| Table of Contents |
|---|
Summary
A role is in its basic form a set of permissions assigned to a type of user. An Admin role would have all permissions enabled for example where as a 'Customer' role might only have permissions to add / update tickets and make payments on their account. Roles also define details for sets of accounts such as password security, custom profile questions etc. that you may want to setup / add at the role level.
...
| Info |
|---|
Note: CREATED roles cannot edit the password on accounts that have the 'out of the box' admin role. If you login as an account with a role other than admin, and attempt to change password on tools tab page for an account with the role 'admin', the system will provide an error saying you are not authorized to do so. This is for security purposes so that general roles cannot update the ROOT role of admin and any users associated to it. |
...
Definitions:
Name - descriptive name of the role, for example 'Customer Support', 'CSR', 'Support Manager'
Contact Type - contact to be used for emailing when EngageIP sends emails from reports or when
billing
Ticket Assignable - this tells the system that accounts with this role can have tickets assigned
directly to them. i.e. Customers would not usually have this selected as you don't want to assign a
ticket to them (you can create a ticket on the customer, but assigning it to them would usually mean
they need to resolve the ticket)
Password Change - describes the number of days after which the password must be changed. This
is a good security measure
Password Length - describes the required minimum length of the password when adding accounts
with this role or when the user updates his or her password
Password with Numbers - allows forcing the use of letters and numbers rather then just letters
Default Account Creation Status - this defines the status of an account when its first created. i.e. if
you click 'Account' link to add the account, by default you may want the account to start as disabled.
This option allows you to define that
Password History length - this defines the number of historical passwords the system remembers
so that you do not use the same password over and over. This number describes how many periods
based on the value in 'Password Change'
Force Password Change After First Login - this will ensure that at first login, the account user
updates his or her password
Failed Login Limit - if when logging in, the user types the password incorrectly, this limits the number
of attempts. i.e. if they attempt incorrectly 5 times as shown in the image below, they would be locked
out for 1 hour before being able to login again
Lockout Duration - amount of time that an account will be prevented from logging in. In the case in
the image below, 1 hour is set.
Steps to Create a New Role
| Info |
|---|
Note: For suggested settings see the article Security Best Practices for EngageIP Billing. |
Click Load the Setup tab page
Under the Accounts and Roles heading click Roles
Click the Add button
Enter a descriptive Name for the role that defines the position
Fill in the detail as needed based on the definitions provided above
Click Save
The last step is to setup permissions which is covered below
Setting Role Permissions
Click Load the Setup tab page
Under the Accounts and Roles heading click Roles
Click on the Name of the Role you wish to configure permissions for
Select the permissions required for the role. For more information, you can simply hover the mouse over the name of the permission for detail on where it applies and on which pages it can be found
Note: In order to perform any options such as Add, Delete or Edit the LIST option must be enabled. The List option refers to the table of entries for the permission from where you can perform the other options. For example, if you want to see the packages associated with an account, then you must check the LIST option under the User Package permission. If this is the only permission option enabled then the list of packages will be read only, otherwise if you have EDIT selected you will also be able to perform that action
5. Once all the needed permissions are selected, click the Save button at either the top or bottom of the Role Permissions section
...
If you require a user such as an Admin to have full access to the system you may do so, follow the steps below to enable all role permissions for a role.
Load the Setup tab page
Under the Accounts and Roles heading click Roles
Click on the Name of the Role you wish to configure permissions for
Under the Role Permissions heading click the Select / Unselect All link to toggle all currently set permissions off
Click on the Select / Unselect All link again to toggle all permissions on
Click Save
...
Download the role file attached in the Sample Roles section below
Edit the XML files
copy one set of permissions at a time
do a search replace for the dynamic dynamic 'Logisense Corporation' owner and replace it with the Owner name you wish to import the roles under
update the Role names if needed in the XML file (these can be updated after importing as well)
save this as a new .xml file with the appropriate role name
import using the migrator tool residing on the webserver as documented here: Data Migration Utility
Sample Roles
Role_Office_Manager
| Role_Customer_Service_Rep
| ||||||||
|---|---|---|---|---|---|---|---|---|---|
Role_Network_Operations
| Role_Technical_Support_Manager
| ||||||||
Role_Technical_Support
| Role_Agent
| ||||||||
Role_Payment_Center_Rep
| Role_ReadOnly
|