Managing User Accounts
Managing user accounts includes many functions and they are available to administrators only. This topic describes how you can create user accounts, edit the roles and groups for users, customize the scheduling recipients for users, audit users, and perform other user account functions.
To manage users, first select the realm in which the users are, then on the system toolbar of the Server Console, select Administration > Security > User from the drop-down menu to display the User page.
This topic contains the following sections:
- Creating a New User Account
- Editing a User Account
- Searching for Users
- Editing the Roles a User Holds
- Editing the Groups a User Belongs To
- Editing the Scheduling Recipients for a User
- Auditing a Specific User
- Changing the Password of a User
- Setting User Preferences
- Deleting a User Account
- Accessing a User's Personal Folders
Tip: To add or delete a user, you can also use URL commands directly.
- Select New User on the task bar. Server displays the New User dialog box.
- Provide the name, full name, description, email address, and password for the new user.
- Select Account Disabled if you want to disable the user for the time being.
- The password never expires by default. Select Expires in N days and specify in how many days you want the password to get expired.
- The password can be blank, and its length is unlimited by default. Select Minimum Length and type a number for the allowed length. The number should be between 0 and 20.
- By default, Logi Report will prompt the user to change the password after it gets expired or reset by the administrator. Clear the Ask user to change the password after expired check box and Ask user to change the password after reset by administrator If you do not want such prompt for the user.
- Select Publish and Advanced Properties to give the user the privileges of publishing resources to Logi Report Server and of viewing advanced resource properties information.
- Select OK to create the user. Server adds the new user in the user table.
- In the user table, select the name of the user. Server displays the Edit User dialog box.
- Edit the user information.
- Select OK to accept the changes.
In the Search box, type the text of the usernames you want to search for and Server lists the users that contain the matched text. After typing text in the Search box, you can select in the box to specify the following search options: Highlight All, Match Case, and Match Whole Word. To cancel the search operation, clear the text or select .
You can assign more than one role to a user. A user that holds multiple roles has all the privileges that these roles have.
To edit the roles that a user holds, in the user table, select the roles link of the user. Server displays the role list of the user.
The following table describes the options in the role list:
|Search box||Search for the required roles.|
|Name||Name of the roles.|
|Built-in||Show whether the role is a built-in role.|
|Remove||Select to remove the selected roles from the user.|
|Add Roles||Select to display the roles that you can add to the user.|
|Add||Select to add the selected roles to the user.|
You can edit the roles that the user holds:
To add a role to the user, select the Add Roles link, select the new role, and then select the Add button.
- To remove a role from the user, select the role and then select the Remove button. Once you remove a role from a user, the user will no longer have the privileges that the role owns.
You can assign more than one group to a user. A user that belongs to multiple groups has all the privileges that these groups have.
To edit the groups that a user belongs to, in the user table, select the groups link of the user. Server displays the group list of the user, which is similar to the role list of a user as above.
You can edit the groups that the user belongs to:
- To add the user to a group, select the Add Groups link, select the new group, and then select the Add button.
- To remove the user from a group, select the group and then select the Remove button. Once you remove a user from a group, the user will no longer have the privileges that the group owns.
Logi Report adopts permission control on the scheduling recipients each user can access, meaning when a user schedules a report task to publish the report results to email, the user can send the report results to the email addresses of the users, groups, and roles in the Logi Report Server security system, depending on the user's permission. The following are the basic rules on which users, groups, and roles are available as the scheduling recipients of a user by default:
- An admin user (the user with the "administrators" role) who does not belong to any organization can see all the users, groups, and roles in the Logi Report Server security system. The permission is unchangeable.
- A normal user (the user without the "administrators" role) can see themselves only.
- An admin user in an organization can see all the users, groups, and roles in the organization. The permission is unchangeable.
- A normal user in an organization cannot see users, groups, and roles outside of the organization.
- A user, group, or role inherits the permissions from its parent users, groups, and roles.
An admin user can customize the scheduling recipients that are available to a normal user:
- In the user table, select the recipients link of the user. Server displays the recipient list for the user.
The following table describes the options in the recipient list:
Option Description Search box Search for the required recipients. Name Name of the recipients. Type Type of the recipients: User, Group, or Role. Authentication Recipients' authentication type: Local or LDAP. Remove Select to remove the selected recipients from the user. Add Recipients Select to display the recipients that you can add to the user. Add Select to add the selected recipients to the user.
- Select Add Recipients. Server displays the recipients that you can choose.
- Select the recipients that you would like to be accessible to the user.
- Select Add. Server displays a confirmation message.
- After you confirm, server moves the recipients you just selected to the recipient list above.
- To remove a recipient from the user, select it in the above recipient list and then select Remove.
Then when the user schedules to publish the report results to email, the user will be able to select the recipients from the Select Role, Group and User dialog box to use their addresses to send the email.
You can have Server to audit a user and record the resulting information into the log files. To audit a user:
- In the user table, select the Auditing link of the user in the Control column. Server displays the Auditing dialog box.
- Specify the events which you want to audit for this user.
- Select OK to confirm the settings.
- In the user table, select the Change Password link of the user. Server displays the Change Password dialog box.
- In the System Administrator Password text box, type the password of the currently signed-in user.
- Specify the new password for the user and confirm it by typing it a second time.
- Select OK to accept the changes.
- In the user table, select the Preference link of the user. Server displays the Preference dialog box.
- Specify the server preferences and Page Report Studio preferences for the user accordingly.
- Select OK to accept the changes.
If you find a user account is no longer required, you can delete it by selecting the corresponding Delete link in the Control column of the user table. However, you cannot delete the built-in user accounts such as admin and guest, and users that hold roles other than the everyone role, or that belong to any group. You cannot delete yourself from the user table, either.
You can access and fully control other users' personal folders including My Reports and My Components, for example, you can edit the properties of the folders and remove the redundant folders when necessary.
- Open the file server.properties in the
<install_root>\bindirectory to add the property server.security.expose_my_folders=true manually.
- Restart Server and go to the user table. The My Folders link is now available for each other user except yourself in the Control column of the table.
- Select the link for a user. Server displays the My Reports and My Components folders of the user. You can now perform on the folders with full permissions as the user does.