Users are the individuals in an organization who have access permissions to the Manager. Users have different types of permissions for the software and the system components. When administrators create, edit, or copy users, they define the user's level of access to the Manager and the types of tasks the user can perform.
Within the Users List dashboard, you can do the following:
Once a user is created, administrators can use the copy feature to create more users who have similar properties, such as the company name or custom options. When you copy a user, the new user inherits all of the original user's permissions.
When you delete a user, you may transfer the jobs, job template libraries, or reports that the user owns to another user. You can also simply delete the user and all of the access controls and reports associated with the user.
To delete a user and all of the access controls and reports associated:
Note: With Media Exchange, the following occurs when you delete a user, depending on the type of user you delete:
When you have a user that you do not wish to delete, but whose access to the Manager you want to restrict, you can deactivate them. Deactivating a user means that the user's information remains in the database, but that they can no longer login to the Signiant Manager or Media Exchange. These changes take place the next time a user tries to log on.
To deactivate or activate a user:
Use this option to view the selected user's permissions and access.
To view these details:
To edit users settings such as the password settings or notification messages, select the user in the Administration>Users>List and click Settings.
The password strength checker is enforced when new accounts are created or activated and when passwords are changed. The password strength checker is bypassed for directory services passwords.
To manage password settings, use the following options:
Enable User Reactivation
This option allows locked users to be reactivated after a specified time period has expired. This setting is applicable to users who are deactivated as a result of failed login attempts. In Time To Reactivate Users (Hours) type the number of hours until reactivation occurs.
Password Strength Policy
By default, this option is configured to specify the following password requirements:
Edit these default settings to match your password policy. The settings in the Password Strength Policy control all system passwords including Media Exchange users, users created or edited with Signiant REST APIs, and users created in the Signiant Manager.
Enable Manager password expiry
To configure a password expiry for the Manager password and in Password Expiry Cycle (Days) field, type the number of days. The range in days for password expiry is 30 to 999. When a user's password expires, the user is notified and prompted to enter a new password.
Enable Media Exchange password expiry
Enable this option and, in Password Expiry Cycle (Days) field, type the number of days. The range in days for password expiry is 30 to 999. When a user's password expires, the user is notified and prompted to enter a new password. For the Media Exchange password, this applies only to users who are controlled by Default Native Authentication in Directory Services.
Note: Password reset requests are recorded in the Manager log.
Used to display a message to your users once they have logged in. To only display this message to Media Exchange users, enable Display Announcement message to Media Exchange Users only.
Used to display a message to users that displays before logging in. This typically is something such as a licensing agreement. To only display this message to Media Exchange users, enable Display Announcement message to Media Exchange Users only. There is no limit on the number of characters, but we recommend you do not exceed 2,000 characters per message. You can include HTML links to external web pages. The HTML link must be in the following format: <a href="linktosite">LinkText</a>. To stop the message from appearing,you must delete the content from the appropriate box.
You can choose to export your users in General or Media Shuttle format.
To export your Media Exchange users:
To be imported by Media Shuttle, the first line of the CSV file must include the following header row:"emailAddress","firstName","lastName","info","expiryDate","sendPermission","receivePermission"
User list columns can be displayed or hidden by clicking the arrow icon beside the column label and selecting the desired columns. The column order can be changed by clicking-and-dragging a column to a new location.
The available columns are:
This section describes how to add a user to the Signiant Manager.
To specify general properties:
On the General tab, type the user details.
In Username, type the user's username. The characters: <, >, and = are not permitted.
From the Organization drop-down menu, choose the organization to associate with the user.
In the Password section, type the user's Password and again in Confirm Password.
Ensure this password conforms to the password policy specified in Users>List>Settings. Enable Use directory password to avoid setting a password for users who use third party directory service authentication. This allows all other user configuration settings to be saved without the requirement of entering a password value. When you change a user password, you are changing the password in native authentication mode. Changing a user password does not change a user's LDAP or Active Directory password if those modes of authentication are being used to log in to the Manager UI. If a user has not logged in using native authentication, a message is displayed indicating this and that setting/changing this password does not affect third party directory service authentication. As an administrator you cannot change your own password. To change an administrative password, you must use the Welcome <user> / Preferences selection.
In the Administration section, set the following custom information:
Maximum Failed Login Attempts
The number of consecutive failed login attempts within the failed login time period before the account is automatically disabled. Once the account is disabled, it remains disabled until a user with the appropriate privileges enables it. An acceptable range for this value is a number between 1-100.
Failed Login Time Period (hours)
The amount of time (in hours) in which the user can have failed login attempts. An acceptable range for this value is a number between 1-24. If the maximum failed login attempts specified is, for example, three, and the failed login period is two hours, a user can login incorrectly twice during that two-hour time period, but after that two hours passes, the maximum failed login attempts allowed resets to three.
Improve web service API performance with reduced security auditing
Enable this option to prevent the logging of successful logins and failed login attempts.
As an administrator, you need to determine the roles to assign to your users. You will need to first create users who have administrative responsibilities such as installing agents and creating job template libraries. By default, the installation creates two default users: Admin and System. When creating a new user, the user's access to the menu items in the UI can be defined.
Caution: DO NOT DELETE THE SYSTEM USER, as this user is associated with maintenance templates that allow administrators to perform routine maintenance tasks on the Manager.
To specify a user's role:
Select the Roles tab, and set the user type to Full User or Guest User.
For a Full User, enable the role(s) you want to assign to the user. By default Administration Interface Login is enabled.
For a Guest User, in Account activates at, specify the date and time when the guest user account is valid and in Account expires at, specify the date and time when the account expires.
allows administrators access to users, user groups, agents, agent groups and Managers within their associated organization(s). By default, when the System Administrator role is selected, the Organization Administrator role is selected and cannot be disabled.
This role gives the user access to all organizations, users, jobs, views and any other objects.
This user has full Workflow privileges. This means this user can create, edit, manage, and schedule Workflows and users.
This user has limited Workflow privileges and is limited to editing Workflows, assigning users to Workflows and scheduling Workflows. This user cannot access the Job Template Library Service. On an upgrade, non-administrative users have this role enabled.
This role allows the user to edit and develop Workflow components for use in the Signiant Workflow canvas. Users who do not have Component Editor privileges can only build workflows; they cannot edit components.
Administration Interface Login
This role allows users to login to the Signiant Manager Web Interface.
Designates the user who is associated with all external jobs for tracking and monitoring purposes in the system. By default, this is the Admin user.
Note: External jobs are those from imported agents associated with other Managers. Only one Monitor User can exist in the system.
A guest user is a user whose access to the Signiant software is limited by a user-defined time. The guest user is designed primarily for use with the Signiant Media Exchange application, but can be used for non Media-Exchange users, if desired.
Unregistered Users (Media Exchange-only)
Unregistered users are created by existing Media Exchange-enabled users when they send packages to a user who is not a Signiant Media Exchange user. As soon as the Media Exchange package is sent to the unregistered user, the user appears in the Signiant user list, in the Manager UI. The user is identified as "New Guest User" and their user name is the email address specified in the Send To field in the Media Exchange package creation screen. The user's status is listed as "deactivated" until they respond to their Media Exchange delivery notification email and activate themselves. Once activated, they appear in the Signiant user list as activated, with the name they specified. Their username remains their email address. They now have access to the Media Exchange software, as well as limited access to the Signiant UI for a default period of 30 days.
A user group is a collection of users who share identical access privileges. User groups make it easier to assign identical access privileges to large numbers of users, and also assist in the use of the directory integration feature.
To add a user to a user group:
To remove a user from a user group:
Permissions allow administrators to control user and group access to management objects. Access permissions include Read, Edit, Delete, and Schedule Jobs. By default, all users are able to read and edit their own properties.
To assign user or group permissions:
To remove permissions, select the user or group in the Current Permissions list and click Remove.
Once you create a user, you can set access to the menu items. Note that when you're editing a user's settings you see only menu items explicitly assigned to that user. When the user logs in, he or she may see additional menu items that are the result of being a member of groups configured to provide additional access.
To assign menu items to users, select the Menu tab and select/deselect menu items as appropriate.
To give a user access to Media Exchange:
Navigate to Administration>Users>List.
Click Add to create a new user or click Edit to modify an existing user.
Select the Media Exchange tab and on the General tab.
Select Media Exchange Enabled.
Specify additional information required for agent browsing, transfer, privileges, and email notification.
Select the Notifications tab to configure user notifications when a user sends and receives a package.
In Package User sends, enable user notifications when a user sends a package.
By default the following options are selected:
In Package User receives, enable user notifications when a user receives a package.
By default the following options are selected:
Expand Channels and select the channels to which you want to subscribe the user. You do not need to select the sub-channels - these are automatically selected once you have saved your changes. Upon opening the Notifications tab a second time, you will see that the sub-channels for all selected channels are selected. When a new sub-channel is added, this is automatically selected for subscription as well. You do not need to continuously update channel subscriptions - this is done automatically for you and your users.