Date The Access End Date identifies the latest date the user is allowed access, regardless of the Access Status. 
Force Password Change on Next Login This toggle allows the security administrator to force the user to change their password on their next login. 
Set / Reset Password This action button allows the security administrator to reset a user's password by automatically bringing up the appropriate Reset Password screen.  When a password is reset, a new password is assigned, a new effective access detail record is created, the access status is changed back to "Active" and the failed attempts are erased. 
Reactivate This action button allows the security administrator to reactivate a user's access in the event it has been locked out or disabled.  During reactivation, a new effective access detail record is created, the Access Status is changed back to "Active" and the Failed Attempts are erased. 
Last Good Access 
The last date the user accessed the system will be displayed here. 
Logins to Date 
The current number of logins the user has made will be displayed here. 
Access Status The Access Status field indicates whether the user can access the system during the time period of the chosen date sensitive record.  This field is maintained by the system but can also be entered manually.  
The allowed values are 
Active - access is currently allowed (subject to the access start/end dates) 
Disabled - access is currently disabled (must be activated manually) 
Locked Out - user is currently locked out of the system (must be activated manually) 
Pending - user has been created but password has not yet been assigned 
Both the Access Start/End Dates and the Access Status are checked before a user is allowed to log in. 
Failed Attempts The system shows the number of failed login attempts that the user has had since the last good login during the time period of the chosen date sensitive record. 
Password Has Been Set The system indicates via a toggle whether a password exists for the time period of the chosen date sensitive record.