Creating iMIS user records

iMIS user records control what users can see and do in every view of iMIS. Each user record is linked to two others: a contact record (defined in Customers) and an ASP.NET authentication record.

  • First, you create a contact record for a new user, with descriptive, address, and demographic information.

    • Note: Never create contact records for Administrator or Manager: iMIS automates this for you.

  • Next, you create a user record and link it to the new contact record, matching logon/password to that of the contact record under Name_Security.
  • Lastly, creating the user record triggers iMIS to create the needed authentication record in the ASP.NET authentication store, to authenticate users when they log on to iMIS. (Because other ASP.NET applications share the authentication store, iMIS cannot delete authentication records.)

Note: Remember that everything in iMIS that uses the keyword logon relates to the user records in the ASP.NET authentication store.

To create user records

You generally need to create user records only for Full and Casual users.

Note: To create multiple user records faster, use the User Credentials button in the Manage Customers window; this lets you create a new contact record and jump directly User Credentials without leaving Customers.

  1. If you are creating a set of user records, back up your iMIS database.
  2. Launch iMIS Desktop and log on as MANAGER.
  3. From Customers > Manage Customers, define (or find) a contact record for the user.

    4. When you click Save, the new contact record appears in the history area.

  4. Click User Credentials to jump directly to User Credentials setup (System Setup > Security Administration > Users).
  5. On the Users window, find the contact.
    • In the View drop-down list, select Contacts:

    Select Users only to change an existing user record.

    • Enter search criteria and click go.

    In the results list, the check in the Public User, Casual User, or Full User column marks which user class is currently assigned.

    Upgrades from 10.6: Records are set to Disabled because you need to allocate your named licenses before enabling them.

    • Select the record from the results list, and click the Select icon.
  6. If you are creating a new user record, add logon information.
    • In the Logon field, click the Add icon.
    • In the Create User Logon window, define a Logon Name, Password (minimum: 6 chars and one non-alpha), and E-mail address.
    • Click Create User.

    An authentication record for this logon is created in the ASP.NET authentication store.

  7. In the User Class field, choose the user class (Public, Casual, or Full).

    8. (Full or Casual) iMIS opens the User Access area (for web permissions) and prompts you to save before continuing.

    Note: Any Full user can see the User Credentials area if they have been granted Authorization level 4 or higher for Sys Mgmt., and if they have been granted any relevant access keyword for Name Internet Security Data (iMIS Customers > Set up module > General > Access Keys). However, only Full users who are members of the SysAdmin role can see the User Access section.

  8. Scroll to the bottom of the window and click Save.
    • Success: If the user class is not maxed out for named licenses, the user record is created and the User Credentials area expands.
    • Failure (error message): If the user class is maxed out, no user record is created. When you recreate a user record for this contact record (by picking a different class or increasing your license counts), be sure to click the Link this contact… icon in the Logon field and specify the logon that you created during the first attempt.
  9. (Full or Casual only) Add role, group, module authorization, and access keywords as needed.
    • In the User Information area, add the user to a role or group.
    • In the Staff Access area, set authorizations, customer type restrictions, and any access keywords.
    • Set authorization levels for each listed feature. (See Authorization levels: Desktop views)
    • (optional) In the Specific Types field, restrict the user’s access by specifying a comma-delimited list of the only customer types that this user can edit in Customers.
    • (optional) Click next to the Access Keywords field and enter access keywords, if any. (See Access Keywords in Customers in System Setup.)
    • Click Save.

    Note: How or whether user-specific authorization levels apply might differ between staff and administrative views. For more, see Security Administration.

  10. Test the ability of this user to log on with the associated authentication record.
    • Staff view: browse to iMIS and log on.
    • Administrative view: choose File > User Id and log on.

More:
User-level security: Roles and Groups
Securing logons and authorization persistence