Overview
The Accounts card and Account Settings menu bar let admin users manage existing users and create new users for a given service. Accounts pages can be only accessed if the user has the proper permissions on at least one of the services defined in Admin Console supported services. “Read User”, “Create User” and “Update User” permission or “Create and invite users in any service” 1 in “myTC Account Administration” service are required to manage users. The table below describes what an admin user can do with a given permission.
Admin Console Task | “Read user account” Permission | “Create and Invite user” Permission | “Update User Accounts” Permission | “Create and invite users” 1 |
Access user list | X |
|
|
|
Invite user to service |
| X |
| X |
Activate/Deactivate user | X |
| X |
|
Edit user | X |
| X |
|
1 Note on the use of “Create and invite users in any service” permission:
“Create and invite users in any service” (sometimes referred to as the “Master permission”) is a special permission in the “myTC Account Administration” service. Users with the “Create and invite users in any service” permission can invite any user (the current version only supports internal users) to in any of the services defined in the Admin Console supported services. However, the “Create and invite users in any service” is not a master permission, to view and edit users (and in some cases delete), the admin user still requires the “read/add/update/delete” permissions. This is a deliberate design, allowing service admins to manage their own users while when needed, users with this special permission can assume the service admin role by enrolling his/her own account to any of the services defined in Admin Console supported services which they want to manage. While enrolling his/her own account to assume the service admin role, the user still needs the “Read user account”, “Create and Invite user” and “Update User Accounts” permissions. Without these permissions, even after enrolling themselves in a service, the admin user cannot read or manager users. Moreover, if such a user also wanted to manage other resources, for example “Email Templates” or “Outage Notices” or “Settings” then those permissions would need to be assigned well.
Manage Users / Account Settings
The Manage Users card or Account settings menu bar display the list of internal users. User information consists of user name, services, permissions and status. Note that only services where the admin user has read permission are displayed. If the admin user does not have update user account permission for a service, the Activate / Deactivate button will not be displayed. In the screenshot below, the admin user cannot activate or deactivate a user in the RTMR service. Furthermore, the “Invite New Member” button is displayed if the admin user has Create user permission.
Create/Invite New User
The Invite New Member button on the user list page and the Add New User button (Accounts card in home page) links to the invite page and allows the admin user to invite a user. This function aims at enrolling a new user to services in MTOA, as well as granting permissions for a given service. To invite a user, you should first search for that user.
Related Permissions/Services
Either “Create and Invite Member permission” on at least one service or “Create and Invite user in any service” in “myTC Account Administration” service.
In myTC Account Administration service, “Create and invite users in any service” permission in “myTC Account Administration” service allows a user to change their own permissions.
The steps to invite a member (new or existing internal user) to a specific service are:
Step 1: Enter the member username or email in the search box and click on Search.
Step 2: If the user is found, their account details are displayed and two optional fields for phone number and PKI are shown.
Step 3: Select a service.
Step 4: Click Continue to display permissions for the selected service.
Step 5: Click Invite to invite the user.
Note: If the telephone number has been entered or modified with an invalid format, the form will not be submitted and an error message will be displayed.
Member Email Address or TC\Username
Enter a Windows user name or email address. You can include “TC\” at the beginning of user name to perform the search. If TC\ is not included, then it gets prepended to the Windows user name. For example if you search for “myusername”, a search will be performed on “TC\MYUSERNAME”. This field is required and is case insensitive. The search is first performed in the MTOA database; if unsuccessful, it will search the TC Directory. If the user is not found, an appropriate message is displayed. If found, account details will be displayed on the page.
The user is not found
The user is found.
Service not selected | Service selected |
 |  |
Telephone Number and PKI are optional fields. For most services, PKI is optional, however to enroll an internal user in service like IZEV which needs PKI, administrators should make sure to assign a PKI so that enrolled internal users can access their service.
Telephone number must match Canadian format: 6139999999 / 613 999 9999 / (613) 999 999 / 613-999-9999 / (613) 999-9999.
Service
Services displayed in the dropdown list are those to which the user is not yet enrolled and the admin user has update permission. Once a service is selected, the Continue button will be enabled. Click on Continue to display permissions according to the selected service.
Note: With create and update user permission, the admin user can manage all permissions in given service.
Invite
This button adds a user to a service in MTOA if they are found in the TC Directory and they are not yet in the MTOA database. If the user is already in MTOA, they will be updated with the new service and permissions.
Cancel
By clicking on the cancel button, you stop the process and you are redirected to the user list page.
Edit
Clicking on the Edit button takes you to edit user page. On the edit page, admin users can manage service specific permissions, the user status, and telephone number. The Admin user must have update user permission to perform these actions. Without the permission, the status will be read-only. The user status can be either active or inactive.
Related Permissions/Services
Either “Update user account” in “Admin Console Supported Services”
Admin user has update user account permission | Admin user does not have update user account permission |
 
|   Note: Permissions are greyed out |
Save Changes
If the admin user has update user account permissions a Save Changes button is displayed. Once the changes are saved, the admin user is redirected back to the user list page.
Cancel
The process of editing a user is cancelled and you are redirected to the user list page.
Internal User Search
Internal Users can be searched from the “Internal Users List” tab. For details on Internal Users List see “Manage Users / Account Settings”.
Support
Internal user search is supported in Admin Console v1.2 or higher.
Related Permissions/Services
In order to search internal users, the Admin Console user must have a read user permission in at least one supported service.
From top menu area, click “Account Settings” or from home page of Admin Console click on “Manage Users” button shown on “Accounts” card
Enter the user name or email address in the “Search for internal users” text box
Click the search button or hit Enter while staying in search field.
This searches internal users by matching beginning letters in one or more of following fields:
· First name
· Last name
· Windows Account name
· Internal user’s email
The current search behavior is as follows:
Admin Console lists users from only those services where an Admin Console user has read users permission
Leading and trailing spaces will be removed before searching
To limit search results, the search term needs to be a minimum of two characters (the "TC\" domain prefix will be ignored)
The search result will include internal users matching "first name"/"last name"/email/"windows user name" starting with entered search term
The matching result will ignore case
Note: accents must be specified while searching internal users
Activate / Deactivate
Activate or Deactivate allows administrators to change the user’s status to active or inactive. This action requires the update user account permission.
