Overview
The Accounts card and Account Settings Accounts menu bar let admin users administrators manage existing users and create new users for a given service. Accounts These pages can only be only accessed if the user administrator has any of the proper following permissions on at least one of the services defined in Admin Console supported services. “Read User”, “Create User” and “Update User” permission or “Create MTOA supported service:
Create User
Read User
Update User
Create and invite users in any
...
service
The table below describes what an admin user administrator can do with a given permission.
Admin Console Task | “Read user account” Permission | “Create Read User | Create and Inviteuser” Permissionuser | “Update Update UserAccounts” PermissionAccounts | “Create Create and inviteusers”users 1 |
Access user list | X |
|
|
| |
Invite user to service |
| X |
| X | |
Activate/Deactivate user | X |
| X |
| |
Edit user | X |
| X |
|
...
“Create and invite users in any service” (sometimes referred to as the “Master permission”) is a special permission in the “myTC Account Administration” service. Users with the “Create and invite users in any service” permission can invite any user (the current version only supports internal users) to in any of the services defined in the Admin Console supported services. However, the “Create and invite users in any service” is not a master permission, to view and edit users (and in some cases delete), the admin user administrator still requires the “read/add/update/delete” permissions. This is a deliberate by design, allowing service admins administrators to manage their own users while when needed, users with this special permission can assume the service admin administrator role by enrolling his/her their own account to any of the services defined in Admin Console supported services which they want to manage. While enrolling his/her their own account to assume the service admin administrator role, the user administrator still needs the “Read user account”, “Create Read User, Create and Invite user” User and “Update Update User Accounts” Account permissions. Without these permissions, even after enrolling themselves in a service, the admin user administrator cannot read or manager manage users. Moreover, if such a user If such an administrator also wanted to manage other resources, for example “Email Templates” Notifications” or “Outage Notices” “Notices” or “Settings” “Service Settings” then those permissions would need to be assigned well.
...
The Manage Users card or Account settings menu bar display the list of internal users. User information consists of user name, services, permissions and status. Note that only Only services where the admin user administrator has read permission are displayed. If the admin user administrator does not have update user account permission Update User permissions for a service, the Activate / Deactivate button will not be displayed. In the screenshot below, the admin user administrator cannot activate or deactivate a user in the RTMR service. Furthermore, the “Invite New Member” button is displayed if the admin user has Create user permission.
...
Create/Invite New User
The Invite New Member button on the user list page and the Add New User button (Accounts card in home page) links link to the invite page and allows the admin user administrator to invite a userusers. This function aims at enrolling a new user is used for enrolling new users to services in MTOA, as well as granting permissions for a given service. To invite a user, you should first search for that userservices.
Related Permissions/Services
Either “Create and Invite Member permission” on at least one service or “Create and Invite user in any service” in “myTC Account Administration” service.
In myTC Account Administration service, “Create and invite users in any service” permission in “myTC Account Administration” service allows a user to change their own permissions.
...
Enter a Windows user name or email address. You can include “TC\” at the beginning of user name to perform the search. If TC\ is not included, then it gets prepended to the Windows user name.
For example if you search for “myusername”, a search will be performed on “TC\MYUSERNAME”. This field is required and is case insensitive. The search is first performed in the MTOA database; if unsuccessful, it will search the TC Directory. If the user is not found, an appropriate message is displayed. If found, account details will be displayed on the page.
...
Services displayed in the dropdown list are those to which the user is not yet enrolled and the admin user administrator has update permission. Once a service is selected, the Continue button will be enabled. Click on Continue to display permissions according to the selected service.
...
Note: With create and update user permissionpermissions, the admin user administrator can manage all permissions in given a service.
Invite
This button adds a user to a service in MTOA if they are found in the TC Directory and they are not yet in the MTOA database. If the user is already in MTOA, they will be updated with the new service and permissions.
...
Clicking on the Edit button takes you to edit user page. On the edit page, admin users administrators can manage service specific permissions, the user status, and telephone number. The Admin user administrator must have update user permission Update User permissions to perform these actions. Without the permission, the status will be read-only. The user status can be either active or inactive.
Related Permissions/Services
Either “Update user account” in “Admin Console Supported Services”
Admin user has update user account permission | Admin user does not have update user account permission |
 
|   Note: Permissions are greyed out |
...
Internal user search is supported in Admin Console v1.2 or higher.
Related Permissions/Services
In order to search internal users, the Admin Console user must have a read user permission in at least one supported service.
...
The current search behavior is as follows:
The Admin Console lists users from only those services where an Admin Console user has read users Read Users permission
Leading and trailing spaces will be removed before searching
To limit search results, the search term needs to be a minimum of two characters (the "TC\" domain prefix will be ignored)
The search result will include internal users matching "first name"/"last name"/email/"windows user name" starting with entered search term
The matching result will ignore case
...