Overview
The Accounts card and Account Settings menu bar let admin users manage existing users and create new users for a given service. Accounts pages can be only accessed if the user has the proper permissions on at least one of the services defined in Admin Console supported services. “Read User”, “Create User” and “Update User” permission or “Create and invite users in any service” 1 in “myTC Account Administration” service are required to manage users. The table below describes what an admin user can do with a given permission.
Admin Console Task | “Read user account” Permission | “Create and Invite user” Permission | “Update User Accounts” Permission | “Create and invite users” 1 |
Access user list | X |
|
|
|
Invite user to service |
| X |
| X |
Activate/Deactivate user | X |
| X |
|
Edit user | X |
| X |
|
1 Note on the use of “Create and invite users in any service” permission:
“Create and invite users in any service” (some time referred as the Master permission) is a special permission in “myTC Account Administration” service. Users with “Create and invite users in any service” permission can invite any (current version only support internal users) user to in any of the services defined in Admin Console supported services on page 18. However, “Create and invite users in any service” is not a master permission, to view and edit user and in some cases delete, such user still needs service specific “read/add/update/delete (where applicable)” permissions. This is a deliberate design, allowing service admins to manage their own users while when needed users with this special permission can assume service admin role by enrolling his/her own account to any of the services defined in Admin Console supported services on page 18, which they want to manage. While enrolling his/her own account to assume service admin’s role, such user still need “Read user account”, “Create and Invite user” and “Update User Accounts” permissions, without which even after enrolling themselves in a given service, such user cannot read or manager users. Moreover, if such user also want to manage other resources for example “Email Templates” or “Outage Notices” or “Settings” then such user need to assign those permissions as well.
Manage Users / Account Settings
Manage Users card or Account settings menu bar displays the list of internal user’s info. User’s info consists of user’s name, services, permissions and status. Note that, only services where the admin user has read permission are displayed. Furthermore, if the admin user does not have update user account permission for a service, Activate / Deactivate button will not be displayed. In the screenshot below, the admin user cannot activate or deactivate a user in RTMR service. Furthermore, “Invite New Member” button is displayed if admin user has Create user permission.
Create/Invite New User
Invite New Member button on user list page and Add New User button (Accounts card in home page) take you to the invite page and allow admin user to invite a user. Inviting is a progressive reveal process on the same page. This function aims at enrolling a new user to services in MTOA, eventually grant some permissions for a given service. To invite a user, you should first search for that user.
Related Permissions/Services
Either “Create and Invite Member permission” on at least one of the services defined in Admin Console supported services on page 18 or “Create and Invite user in any service” in “myTC Account Administration” service.
In myTC Account Administration service, “Create and invite users in any service” permission in “myTC Account Administration” service allows a user to change his own permissions.
Following are the steps to invite a member (new or existing internal user) to a specific service:
Step 1: Create and Invite Member permission is required or a user with a special permission “Create and invite users in any service” permission in “myTC Account Administration” can also Create/add or Invite an internal user to any of the services defined in Admin Console supported services on page 18.
Step 2: Insert the member username or email in the search box and click on search.
Step 3: if the user is found, his account details are displayed and two optional fields for phone number and PKI are also available. Otherwise, an appropriate error message will be displayed.
Step 4: Select a service. Continue button is now enabled.
Step 5: Click on Continue to display permissions according to the selected service and Invite button is displayed.
Step 6: Click on Invite button to invite a user. Note, if the telephone number has been entered or modified with an invalid format, the form will not be submitted and an error message will be displayed.
Member Email Address or TC\Username
Enter a Windows user name or email address. You can include “TC\” at the beginning of user name to perform the search. If TC\ is not included, then it gets appended to the Windows user name. For example if you search for “myusername”, a search will be performed on “TC\MYUSERNAME”. This field is required and is case insensitive. Search is performed first in MTOA database. If unsuccessful, it will pursue to TC Directory. If the user is not found, an appropriate message is displayed. If found, account details will be displayed on the page.
The user is not found
The user is found.
Service not selected | Service selected |
Telephone Number and PKI are optional fields. For most services, PKI is optional, however to enroll an internal user in service like IZEV, which need PKI, administrators of such service should make sure to assign PKI so that enrolled internal users can access their service. Telephone number must match Canadian format: 6139999999 / 613 999 9999 / (613) 999 999 / 613-999-9999 / (613) 999-9999.
Service
Services displayed in the dropdown list are those to which the user is not yet enrolled and the admin user has update permission. Once a service is selected, Continue button will be enabled. Click on Continue button to display permissions according to the selected service.
NB: With create and update user permission, admin user can manage all permissions in given service.
Invite
This button adds a user to a service in MTOA if he is found in TC Directory and he is not yet in MTOA. If the user is already in MTOA, he will be updated with his new service and permissions. The form is submitted only if the telephone number format is valid.
Cancel
By clicking on cancel button, you stop the process and you are redirected to the user list page.
Edit
Clicking on Edit button takes you to edit user page. On edit page, admin user can manage service specific permissions and user’s status and telephone number. Admin user must have update user permission to perform these actions. Without the permission, the status will be read only. User’s status can be either active or inactive.
Telephone number must match Canadian format: 6139999999 / 613 999 9999 / (613) 999 999 / 613-999-9999 / (613) 999-9999.
Related Permissions/Services
Either “Update user account” in “Admin Console Supported Services”
Admin user has update user account permission
| Admin user does not have update user account permission
|
| NB: Permissions are greyed out |
Save Changes
It is displayed if admin user has update user account permission. He can save changes made for a given user. Once the changes are saved, admin user is redirected to user list page.
Cancel
The process of editing a user is cancelled and you are redirected to the user list page.
Go back to User List
It is displayed if admin user does not have update user account permission. Admin user has to go back to user list page.
Internal User Search
Internal Users can be searched from the “Internal Users List” tab. For details on Internal Users List see “Manage Users / Account Settings” on page 5.
Support:
Internal user search is supported in Admin Console v1.2 or higher.
Related Permissions/Services
In order to search internal users, Admin Console user must have “Read User” in at least one of the “Admin Console Supported Services”
From top menu area, click “Account Settings” or from home page of Admin Console click on “Manage Users” button shown on “Accounts” card
This opens “Account Settings”
At present there is only “Internal Users List” tab, which by default already activated
To search user in type search value in free search text box with “Search for internal users”
Click on search button or hit enter while staying in search field, which searches internal users by matching
beginning letters in one or more of following information:
· First name
· Last name
· Windows Account name
· Internal user’s email
The current search behavior is as follows:
Admin Console lists users from only those services where an Admin Console user has "ReadUsers" permission
leading and trailing spaces will be removed before searching "SearchValue"
to limit search result, entered search term need to be minimum two characters in length after trimming "SearchValue"
While counting 2 characters length above "TC\" domain prefix will be ignored
prefixing "TC\" is optional while searching internal users by windows user name
Search result will include internal users matching "first name"/"last name"/email/"windows user name" starting with entered search term
Matching result will ignore cases however where applicable
accents must be specified while searching internal users
Activate / Deactivate
Activate or Deactivate a user allows you to change the user’s status to active or inactive. This action requires update user account permission. If the user is Active, the button label will be set to Deactivate User, but if he is Inactive, the label will be set to Activate User.