User Management: Settings Control
The User Management functionality is accessible from both the Configuration Tools and the main Case Manager application. The User Management section in the navigation pane on the left (in the Configuration Tools) contains two subsections: Users and Teams, and Security Roles. The same setting controls are accessible in Case Manager by opening “User Management” from the Tools menu. A user requires the System Administrator or the User Administrator right to configure these settings, with the exception of a user editing the basic details of her own profile if she has the “User may edit own profile” right.
User and Teams
The User Management section shows a hierarchy of users and teams in the organization. A team can consist of users and other smaller teams. At the root of the hierarchy is the Organization Workgroup (previously known as the Default Workgroup) which represents all the users in the system. Viewing the diary, for example, on the Organization Workgroup level shows all the due instructions over all users.
The hierarchy shows the assigned security roles and administered workgroups of the users in columns, giving you a quick view of the security assigned to users in the organization. At the bottom of the screen you have an option to include the deactivated users and teams as well. By default, this setting is off only showing the active workgroups. Users and teams can easily be structured by dragging the workgroup you wish to move to the desired team. The parent workgroup (that is, the team the selected workgroup resides in) can also be set in the edit form. The toolbar enables the following actions:
Add gives you an option of creating either a new team or a new user.
Edit allows you to edit the basic information of the selected user or team. Note that the Organization Workgroup cannot be renamed, but the contact person can be specified.
Delete will remove the selected workgroups from the system. More on the delete function can be found in the Deleting users or teams section of this document.
Refresh reloads the display of users and team.
Security shows the security settings for users, including the Security Role and rights, the Administered Workgroup, and password options.
System Users shows the registered system and support users and gives you the option to set some of their security settings. You can also see deleted users and teams from this view.
Create or Edit User
Adding a new or editing an existing user presents you with a screen with the basic information of the user. This excludes the security settings, which can be accessed using the Security button.
Notes on the available fields and options:
- Display Name
- shows the name of the user as it will be displayed in Case Manager’s user lists and workgroup lists.
- Username
- is a unique identifier for a user in the system (including inactive and deleted users). It can be used to log into the Case Manager applications. A duplicate check will be done when you save the user.
- Team
- allows you to select the team in which this user profile resides.
- Is Active
- indicates whether the user is included in the workgroup lists in Case Manager and allowed login. When deactivated, the user will still retain its security settings and assignments of work (cases and instructions) - opposed to deleting a user which will remove all references (except historic) to the user as well. When an inactive user is made active, the entire chain of parent teams up to the Organization workgroup will be made active as well.
- Contact Details
- groups a number of phone numbers and other contact information of the current user to be used in template merging when communicating with a customer/debtor.
- Signature
- allows you to upload a signature image to be placed on letters when sending a letter from the user.
- Telephony
- groups a few fields with telephony-system user information for the current user that can be used in integration with a telephony system.
- Related Workgroup
- carries no specific functionality in Case Manager, but is available should an additional reference to a different workgroup be needed.
Create or Edit Team
Adding or editing a team is very similar, but simpler, than editing a user. Most importantly, a team name should be specified. You may also specify details for a contact person for the team, which can be used in customer/debtor communication from the team (opposed to from a user). As with a user, a signature image can also be specified. A team always forms part of a larger team (up to the Organization of which all teams and users are members). The direct team to which the current team belongs can be specified as a Parent Team. Note that the contact person information can be edited on the Organization Workgroup, but the workgroup itself may not be renamed or moved to a different team. When any team is made inactive, all the users and teams within this team will be made inactive as well.
Notes on the available fields and options: Team Name : is the name that will be used for the team throughout the system Contact Person : groups contact information fields as well as a signature image to be used on documents to specify the contact person for this team. Is Active : indicates whether the team is included in the workgroup lists in Case Manager. When deactivated all the teams and users within this team will be made inactive as well. When activating a team of an inactive parent team, the parent team will be activated as well.
Deleting users or teams
To retain historic information in Case Manager, such as which user completed an activity, users and team are not physically deleted from the system; they are only marked as deleted which will remove them from all references for use and hide them from all lists. An inactive team or user, in comparison, will be hidden from most lists but will retain its references for use (such as organizational structure, possible workflow references, and assigned cases). From the Users & Teams section in the User Management, you may select users and teams (that do not contain users or teams itself) to delete using the action from the toolbar. An analysis will be performed, and you will be presented with options of the actions to take on the data making use of the user or team to be deleted.
The following actions are performed when deleting a team or user:
- Cases assigned to this workgroup are assigned to the Organization Workgroup.
- All user-specific toolbar customizations are deleted.
- In the workflow, events triggered when changing to this workgroup will be deleted.
- The user will be deregistered from all queues.
- This workgroup will be removed from its parent team.
- All security rights (and security role assignment) will be revoked from this user.
The following will prevent deletion of the workgroup:
- If there are open activities for this user.
- If there are workflow steps to change a case to this workgroup.
- If there are queues owned or shared directly with this workgroup.
- If there are other teams or users within this (team) workgroup.
Deleted workgroups can be viewed, and recovered from the System Users view (opened from the toolbar action on the Users & Teams section). Note that recovery will only make this user or team active again in the system; all the deleted actions as described above will not be reversed.
User Security
When a user is selected in the Users & Teams section the Security action will be available giving you the ability to set up the access and functional privileges of users. Specifically, to set up the password for the user, assign a security role or directly assign security rights, and assign an administered workgroup.
Password
You may assign a password to the user by clicking the Reset Password button. You will be asked to enter the password of the current user (that is, a user with the privileges to change another user’s password - either System Administrator or User Administrator), as well as the new password. You may choose to force a change of password on the first login of the user. This allows you to specify a temporary password, allowing the user to choose his own password on the first login. A user with the “User may edit own profile” privilege is able to edit the password of his own user profile (currently logged in). In this case, the current password will be required.
Security
To manage a user’s rights, you can either specify a Security Role, or - when no role is assigned to the user - specify the rights directly. The rights listed on the User Security form indicates with check boxes which rights are assigned. When a Security Role is assigned you will be able to view, but not edit, the effective security rights for this user. If a security role is assigned, all the explicitly specified rights for this user will be replaced by what is specified by the role.
Administered Workgroup
Certain functionality in Case Manager, such as the Diary, Queues, and Dashboards, takes the level in the Organization hierarchy of which a user is administrator into consideration for security purposes. A user that has an administered workgroup of, say, “Medical” will be allowed to view the diary over the entire “Medical” branch of users, and will be able to share a queue with the Medical team (or subteam thereof). This user will not be allowed to perform these actions for users and teams outside of the Medical branch. The Administered Workgroup comes in handy when assigning team leaders and supervisors.
System Users
A system user is a registered user with specific use in Case Manager - such as an automated process, or an administrative user used for support. You may not create, edit or delete system users, but you may set security settings for this user. The system users list is accessible from the toolbar of the Users & Team section. It also includes the management of the deleted users.