Managing User Accounts
Managing user accounts includes many functions and they are available to administrators only. This topic describes creating user accounts, editing the roles and groups for users, customizing the scheduling recipients for users, auditing users, and other user account functions.
To manage users, first select the realm in which the users are, then in the server console, point to Administration on the system toolbar and select Security > User from the drop-down menu to display the User page.
You can select the following links for the user management tasks:
- Creating a New User Account
- Editing a User Account
- Searching for Users
- Editing the Roles a User Holds
- Editing the Groups a User Belongs To
- Editing the Scheduling Recipients for a User
- Auditing a Specific User
- Changing the Password of a User
- Setting User Preferences
- Deleting a User Account
- Accessing a User's Personal Folders
Tip: To add or delete a user, you can also use URL commands directly.
- Select New User on the task bar. Report Server displays the New User dialog box.
- Provide the name, full name, description, e-mail address, and password for the new user as required.
- Select Account Disabled if you want to disable the user for the time being.
- The password never expires by default. Select Expires in N days and specify in how many days you want the password to get expired.
- The password can be blank and its length is unlimited by default. Select Minimum Length and type a number for the allowed length (the number should be between 0 and 20).
- By default, Logi Report will prompt the user to change the password after it gets expired or reset by the administrator. Clear the Ask user to change the password after expired check box and Ask user to change the password after reset by administrator If you do not want such prompt for the user.
- Select Publish and Advanced Properties to give the user the privileges of publishing resources to Logi Report Server and of viewing advanced resource properties information.
- Select OK to create the user. The new user is now added in the user table.
- In the user table, select the name of the user. Report Server displays the Edit User dialog box.
- Edit the user information as required.
- Select OK to accept the changes.
In the Search box, type the text of the user names you want to search for and the users containing the matched text will be listed. After typing text in the Search box, you can select that appears in the box to specify the following search options: Highlight All, Match Case, and Match Whole Word. To cancel the search operation, clear the text or select .
A user can be assigned more than one role. A user that holds multiple roles has all the privileges that these roles have.
To edit the roles a user holds, in the user table, select the roles link of the user. The role list of the user is then displayed.
The following shows the options in the role list:
|Search box||Searches for the required roles.|
|Name||Shows the name of the roles.|
|Built-in||Shows whether the role is a built-in role.|
|Remove||Click to remove the selected roles from the user.|
|Add Roles||Click to display the roles that can be added to the user.|
|Add||Click to add the selected roles to the user.|
You can edit the roles the user holds as follows:
To add a role to the user, select the Add Roles link, select the new role, and then select the Add button.
- To remove a role from the user, select the role and then select the Remove button. Once a role is removed from a user, the user will no longer have the privileges the role owns.
A user can be assigned to more than one group. A user that belongs to multiple groups has all the privileges that these groups have.
To edit the groups a user belongs to, in the user table, select the groups link of the user. The group list of the user is then displayed, which is similar to the role list as seen above.
You can edit the groups the user belongs to as follows:
- To add the user to a group, select the Add Groups link, select the new group, and then select the Add button.
- To remove the user from a group, select the group and then select the Remove button. Once a user is removed from a group, the user will no longer have the privileges the group owns.
Logi Report adopts permission control on the scheduling recipients each user can access, meaning when a user schedules a report task to publish the report results to e-mail, the user can send the report results to the e-mail addresses of the users, groups, and roles in the Logi Report Server security system, depending on the user's permission. The following are the basic rules on which users, groups, and roles are available as the scheduling recipients of a user by default:
- An admin user (the user with the "administrators" role) who does not belong to any organization can see all the users, groups, and roles in the Logi Report Server security system. The permission is unchangeable.
- A normal user (the user without the "administrators" role) can see himself only.
- An admin user in an organization can see all the users, groups, and roles in the organization. The permission is unchangeable.
- A normal user in an organization cannot see users, groups, and roles outside of the organization.
- A user, group, or role inherits the permissions from its parent users, groups, and roles.
An admin user can customize the scheduling recipients that are available to a normal user as follows:
- In the user table, select the recipients link of the user. Report Server displays the recipient list for the user.
The following shows the options in the recipient list:
Option Description Search box Searches for the required recipients. Name Shows the name of the recipients. Type Shows the type of the recipients: User, Group, or Role. Authentication Shows the recipients' authentication type: Local or LDAP. Remove Click to remove the selected recipients from the user. Add Recipients Click to display the recipients that can be added to the user. Add Click to add the selected recipients to the user.
- Select Add Recipients. Server displays the recipients that you can choose.
- Select the recipients that you would like to be accessible to the user.
- Select Add. Server displays a confirmation message. After you confirm, server moves the recipients you just selected to the recipient list above.
To remove a recipient from the user, select it in the above recipient list and then select Remove.
Then when the user schedules to publish the report results to e-mail, the user will be able to select the recipients from the Select Role, Group and User dialog box to use their addresses to send the e-mail.
You can have the server to audit a user, and the resulting information will be written into the log files. To audit a user:
- In the user table, select the Auditing link of the user in the Control column. Report Server displays the Auditing dialog box.
- Specify the events which you want to have audited for this user.
- Select OK to confirm the settings.
- In the user table, select the Change Password link of the user. Report Server displays the Change Password dialog box.
- In the System Administrator Password text box, type the password of the currently logged in user.
- Specify the new password for the user and confirm it by typing it a second time.
- Select OK to accept the changes.
- In the user table, select the Preference link of the user. Report Server displays the Preference dialog box.
- Specify the server preferences and Page Report Studio preferences for the user accordingly.
- Select OK to accept the changes.
If you find a user account is no longer required, you can delete it by selecting the corresponding Delete link in the Control column of the user table. However, the built-in user accounts such as admin and guest, and users that hold roles other than the everyone role, or that belong to any group, cannot be deleted. A user cannot delete himself from the user table either.
You can access and fully control other users' personal folders including My Reports and My Components, for example, you can edit the properties of the folders, remove the redundant folders when necessary.
- Open the file server.properties in the
<install_root>\bindirectory to add the property server.security.expose_my_folders=true manually.
- Restart Logi Report Server and go to the user table. The My Folders link is now available for each other user except yourself in the Control column of the table.
- Select the link for a user and the My Reports and My Components folders of the user are displayed. You can now perform on the folders with full permissions as the user does.