Document toolboxDocument toolbox

Users

Admin - User Management Menu

Summary

Navigate to the User Management: Users Grid by opening the 'Admin' tab, clicking on the node labeled 'User Management', then clicking the node labeled 'Users' (see Figure above). The Grid features a comprehensive list of all the User profiles that exist within the User's organization.

Users Grid

Admins can add new User profiles by clicking on the button, edit existing User profiles by clicking the button or delete existing profiles by selecting them in the Grid and clicking the button.

Users can also edit and delete User profiles by double-clicking them in the Grid to open the Record. This action opens the User data entry form where the Admin can define the record's inputs by following the protocol established earlier in this section. Once all Required fields have been satisfied, click the button at the bottom of the form. The edits appear wherever the User appears throughout the application.

Admins can also quickly adjust the status of User profiles by selecting the profiles individually and clicking on the Toggle Status button. This is helpful to quickly render multiple User's Inactive, or to quickly make a profile Active if it has become Inactive due to something like multiple failed loggin attempts. For more information on the Status of a profile, see the User Status section of the Edit User portion of this article.

Admins can also select a User profile and click on the button, to utilize PCR-360 based on that User's privileges. This is very useful for troubleshooting User problems to see their issues directly.

While Emulating a User's profile, the footer of the application will be replaced with the below toolbar so that it is easy to identify when, and who you are actively Emulating.

 

To end an active Emulation of a User's profile, click on the image-20240916-182953.png button. When an Emulation is ended, PCR-360 will remember all current filters and the Grid the active User was using. This makes for a smooth transition when Emulating one User multiple times.

Add User

Add

Navigate to the User Management Roles Grid by opening the 'Admin' tab, clicking on the node labeled 'User Management', and then clicking on the node labeled 'Roles'. Admin > User Management > Roles

To add a new role, click the 'Add' button located immediately above the Grid.

In the Role data entry form, the User is prompted to define the 'Role' (by name) and the 'Description' used to identify the new Role. Additionally, each Role can be flagged as 'CustomerCenter Only' or 'Administrator'. These flags control certain built-in authority/restriction levels in the application (Note: See below for a listing of specific Administrator privileges). A User is considered to be an Administrator if ANY of their assigned Roles is flagged as Admin. Conversely, a User is relegated to have CustomerCenter Only access if ALL of their assigned Roles are flagged as such.

Admin Users can also add User profiles to the new role which binds each selected User to the Permissions Sets defined in the next tab. To add Users to the new role, select the 'Add' button in the 'Users' tab. Select appropriate Users from the list and press the Save button. The Users appear on the Grid displayed in the 'Users' tab.

Users can define the permissions granted by the new role's Users by opening the 'Permissions Sets' tab. Click the 'Add' button immediately above the Grid displayed in that tab and select the desired permissions sets from the list. Click the 'Save' button, and the selected permissions sets appear on the Grid displayed in the 'Permissions Sets' tab.

For Admin Users, please see Admin:User Management:Permissions for details.

Save

Once all the User data entry form's required fields have been satisfied, click the 'Save New' button located at the bottom of the form. The new User appears on the original User Management Users Grid.

Edit User

Note: Password Resets are only available within PCR-360 for Organizations that use the Native Login Screen. If your Organization has an integrated Single-Sign-On System, such as Shibboleth, then Password Resets will only be available through that system.

User Status

As with other applications, PCR-360 has methods of preventing brute force hacking attempts. The primary method in PCR-360 is by tracking failed login attempts as these are often indicative of an attack.

Multiple failed attempts to login trigger a security feature in PCR-360. When a User fails to log in by entering the wrong password multiple times, the User account is set to .  Even if a valid attempt is made, the login is denied. This allows the Admin to verify the User attempting to login is a valid User and not a malicious attacker attempting to log in. If the User is a valid User, the Admin can set the User record to  to allow the User can log in. The number of attempts a User can make before their account is set to Inactive is controlled by the Configuration Option AUTH_THRESHOLD_BADPASSWORD .

Contact Associating

When adding a new PCR-360 User, the User has the ability to associate the New User with an existing PCR-360 Contact or create a new one right from this screen.

To associate the PCR-360 User with an existing User:

  1. Click the Look Up Contact button.

  2. Double-click the desired Contact record or select the desired Contact and click the OK button.

To create a new Contact, enter the First name, Last Name, and Email Address fields (and optionally the Phone Number field).

Password Management

When an Admin User clicks on the image-20241115-161617.png button, a message is sent to the selected User's email, prompting a Password Reset.

Note: Password Resets are only available within PCR-360 for Organizations that use the Native Login Screen. If your Organization has an integrated Single-Sign-On System, such as Shibboleth, then Password Resets will only be available through that system.

When an Admin User clicks on the image-20241115-161623.png button, a message will be displayed to the selected User on their next login, prompting a Password Reset.

Note: When first Upgrading to a 2021.3 or newer version of PCR-360, due to improvements made for security, all User Passwords will be set to Expire. This is because PCR lacks the ability to decrypt our Customer's Passwords.

Reset vs Expire Password

Reset Password

  • A Password Reset link will be emailed to the User
    Note: This requires Email to be configured on the Server, without the Server being configured, the Email will not be sent

  • Doesn't prevent login in with the old Password

Expire Password

  • Creates a Password Reset Link that can be copied and sent to a User separately

  • Requires a User to reset their Password on a successful login with the old Password

Once a New Password is saved by the User, the application will display a prompt indicating it has registered the update. on completing the User's login.

Related pages