Home»Support»Frequently Asked Questions»Administrators and Users
  • Printer Friendly Version
  • Decrease Text SizeIncrease Text Size

Administrators and Users

Administrators and Users

Administrators, Users & Authentication.

      

How to set up Administrators or Users (Members) to your site. Please find a video below which explains this process (more instruction below this video):  

You also cannot view a users password, but you may reset their password.  Resetting a users password will generate an email notifying the user of their new password.  You also cannot change other users Usernames or Email Addresses.  This is designed to prevent administrators from hijacking users accounts.  If you could change their email address you could change it to your email address, reset their password, then log in as that user.
Items in the Personalization section control global site and console settings. They are created dynamically and may change from time to time.  If a new personalization item is added all existing users will automatically be assigned the default value of that item.  Personalization item documentation is a continuing project and can be found by clicking on or hovering over the attribute label.

Properties are also available in web sites only.  They are intended to create a custom set of attributes for each web sites users module.  The web site property 'User Properties File' defines the location of the properties XML file.  This web site property value can be changed for a custom set of user attributes.  These attributes will also be accessible from the web sites CDA.

 
These personalization features are more than just a dynamic way to add attributes to users.  The quick ability to add attributes combined with the data storage technique provide us with the ability to store different attribute sets within different users in a jagged pattern.  This means we can add attributes at will, and not all users are forced to have the same list of attributes.

The web site consoles users module maintains a few attributes that are not in other consoles.  The first is Integration Id which is used to maintain a reference to external authentication containers.  The concept is that the external system will be used to authenticate the user and return a unique identifier (Integration Id) for that user.  If the users integration id does not exist in the users module a new record will be created with that integration id.  The user can then manage their account within [cp:privateLabeling default='Centralpoint' key='ProductTitle' /] without the authentication credentials.

Web site users also have a Reviewer attribute.  This is the web site or master user which will be notified when the users submits a document.  Reviewers may also have reviewers, so when a document is submitted, all ancestor reviewers will be notified.  In some cases, reviewed users may not have permission to release documents to the web site.  The Allow Release attribute is used to suppress the users ability to release documents by hiding the appropriate attribute and initializing its value.  It is important that you do not give a reviewed user access to the users module.  If you do this, the reviewed user will be able to create a new unreviewed user and bypass the review process.

This module was developed with the intention of giving [cp:privateLabeling default='Centralpoint' key='ProductTitle' /] administrators the highest level of control over users while maintaining security and client confidence in the system.  On top of the basic user details we are now tracking user information like the last date the password was changed, the last date the user logged in, and the number of failed password attempts.

The [cp:privateLabeling default='Centralpoint' key='ProductTitle' /] users module was also designed to be a tiered login.  This means that accounts created in one console do not have to be duplicated in child consoles.  You may simply grant that user access to the child console as needed.  However, if a user is given access to a child console from a parent console they will be given administrative privileges to the child console and all of its descendants.
In order for force the User to reset password you need to change Locked Out = Yes and Configuration > Password Change Required = Yes. When user will try to login he will be forced to change his password.

Quick Administrator Setup

Role definitions

Administrators: access to all modules/navigation within a given console, regardless of what might be selected in "Console Navigation". Can add, edit, release and delete content.

Authors: access to only modules/navigation selected in the "Console Navigation" multi-select check box. Can add and edit content only. No delete or release privileges.

Delete Data: access to only modules/navigation selected in the "Console Navigation" multi-select check box. Can delete content only. No add, edit or release privileges.

Release Data: access to only modules/navigation selected in the "Console Navigation" multi-select check box. Can add, edit and release content only. No delete privileges.

Review Data: Used in conjunction with one or more of the roles above. Adds the user to the "Notify Reviewers" multi-select check box list at the bottom of every content module, allowing users to send a system-generated email to that administrator informing him/her that content is ready to be reviewed.

Change Users Password

Please reference the directions on the screenshot to manually change a users password.

Sending a user to this link, /audience-system-name/login.aspx?request=1 , will allow the user to receive a system generated / new password.

Access Tokens

When an administrator is in the Web API role an Access Tokens attribute will appear. Access tokens are used to secure methods created in Development > Web API. Clicking into the access tokens view provides an interface to generate and manage access tokens. These tokens are a security feature and should be treated as passwords. They should never be stored in plain text.

Master Console Roles

Below is a description of each role available to users created in a master console

Admins

Granted access to all Master console navigation items.

Limited Administrators

Granted access to all Master console navigation items except Users and Settings.

Deployers

Users who may add and remove web sites.

Developers

Provided additional access to development tools.