The Security Core Information screen is the first setup screen for a user ID.
Note: Field names on the screen with red labels* are required by the screen design you are using. Mandatory fields in the default Vermont Systems design are noted where appropriate. Your design and mandatory fields may vary.
Note: Deleting USER IDs versus Inactivating USER IDs for personnel that leave an organization is a matter of preference. When you delete a User ID, the system does NOT go through all of the tables where that particular USER ID was used during a Daily Processing transaction; therefore some reports will continue to display the deleted USER ID as it always did, versus a '?' that you might find in place of the USER ID in other reports.
Many customers do delete USER IDs so that the ID could potentially be used again later, but this can be difficult when looking at historical transactions, because when a transaction is processed, the system puts the USER ID on the history record and not the name of individual linked to it. Therefore if you end up reusing IDs, it could be confusing as to who actually did the transaction. In this situation you would want to keep track of who is linked to a particular USER ID during particular time periods by printing the Security File Listing.
The user ID can be up to 10 characters; this gives you more flexibility in creating unique USER IDs, so there is not necessarily a reason to "recycle" them. You could consider keeping IDs with a status of Inactive after the user is no longer with the organization so that you have a historical record of that person being in the system. Typical preference is to delete users so it is easier to manage the security file table ? you could inactivate them initially and keep them in the system for the current fiscal year, so if you have to go back and print reports on questionable transactions, you still have the user in the system to know exactly who it is. Then, at the end of the year you could delete them. Either way, it is important to run the Security File Listing on a periodic basis, so that you have a hard copy of which users were in the system at any given time.
Other Buttons on this Screen.
-
Build Windows User List - If you have an Active Directory profile linked within Profile Assignments, click this button to display a list of all Windows user logins that are allowed to log into RecTrac. Then expand the Drop-down list and select the appropriate User ID.
See Also: Topic Doc - Single Sign On - Create/Update Biometric Data - If you utilize biometrics for employee logon, click this button to capture the employee's fingerprint data. You must be linked to a valid Input-Logon Profile to use this option.
-
No Biometric Data/Delete Biometric Data - This button indicates whether a user has biometric data stored. If this user does not have data linked, the button is disabled and labeled "No Biometric Data." If this user has data the button, then the button is active and labeled "Delete Biometric Data." Clicking the "Delete" button removes any stored biometric data.
See Also: Topic Doc - M2Sys Fingerprint/Finger vein Reader Installation (Under Construction).
From the bottom of the screen….
Click Save to save any changes. You will be returned to the User Management DataGrid.
Click Cancel to return to the User Management DataGrid without saving your changes.
Core
User Name (SASECURITYFILE_UserName)
If you are creating a new User ID, enter a User Name for this individual. For Example: John.M117).
This field will accept up to 100 alpha-numeric characters of the following format: A-Z, a-z, 1-0, <space>, !@# $ % ^ ( ) - _ + : ; and a period (.).
For purposes of reporting (User ID is a common report field), VSI recommends keeping User IDs to 10 characters or fewer to avoid truncating the record.
If you are updating an existing record, you will not visit this field.
DeleteStatus (SASECURITYFILE_RecordStatus)
Expand the Drop-down list to select the Status for this User ID:
- Active - This User ID is active and may be used for login.
- Inactive - This User ID is inactive. Inactive User IDs cannot log in to RecTrac.
Note: Deleting or inactivating a user's RecTrac account promptly ends any of that user's open RecTrac sessions, simultaneously suspending their ability to interact with any open sessions further.
Password Changed Date (SASECURITYFILE_PasswordChangedDate)
You will not visit this field.
This field displays the date on which this User's RecTrac password was last changed.
DeletePassword (SASECURITYFILE_Password)
Enter a password for this user.
Passwords in RecTrac are case-sensitive. Password parameters (minimum length, minimum characters and numbers, expiration warning days, etc...) are maintained on the RecTrac Password Settings Group of the Static Parameters Profile.
Valid characters are:
- a-z
- A-Z
- 1-0
- ! @ # $ % ^ & * ( )
- Period (.) plus (+) minus (-) and forward slash (/) are also valid.
Note:
Passwords are masked in RecTrac. Passwords in RecTrac appear either as a series of "pipes" or dots in password fields (i.e. | | | | | or •••••).There is no Permission that allows you to see an actual password. There is no Report in RecTrac that will display a password.
Additionally RecTrac user passwords and WebTrac user passwords are encrypted based on the configuration settings as maintained on your Encryption profile.
Confirm Password (SASECURITYFILEUPDATE_CONFIRMPASSWORD)
Re-enter the User's Password in this field exactly as it was typed in the previous field.
Note:
Passwords are masked in RecTrac. Passwords in RecTrac appear either as a series of "pipes" or dots in password fields (i.e. | | | | | or •••••).There is no Permission that allows you to see an actual password. There is no Report in RecTrac that will display a password.
Additionally RecTrac user passwords and WebTrac user passwords are encrypted based on the configuration settings as maintained on your Encryption profile.
User Group(s) (SASECURITYFILE_MenuGroups)
Select the Menu Group(s) to which this User will be linked. This is a mandatory field for the default Vermont Systems design. Your design and setup may vary.
This will link the user to menu group(s) and the user's menus and hot keys will mirror those of the menu group(s) selected.
If a User ID is linked to multiple menu groups (i.e. more than one) the user will be prompted to select a menu group when logging into RecTrac.
DeletePermissions List (SASECURITYFILE_Permissions)
Click in the Combo Box icon to select the Permissions code(s) you want to apply to this User ID.
Permissions allow you to control which users can view, add, modify, and/or delete records on browsers and picklists, etc. These are called Access Rights and they are maintained on the Table Permissions tab of the Permissions profile
Note: You can leave this field blank if desired. When this field is blank the system skips the Permissions check for this record. In that event all users will have access to this record provided their Access Rights for the module allow for it.
Email Address (SASECURITYFILE_EmailAddress)
Enter an email address for this User, if desired. The email address entered here is used for:
- The default To:" address for any Reports run by this User. The default "To" address can be overwritten on the fly if needed.
- Password Reset emails sent to this User ID. Password Reset emails can be sent when a User clicks Password Reset at the main Login screen or by using either of the Email Login URL options on the main DataGrid of this program.
- Send emails to this User ID from any RecConnect report that includes User IDs in the RecConnect Results.
The system will alert you if the address you enter seems invalid due to selected criterion such as lack of an '@' symbol lack of a valid extension (i.e. .com.org.edu etc…) invalid characters etc….
Leave this field blank to omit an email address for this user. Should this field be left blank all options listed above are invalidated.
Note: Your entry in this field has no impact on "From" email addresses for reports receipts or other emails sent from RecTrac. "From" email addresses are maintained on the Email profile.
Workstation List (SASECURITYFILE_WorkstationList)
Click the Picklist icon to select a workstation/workstations as desired. IF RecTrac cannot determine the workstation being used when this User ID logs in, the user will be allowed to choose from the list of workstations in this field.
Note: This is primarily designed for Mobile RecTrac devices such as SmartPhones where it is unlikely RecTrac will be able to determine a "workstation" but the user still wants the ability to use a workstation-like level in Profile Assignments for purposes of drawer numbers etc....
Button/Miscellaneous Override Codes (SASECURITYFILE_GroupGlobalSalesPermissions)
Click the Picklist icon to select the applicable Override Codes you wish to link to this User ID. The codes you select here apply to the Buttons and Miscellaneous Permissions defined on the Buttons/Misc Permissions tab of the Permissions profile to which this User ID is linked.
When Buttons or Miscellaneous Permissions are set to Yes - With Matching Permissions the system looks at the Override Code(s) entered in the Override Codes field for the button or permission and the Override Code(s) entered here. If a match is found the user may bypass the restriction. One match only is needed.
Override Codes are maintained in System Code Managment. Code Type=Override.
For Example: You have the following Override Codes in your database: MANAGER and CLERK. On your Permissions profile the Cancel with Dependencies permission is set to Yes - With Matching Codes. The Override Code for that permission is MANAGER.
- User ID LorettaM has the CLERK Permission Code in this field on her User ID Record. When processing a transaction LorettaM could NOT override the Cancel with Dependencies permission because the CLERK code entered here does not match the MANAGER code entered as the Override Code for the Cancel with Dependencies permission.
- User ID PennyL has the MANAGER Permission Code in this field on her User ID Record. When processing a transaction PennyL COULD override the Cancel with Dependencies permission because the MANAGER code entered here matches the MANAGER code entered as the Override Code for the Cancel with Dependencies permission.
See Also: Topic Doc - RecTrac Permissions.
DeleteLogin Begin Time (SASECURITYFILE_LoginBeginTime)
If you want to restrict the time of day during which this user can log into RecTrac, click the Clock icon to enter beginning time in this field.
If you do NOT want to restrict login times for this user, leave this field at its default setting.
DeleteLogin End Time (SASECURITYFILE_LoginEndTime)
If you want to restrict the time of day during which this user can log into RecTrac, click the Clock icon to enter ending time in this field.
If you do NOT want to restrict login times for this user, leave this field at its default setting.
Note: This field pertains to LOG IN only. A user cannot log in to RecTrac after this time of day passes. However a User already logged in when this time passes will not be logged out.
For Example: You enter 06:00pm in this field. A User who logs in at 12:00pm can stay logged in after 6:00pm but a user cannot log in and begin a new session as of 06:01pm.
Do Not Show Again (SASECURITYFILE_DoNotShowAgain)
This field lists all challenge message questions for which the User has selected the 'Do Not Show Me This Again' option.
In the event the User wishes to see a particular challenge message again, find it in the list and set the equals value from Yes" to "No" and save your changes. Optionally you can use the Do Not Show Me This Again program to enable or disable Challenge Messages as desired. In the Standard VSI Design go to Management Ribbon • System Management • User/Menu/Profile Management group • Do Not Show Me Again. Your Design may vary.
For Example: User ID SemolinaP enables the 'Do Not Show Me This Again' option when canceling from a File Maintenance program. As a result 'FileMaintenanceCancel=Yes' is written to this field. To restore the challenge message for Semolina change the text to 'FileMaintenanceCancel=No' in this field. Optionally you can go to Do Not Show Me This Again as discussed above.
DeleteNetwork Logon (SASECURITYFILE_NetworkLogon)
You will not visit this field.
This field is used in conjunction with Active Directory and displays the Network Logon/Windows User ID you selected from the Network Logon User List field below if any.
DeleteUser SID (SASECURITYFILE_DomainUserSID)
This field is no longer applicable to User Management.
DeleteNetwork Logon User List (SASECURITYFILEUpdate_NetworkLogonUserList)
This field is applicable only if you are using Active Directory and then only if your RecTrac User ID is linked to an Active Directory profile.
If you have an Active Directory profile linked within Profile Assignments click Build Windows Users List to display a list of all Windows user logins that are allowed to log into RecTrac.
THEN
Expand the Network Logon User List Drop-down list and select the appropriate User ID. The ID you select will populate the Network Logon field above.
The Network/Windows User ID you select will be able to log into the RecTrac User ID upon clicking a desktop shortcut or browser bookmark for RecTrac. A second login will not be required.
To clear the Network Logon field expand the Network Logon User List Drop-down list and select "None."
See Also: Topic Doc - Single Sign On
Note: If the linked Active Directory profile's Authentication Method is "Authenticate on Backend Server then the Network Logon User List returned will filter the resulting User list based on specific attributes of the RecTrac username, including a direct match of the RecTrac username and the AD username; a match of the first, second, or third characters of the RecTrac/AD Users First Name; a match of the first, second or third characters of the RecTrac/AD Users Last Name; and a match of the RecTrac/AD user's email address. If there is no match for any of the user attributes, then a complete list of AD users will be returned and can be selected from to link to the RecTrac user.
Create/Update Biometric Data You must be linked to a valid Input-Logon profile to use this option.- If you utilize biometrics for employee logon click this button to capture/update the employee's fingerprint data.
No Biometric Data/Delete Biometric Data - This button indicates whether a user has biometric data stored. If this user does not have data linked the button is disabled and labeled "No Biometric Data." If this user has data the button then the button is active and labeled "Delete Biometric Data." Clicking the "Delete" button removes any stored biometric data.
See Also: Topic Doc - M2Sys Fingerprint/Finger vein Reader Installation (Under Construction).
DeleteXref Value (SASECURITYFILE_XRefValue)
Enter an Xref for the current user. A Security Maintenance Xref (Cross Reference) can be used in lieu of a user name when signing into RecTrac using Xref and PIN through Swipe Login functionality. This can be enabled in Static Parameters under the Misc Settings group.
DeletePIN Code (SASECURITYFILE_PinCode)
Enter a PIN Code for this user.
PIN Codes in RecTrac are case-sensitive.
DeleteConfirm PIN Code (SASECURITYFILEUPDATE_CONFIRMPINCODE)
Re-enter the User's PIN Code in this field exactly as it was typed in the previous field.
DeleteUser Currently Locked Out? (SASECURITYFILE_LockedOut)
If this option is de-selected, this User account is unlocked and may be used for login.
If this option is selected, this User ID currently is locked out of RecTrac and cannot log in. To unlock the account, disable the option and Save your changes.
DeleteCYMS User? (SASECURITYFILE_CYSUser)
Select this option if this User is using the CYMS (Child and Youth Management Service) module.
CYMS is a custom child care module for RecTrac and generally is used by the US Military for their child care tracking needs.
When this option is selected, the user will have access to the CYMS screens in selected areas of the database including (but not limited to) Activity Management and Facility Management.
DeleteHide Family Member Xrefs? (SASECURITYFILE_HideFamilyMemberXrefs)
Select this option to prevent the user from seeing Family Member Xref numbers (Cross Reference numbers).
Family Member Xref numbers are maintained in Cross Reference Management (Household Management • Member Details • Edit Xref). They also appear on the Xref Listing report. When this option is selected this User ID will not see those numbers in either location.
DeleteView Cred Card Info? (SASECURITYFILE_ViewCreditCardInformation)
Select this option if this User will be allowed to view/access limited credit card information in RecTrac.
Full Credit Card information is NOT stored in RecTrac. Partial credit card information is stored only and all partial credit card information in RecTrac is encrypted throughout the database.
Users cannot see full credit card information regardless of how this option is set.
DeletePassword Never Expires (SASECURITYFILE_PasswordNeverExpires)
Select this option to keep this User ID's password from ever expiring. Enabling this option overrides any password expiration setting on the Static Parameters Profile.
This is a good option for User IDs such as but not limited to your WebTrac User ID (typically 'WWW') and your Scheduler User ID (typically 'ZZS').
DeleteLogon Attempts (SASECURITYFILE_LogonAttempts)
This field displays the current number of consecutive bad login attempts by this User ID. When a User ID has a successful login attempt, this field resets to '0.'
For Example: User ID LorettaM attempt three (3) logins and each one fails. If another User ID were to access Loretta's User Management record, this field would display '3.' If Loretta is successful on her fourth login attempt, this field will reset to '0.'
DeleteLast Login Date (SASECURITYFILE_LastLoginDateTime)
This field displays the last login date by this User ID. When a User ID has a successful login attempt, this field updates with the current date.
DeleteAllow Processing on Default Drawer? (SASECURITYFILE_AllowProcessOnDefaultDrawers)
Select this option to allow this User to process transactions on a Drawer profile linked at the Default Level of Profile Hierarchy OR to Drawer 1" in the event there is no Drawer profile linked to this User ID anywhere in Profile Hierarchy.
De-select this option to have this User process transactions on a Drawer linked anywhere in Profile Hierarchy other than the Default Level. This is a good option for Departments that want transactions linked to specific drawers at all times.
When this option is NOT selected the user is NOT allowed to add items to the Shopping Cart when the only Drawer profile to which the user is linked is the one at the Default Level of Hierarchy (or in the event the user is not linked to any Drawer profile). In the event a user attempts to add an item to the Shopping Cart under these circumstances the system will present the user with a Permissions Override dialog. To override the restriction a user who has this option enabled must enter his/her login credentials.
For Example: This option is NOT enabled for User ID Lightoller. This option IS enabled for User ID Murdoch. Should Lightoller attempt to add an item to the Shopping Cart when not linked to Drawer profile other than the Default Drawer the system will present a Permissions dialog. To override the dialog a user ID with this option enabled has to enter Login Credentials. Murdoch could override the dialog because the option is enabled for her.
DeleteStaff Code (SASECURITYFILE_StaffCode)
For use with the MainTrac module only.
Click the Picklist icon to select the Staff Member ID that corresponds with this User ID in RecTrac if applicable. Linking a Staff Member ID to a User ID helps in both the Combo Log and Work Order Processing.
- Combo Log The User ID/Staff Member link goes along with the Limit Logging to Current User field on the Combo Log profile. For Example: The RecTrac User ID is "AJH." The Staff ID is AHASTINGS. When logged in as AJH the user can do Combination Logging for AHASTINGS only. .
- Work Order Management - The User ID/Staff Member link helps by filling in the information contained in the Contact group (on the Standard VSI Design) which is needed to create a new WO. The RecTrac User ID does not have address phone number etc… information; but the Staff Member record does so the system uses that information to populate the applicable fields in Work Order Management.
Allowed Site(s) (SASecurityFile_AllowedSites)
Click the Combo Box icon to select the Site(s) to which this User ID has access. Multiple selection is allowed. If one Site only is listed, then the User will be assigned to that Site upon login to RecTrac. If multiple Sites are listed in this field, then the User will have to make a selection upon login to RecTrac.
Site records are maintained in Site Management. The component parts of Site Management allow users to choose their Site assignment at login and then see only the tables and records they need to see while working in RecTrac.
Leave this field blank if you do not use Site Management.
Notes:
- Upon login Users can see the Site to which they are assigned by clicking the Settings icon on the main ribbon.
- Full functionality for Site Management remains under construction.
Allow InteliTrac Access? (SASECURITYFILE_DatabaseAnalyticsDashboardAccess)
This field is applicable only if this database is licensed for InteliTrac.
Enable this field to allow this User access to the InteliTrac Business Intelligence & Analysis dashboards (see the Vermont Systems website for more information). Your InteliTrac license allows only a specified number of simultaneous users in the product at one time.
DeleteRecTrac Lab Premium User? (SASECURITYFILE_RecTracLabUser)
Toggle this option if this user is licensed for RecTrac Lab Premium Access.
Note: Organizations with premium licenses can grant their users access to more advanced educational topics via this toggle. If you are unsure if your organization has this access or if you would like to obtain it please contact sales@vermontsystems.com.
Tenant Access
Tenant Datagrid (SASecurityFileUpdate_TTTenantAccessDataGrid)
DataGrid column sort options allow you to customize the view as desired. Click here for a full description of RecTrac DataGrids.
Buttons on the screen…
Click Add Tenant Access to continue to the Tenant Access Update screen to create a new tenant access record.
Highlight/select an existing record and click Change Tenant Access to continue to the Tenant Access Update screen to update information for an existing record.
Highlight/select an existing record and click Remove Tenant Access to remove it from the database.
To exit this program click 'X' on the title bar. You will be returned to the Main Menu or the previous program.
Delete