Before group assignment can be designated, users must be added to the system. It is valuable to understand the various fields found in the user configuration prior to doing an initial import of users since the fields found in the user settings can be included in the user import file in order to make the creation of initial users easier. Understanding the fields will also make the addition of users in the future easier. Keep in mind that user settings can be updated at any time.
Level 10 administrators are responsible for creating and updating users. When creating a new user, a user level is selected. The user level contains inherit permissions, but access to other features can be granted on a per user basis by the administrator.
Level 10 Administrators may create new users of any level 0 through 10 and configure the settings available specific to that user level.
When creating a new user, click the New User button in the upper, right-hand corner of the Set Up > Users screen.
The information to be populated is the same as that of editing an existing user with the exception of a couple of elements:
- A Welcome message is only available when creating a new user.
- The ability to create a group of one is only available when creating a new user. While a user cannot be edited from the Users area to add that user to a group of one, a group of one can be created from within the Groups screen at a later time.
- To create or modify users, navigate to Setup > Users.
- Click on New User in the upper, right-hand corner.
- Complete the information, including the user demographics, permissions level, approver, the ability to add words to the custom dictionary and toolbar assignment if desired.
- Check the box next to Send Welcome Message to send an email with the log in information.
- Clear the Create Group checkbox to create the user without creating a group for the singular user.
- Click Submit.
Sending a Welcome Message
When creating a new user, it is helpful to send the user a Welcome Message with the information that access to OU Campus has been granted. This can include a personalized message, but it will only include the password if CAS, Shibboleth, or LDAP are not being used to log into the system.
To send a Welcome Message:
- Click Send Welcome Message.
- Click Send Password in Message if CAS, Shibboleth, or LDAP are not being used. This sends the password to the user.
- Include a personalized message if desired.
Message will be sent once Submit is clicked.
Create Group creates a group of one that can be used if only one individual should be provided access to a particular directory, page, or editable region. This is checked by default. This group can also be used if only one person should be given publishing rights in order to override an Approver.
If a group of just the one user is not desired (the group name is the user name), clear the checkbox. It is advised that groups of one should not be created unnecessarily as having too many groups can make assignment of the access settings more difficult.
OmniUpdate User Information ScreenThe system defaults to the options available for a Level 0 user as shown below.
User Restrictions for Levels 1 through 7
User Restrictions for Level 8
If a Level 9 Assistant Administrator is selected, additional permission options are shown under User Restrictions. This includes the No Full HTML selection. Selecting the No Full HTML checkbox disallows access to the full-page HTML editor.
If a user is locked out of his account, simply open the user’s record by clicking on the user name or the wrench icon, and click the Submit button. This unlocks the user. The user’s password remains the same as it was prior to the user being locked out.
It is also possible, if CAS, Shibboleth, and LDAP are not being used, to change the user’s Password prior to clicking Submit. Keep in mind that the new password needs to be communicated to the user.
The remaining user settings are available upon creation of a user, as well as when modifying an existing user.
OmniUpdate User Information
The OmniUpdate User Information is the personal information for the user. Keep in mind that the settings in this field, with the exception of Username can be modified by the user. This section includes:
- Username: The name the user will use to login to the OU Campus system. If using CAS, Shibboleth, or LDAP, this must match the user's current username for the authentication.
- Password: The password for this user. Leave blank for LDAP users or to keep the current password. This field is not shows if CAS or Shibboleth is being used.
- First Name: The first name of the the user.
- Last Name: The last name of the user.
- E-mail: The email address for the user. This is strongly recommended and will allow for internal OU Campus messages to be sent to the user's external email address.
- Phone: This is generally left blank but allows for a phone number to be entered for the user.
The User Preferences provides additional permissions and access to the user. This section includes:
- Add to Dictionary: Allows the user to add words to the spell check dictionary.
- JustEdit: Allows a user to edit pages using JustEdit, if enabled in the Account settings. This feature only works in Firefox browsers versions 3 and above.
- Page Check: Forces the Page Check feature for this user. If set to Force Enabled in the Account settings, this is dimmed and preselected.
- Failed Login Notification: Will only show as active if the user assigned a Level 10 permission level. An email is sent to the Level 10 administrator when another user is locked out of an account.
User Restrictions are the main configuration area for user settings. This is where the permissions level for the user will be identified and additional permissions will be made available based on the user level assigned. This section includes:
- User Level: Sets the abilities of the user according to the permissions chart. Available levels are 0-10.
- Approver: Sets the default Approver for the user. If an Approver is set for a user, the user will not have any rights to publish pages unless assigned to a group that is granted Publisher rights.
- Enforce Approver: If checked, users may not select an alternate user to send pages for approval or review.
- Allow Upload: If checked, gives user Levels 1-5 the ability to upload files and images to areas to which they have access. It also provides Zip Import access to all users Level 6-8.
- Allow Overwrite: If checked, gives user Levels 1-8 the ability to overwrite files in areas to which they have access.
- Allow Delete: Grants users Level 1-7 the ability to delete/recycle pages and delete assets.
- Allow Source: If checked, gives user Levels 1-8 the ability to have full page source access to pages in areas to which they have access.
- Toolbar: Sets the default toolbar for the user.
- Editor: Allows a different WYSIWYG Editor to be defined for the user. This is the recommended location for this setting in the edit mode, not new user creation, and it should always be left at Inherit.
LDAP Login Information
The LDAP Login Information section only applies if an LDAP login system is in use. It specifies the user’s LDAP information in order for OU Campus to communicate with the LDAP server. This will provide authentication and allow users to use the same passwords they use within the institution.
- Auth Type:Specifies the authentication type for the LDAP system.
- Simple specifies plain text authentication via port 389.
- Simple (SSL) uses SSL to authenticate via port 636.
- Simple (StartTLS) uses TLS (aka SSL 3.0) to authenticate via port 636.
Please be aware that using SSL or StartTLS, the SSL certificate for the LDAP server will need to be submitted to the OmniUpdate Support department for installation prior to using LDAP authentication. Should the certificate or hostname need to be changed at any point following the initial installation please be sure to send notice (at least 24 hours in advance) so the changes can be made and the server can be restarted.
Note: LDAP users will not be able to log into OU Campus if the certificate or hostname that is installed does not match the current configuration of the LDAP server.
- Hostname: The name of the LDAP server.
- DN: The unique LDAP identifier for this user.
There are some differences that will be noticed between creating a new user and editing an exisiting user.
- Editing a user will not provide a Welcome Message section.
- Editing a user will not provide the ability to define to create a group of one.
- It is possible while editing a user to assign a different WYSIWYG Editor. However, it is not advised to do this. The most current WYSIWYG Editor should always be used, and the user setting should always "Inherit" the WYSIWYG Editor assigned to the account.