Persons & Accounts
Last updated
Was this helpful?
Last updated
Was this helpful?
Access Control involves the task of creating, mapping, changing and organizing users and role information. The Person & Accounts section of the Admin Panel provides you with a central place to perform these tasks.
After users and roles have been created, you can grant access to users by assigning them to roles. Roles contain the security access information to components of SSP 7. Access to specific components of SSP 7 is performed by granting rights to a Role. Be aware that configuring additional access to a role will affect all the users that are assigned to that role. For a more flexible security environment, multiple roles can be created with specific access to groups of categories, topics or views. A user can be assigned to multiple roles.
SSP 7 supports the automatic assignment of Roles to users, based on information in external systems like LDAP. For that RoleSets are used. RoleSets have a unique name (keyword) and one or multiple Roles linked to them. When the Unique Name of a RoleSet is found in a selected LDAP or SD4.5 field, the roles defined with that RoleSet are automatically granted to the user.
Groups allow to form a set of individual users. These Groups can be used as Actors in a Process Step, and are also used to distribute .
The Person & Accounts screen is opened by clicking on the links Manage Persons, Edit Roles, Edit RoleSets or Manage Groups in the Person & Accounts section of the Admin Panel.
Users are managed in the Manage Persons section of Person & Accounts. All person and accounts in SSP 7 can be searched, viewed, added or deleted in this module.
Possible actions on this page:
Search User : clip0019: Search for an existing User.
Add a new User.
Edit : Change the details of the selected User.
Delete : Delete the selected User.
Complete the following sections to add a new person in SSP 7.
Person Settings
Account Settings
Out of Office
Delegates
Favorites
Roles
Access rights overview
Groups
To edit a user, search for the user and click on the user to open the user settings.
Person Settings
The user login and password is defined in the Account Settings page. There are no restrictions for the login or password format.
On the 'Delegates' tab, Users can create a list of Delegates for processes and for MyItems. They can then assign tasks to them, ad-hoc or permanent, or when they are Out of the Office.
Process delegates are used to reassign process actions to other people. This can be done manually in specific process steps, or permanent through out-of-office or permanent delegation.
My Items delegates: My Items delegates are used to give people the possibility to check the items of another users and perform actions on it.
The following options are available on this page:
Current Favorites :The existing list of Favorites; Users can remove items from this list, by clicking on the delete button.
Add Favorite : Users can add new external Favorites manually, by completing the Name (shown on screen) & the Link. Internal favorites can be added by clicking on the addtomyfavortites button, which is visible in Topics, Forms and Shops.
The goal is to see all rights a user has. The page is added to admin > Edit person. A new tab is added, after ‘Roles’. This will display all the access rights this user has, based on his Roles, Granular ticket access
The listing is to be organized as follows:
Forms & Shops
Columns:
Form Name – Form ID –Category – Topic - Type of access right – Source
Category: the SSP Category to which the Topic belongs
Topic: the Topic in which the form is created
Type of access right: if the user has no access, the form should not be listed in this overview
Source: this is the name of the Role or GTA set from which the user acquired this access
Possibly add if the user has the role directly or via a Group
Processes
Columns
Process Name – ID – Type of access right – source
Datastore Parameters
Columns
Parameter Name – ID – source
Views
Columns
View Name – source
Auto-Forms
Columns
AutoForm Name – type of access – source
Person Groups
Columns
Group Name – Source
Administration pages
AdminPage Name – source
Navigation Items
Item name - source
All results are also exportable to excel.
An overview of which groups a user is a member of. It is also possible to edit the mailing option for each group for the user and to add additional groups to the user's list.
Disabling an user account
To disable an user account
In the Admin panel Click on "Manage Persons" in the Person & Accounts option.
Find the user to be disabled in Search User option and in the Action column of the user, select the "Edit" edit button.
Select the "Roles" tab.
In the Access column, uncheck any checked roles to remove all access to SSP 7. clip0032
Click clip0020or OK. clip0020will save your changes, but will remain on this screen. OKwill save your changes and return to User List. Use the clip0022button to discard any changes.
A new SSP 7 user is added through the Manage Users page via a link in the Person & Accounts section of the Admin Panel. To add a new person click on the button.
For new users, enter the First Name, Last Name and Email address. Click on the button to save the new user record. It is required that you save the user before proceeding to the next step. If the new user does not want to receive emails, the "Blacklisted" box needs to be checked. An alternative user can be selected instead to receive emails intended for the "blacklisted" user.
Use the button to save the changes and remain on this screen, or use the button to save your changes and return to the Overview screen, or use the button to discard any changes.
Enter a login and Password. Click on . Select an Authentication method (System Default; SSP7 Internal; LDAP or SD 4.5), Language and Date Setting for the user in the Section Personal Settings and proceed to the page.
Use the button to save the changes and remain on this screen, or use the button to save your changes and return to the Overview screen, or use the button to discard any changes.
To activate a delegate, who will receive all tasks and will act on an user`s behalf that is out of office, select the first checkbox option, define the out of office period and choose one of the user's delegates from the drop down list. Please find more information on how to add a delegate under page.
Use the button to save the changes and remain on this screen, or use the button to save your changes and return to the Overview screen, or use the button to discard any changes.
On the 'Favorites' tab, Users can manage their personal list of Favorites, which are displayed on the Dashboard. Favorites can be added from the portal, by using the button at the bottom of every topic, shop & form :
The Roles page displays a list of available roles that can be assigned to users. A user is assigned a Role by selecting the checkbox in the Access column for the Role. More than one Role can be assigned to an user. Click on to save the changes.
The column with Dynamic roles is read-only and shows which roles are assigned to an user based on the of the user. Removing roles that have the indicator Dynamic Role set, will not have influence, as this role is assigned again to the user when the user logs back into SSP.
You can disable any user account through the Admin panel. You must be logged on as an administrator to have the appropriate rights to disable accounts. Accounts that are no longer valid should be disabled as a standard security measure. For more information please see the for detailed information on managing user accounts.
