MAINTAIN USER PROFILES#

The Maintain User Profiles (IMUS) screen is where you set up user profiles for professional, candidate, Employee Self Service users. All users when you created them in IMUS are also created at the database.

If a user is also an employee in this database, hire the employee first before adding them as a user as this will save an extra step. There is not a requirement for the user to be in the database as an employee but if they are, please note that there will be a limit on some extra features.

For example, the choice of working language in the application will be limited to English (US).

When a user signs in they will be checked to ensure that the userid and password are in sync and that the system date is between the supplied start date and end date. Once this is complete, if a Person code is tied to this user then the language preference will be picked up as set on the (IEPI) screen and applied to the sign in.

The application will cascade through the provided languages always supply a wording should the language specified not be available. This will also set the country code used with a language for English to determine if the language will be either Canadian or US spelling and naming conventions. You may select a user already in the system by scrolling through the following fields. X User X Description

On this screen you will set up all the users that will need to have access to the system. The Start Date defaults to today's date. Set the toggles settings for Create Allowed, Retrieve Allowed, Update Allowed and Delete Allowed.

User
This field provides the user's identification in the system.
Description
This field provides a description of the user. A lot of times this will be the user's full name.
Email
The user's email address is identified in this field. Many times this field will default in once you complete the Person Code field.
Person Code
This field provides the user's identity record.
Name
The user's full name will be provided in this field.

Create / Retrieve / Update / Delete Allowed

Old System Access Information #

This area provides information regarding the user’s access to.....

Access Start Date / Access End Date These fields indicate the dates the user has/had access to the system.

Last Access On The last date the user accessed the system will be displayed here.

Logins to Date The current number of logins the user has made will be displayed here.

Password Changed By If the user’s password has been changed, this field will indicate who changed the password.

Password Changed On The date the password was changed will be displayed in this field.


Execution Rights#

If the user has full CRUD, you may further refine or restrict their access to individual aspects of the system. The level of access for a specific function may be controlled through the Execution Rights tab and the bottom of the screen, via a role or through the IMER screen.

Function This field displays the function the user has execution rights to.

Create / Retrieve / Update / Delete Allowed These toggles identify the exact execution rights the user has to the function.


Preferences#

If there are special preferences you wish to assign to a user they would get added to this tab.+ Preference Priority Value


Roles#

This section identifies all the roles assign to the user. The practice of adding roles should be employed to allow multiple or successive users with simple maintenance to duplicate for another user. Seq #

Role This field allows you identify the role you wish to assign to the user.

Role Type The role is categorized into a specific type in this field.

Focus Role Description: This field provides a short description of the role.


Access#

This tab provides the user's access information. Once the user has been identified at the top of the screen and the screen saved, the system access information will automatically fill in with the new access start and end date. This tab is date sensitive and changes made in the areas below the date navigator may be split with a new effective date. This tab will record the dates on which the user's password was changed and you also have the ability to Force a password change and also set/reset the password by using the Set/Reset Password button which will result in the following dialog, which can then be used to set or reset the user's password.

The 'Force Password Change on Next Login' will be toggled by default. When you save the new user, a password will be sent to user at the email address identified above.

Access information is data sensitive and this lets you track how many times the password is changed. The record are split and the password is kept in a hached format for each record, it is not decryptable. When a new password is put in, it is hached and the haches are compared to make sure they are the same.


Roles#

You can add or move role grants on this tab or the IMUR (Assign Roles) function be used.


Execution Rights#

Section Headings within in each tab#

FieldName
Definition

Identities#

This tab is for viewing purposes only; you may not edit the data.

CLEANUP

MAINTAIN USER PROFILES

The Maintain User Profiles (IMUS) form is used to create and update user profiles. This section explains the Maintain User Profiles screen and its associated fields. You may access this feature through the Screens/Forms menu: Application Administration > Security > Maintain User Profiles If a user is also an employee in this database, hire the employee first before adding them as a user as this will save an extra step. There is not a requirement for the user to be in the database as an employee but if they are, please note that there will be a limit on some extra features. For example, the choice of working language in the application will be limited to English (US). When a user signs in they will be checked to ensure that the userid and password are in sync and that the system date is between the supplied start date and end date. Once this is complete, if a Person code was tied to this user then the language preference will be picked up as set on the IEPI screen and applied to the sign in. The application will cascade through the languages supplied to always supply a wording should the language specified not be available. This will also set the country code used with a language for English to determine if the language will be either Canadian or US spelling and naming conventions. You may select a user already in the system by scrolling through the following fields. X User X Description ‘Maintain User Profiles’ Usage and Examples User The indvidual’s user name is identified in this field. Descrption This field provides a identifying description of the user, such as their full name. E-mail The user’s email address is displayed in this field. Person Code The user’s identifying employee number is displayed in this field. Name The user’s full name is displayed in this field. Create / Retrieve / Update / Delete Allowed Old System Access Information This area provides information regarding the user’s access to..... Access Start Date / Access End Date These fields indicate the dates the user has/had access to the system. Last Access On The last date the user accessed the system will be displayed here. Logins to Date The current number of logins the user has made will be displayed here. Password Changed By If the user’s password has been changed, this field will indicate who changed the password. Password Changed On The date the password was changed will be displayed in this field. Maintain User Profiles (IMUS) - Execution Rights If specific execution rights are required for a user they may be added on the Execution Rights tab. Adding of execution rights for a single or series of users should be an exception and not normal proceedure. Function This field displays the function the user has execution rights to. Create / Retrieve / Update / Delete Allowed These toggles identify the exact execution rights the user has to the function. Maintain User Profiles (IMUS) - Preferences Preference Priority Value

Maintain User Profiles (IMUS) - Roles This section identifies all the roles assign to the user. The practice of adding roles should be employed to allow multiple or successive users with simple maintenance to duplicate for another user. Seq # Role This field allows you identify the role you wish to assign to the user. Role Type The role is categorized into a specific type in this field. Focus Role Description

This field provides a short description of the role. Maintain User Profiles (IMUS) - Access Users are added and modified in the IMUS screen for access dates that they are allowed into the system. If the End Date field is left empty, a default date of 31-Dec-3999 will be applied when the record is saved. This date can be changed at a later point if the user is either no longer making use of the application or is no longer with the company. You can also use the access dates for a contractor or temporary team member. The access will only be assigned for the fixed period of time you indicate on the record. Access Start Date The Access Start Date identifies the earliest date the user is allowed access, regardless of the access status. Access End Date The Access End Date identifies the latest date the user is allowed access, regardless of the Access Status. Force Password Change on Next Login This toggle allows the security administrator to force the user to change their password on their next login. Set / Reset Password This action button allows the security administrator to reset a user's password by automatically bringing up the appropriate Reset Password screen. When a password is reset, a new password is assigned, a new effective access detail record is created, the access status is changed back to "Active" and the failed attempts are erased. Reactivate This action button allows the security administrator to reactivate a user's access in the event it has been locked out or disabled. During reactivation, a new effective access detail record is created, the Access Status is changed back to "Active" and the Failed Attempts are erased. Last Good Access The last date the user accessed the system will be displayed here. Logins to Date The current number of logins the user has made will be displayed here. Access Status The Access Status field indicates whether the user can access the system during the time period of the chosen date sensitive record. This field is maintained by the system but can also be entered manually. The allowed values are Active - access is currently allowed (subject to the access start/end dates) Disabled - access is currently disabled (must be activated manually) Locked Out - user is currently locked out of the system (must be activated manually) Pending - user has been created but password has not yet been assigned Both the Access Start/End Dates and the Access Status are checked before a user is allowed to log in. Failed Attempts The system shows the number of failed login attempts that the user has had since the last good login during the time period of the chosen date sensitive record. Password Has Been Set The system indicates via a toggle whether a password exists for the time period of the chosen date sensitive record.