The user page is designed for entering information about a user account. It consists of the field group that contains general data, and several tabs.
Common data
The [Contact] field contains the name of the contact that this user will represent in the system. This is a required field. It is editable only when adding a new record.
[Type] – bpm’online user type (employee or portal user) is defined when a new record is added. The [Type] field is populated with the selected value automatically and remains uneditable before you save the record. After you save the record and reopen the new user page, you will be able to edit the type.
[Home] – the section that will open by default for the user when logging in to the system.
Select the [Active] checkbox to activate the user account. If the [Active] checkbox is cleared, then this user account cannot be used to log in to the system. The [Active] checkbox will be selected automatically if the [LDAP authentication] option is selected.
The value in the [Culture] field defines the language of the user interface.
The [General information] tab
The tab contains data for user authentication.
Select the [Bpm’online authentication] option if the current user should not be synchronized with LDAP. The [Username] and [Password] fields will become editable.
•Use the [Username] field to enter the user’s lohgin.
•In the [Password], [Password confirmation] fields, specify the password for the user. The password entry is encrypted.
•[Password expiration date] – date and time that the user password will be valid till.
Note
The password expiration date is set when the user changes the password. The date is calculated based on the “Password validity term, days” system setting by adding the specified number of days to the date when the password was last changed.
•[Reset password] – select the checkbox to force resetting the user's password. If the checkbox is selected, when logging in to the system for the next time, the user will be notified that the password is expired and must be changed. Once the password is changed, the checkbox will be automatically cleared.
Select the [LDAP authentication] option to synchronize the current user with an LDAP user. When this option is selected, the [Username] field becomes editable.
•[Username] – name of the user in the LDAP lookup. The lookup in this field contains the list of LDAP users that have not yet been synchronized with bpm’online.
The [Roles] tab
The tab contains the list of functional roles that have been added manually and the list of organizational roles that the current user is included in.
The [Licenses] tab
The tab displays the list of licenses used in the system and the available licenses for users.
The [Rights delegation] tab
The tab contains the list of users, organizational structure elements and functional roles whose access rights are delegated to the user.
Access rights delegation can be used when it is needed to temporarily grant a user or a role the access rights that some other user or role has. For example, before going on vacation, the department manager can delegate their access rights to one of the employees. To do this, open the required employee's page and add the user account or the role of the department manager to the [Rights delegation] detail.
The [Access rules] tab
The tab contains the range of IP addresses the user is allowed to use to access the system and the list of user sessions. On this tab you can also set a session timeout for a specific user.
The list of sessions can be used to analyze the summary information about the number of hours spent on working in bpm’online. You can also forcibly end an active user session by clicking the [Finish session] button.
Note
In bpm’online, a session is a period of time between the log in and log out operations. Information on the detail cannot be edited and is based on the data about the exact time the user started and ended his/her session.
The [Session start] shows the date and time when the user logged in to the system.
The [Session end] displays the date and time when the session ended. A user can log out from the system by clicking the [Exit] button or by closing the browser window. When you click the [Exit] button, the current user session will end, and you will be redirected to the login page. When you close the browser window or when the Internet connection is lost, your session will end automatically (by default, the session timeout is 20 minutes).
The [User session timeout, min] field used to set up the individual timeout for a specific user if the user activities require a work session longer than specified by general system timeout.
Attention
To set up IP-based access rules, edit the web.config file and activate the useIPRestriction parameter: useIPRestriction="true". Bpm’online cloud users are advised to contact technical support to activate this parameter.
In the [Operation permissions] section of the System Designer, open the [Ignore access check by IP address] operation and add users or user groups to the [Operation permission] detail. Clear the [Access level] checkbox for all users and user groups who are required to use IP-based access rules.
See also
