When editing a user, there are 5 tabs (sections) associated with the user. These tabs are for:
- Basic Information
- Password Management
- Group Assignment
- Individual Rights and Actions
- Individual Document Access
[INFO] Basic Information:
This section provides basic name and contact information for the user.
- There are 4 required fields this section. These fields are:
- Email Address
- First Name
- Last Name
- Office Assignment
- All other fields are optional
- When assigning a user to an office, if the "Locked" checkbox is checked, the user will be prevented from accessing other office queues in both Batch Processing and Drop Box. This setting has no effect on the users access to registered documents.
- The "Send From" field can only be set by the administrator, but if set, is the email address used by the user to send emails. This can be helpful in cases like when an intern should be setup in the system, but their outbound emails should appear to come from another user.
- Comments are only for general administrative notes, but are visible by the user when they view or update their preferences.
[PASSWORD] Password Management:
- Password security and complexity settings are defined in the Security Settings selection.
- Administrators can set (or reset) a users password from this screen, though, sending the user a password reset email is the preferred method.
- Administrators can enable Two-Factor Authentication (2FA) options in this section, which will send the user a one-time access code in order to login to the system. 2FA options include:
- Text Messaging (requires a SMS capable phone defined under the INFO tab)
- Email Approval
- Google Authenticator (this is not able to be enabled by the administrator, as it requires the user to capture the secret key barcode on their phone)
[GROUPS] Group Assignment:
The preferred method of controlling system wide rights and actions along with document access is via group membership assignment.
- When adding a new user, group access can be assigned to easily grant specific access to functions and documents within DynaFile
- Users can belong to multiple groups, if necessary, which will compound on each other, escalating the users effective permissions and access.
- To assign a user to an existing group, click the 'Add Group(s)' icon . From there, Group permissions can added.
[RIGHTS] Individual Rights and Actions:
- While rights and actions should be defined at the group level, you can escalate a users permissions on this tab, allowing them additional rights.
- System Access Rights control which "sections" of DynaFile that the user has access to.
- Document Control Actions control what the user can do to any individual document that they can access.
- Hovering over each right or action will provide a detailed description as to the effective result of assigning the right or action.
[ACCESS] Individual Document Access:
- A user’s document access should primarily be controlled through their assigned group(s) and only in limited circumstances should additional document access be granted at the user level (which will add to their group access). Examples of this may include:
- A "Managers" group might be created to control Document Type access, but does not define Department access. In this case, you would assign view permissions to a specific manager at the user level for their respective department.
- A payroll supervisor might belong to a "Payroll" group that defines specific viewing of Document Types for most payroll users, but this supervisor user needs to have modify permissions to a few more of the assigned Document Types.
- Selection of Access Rights is accomplished using the Multi-Item Selection method.
- This section will also allow you to view or remove Specific Document Access for the group.
- A detailed description of how to properly assign access is outlined in the Group Administration section.