User Management Identity Tab - WebTMA 5

Path: Admin > User Management > Records

Access to menus, records, and functions for individual users, groups, technicians, contractors, and requestors is established from the User Management windows. The WebTMA System Administrator expands or restricts user access to areas within the application or gives some users extensive permissions. In addition, you can establish the default opening mode or Tab such as open in Add mode or launch the Browse Tab that apply when the user launches certain windows.

WebTMA restricts access for technicians, contractors, and requestors; however, records for the Admin role do not have pre-defined restrictions. Create Admin and User records from User Management > Records. Create other records from the Technician, Vendors, or Requestors windows and then set Preferences, Privileges, and Access from the individual User Management records. Controlled access for all your users is essential to maintain good data and prevent errors.

Identity Tab

Proper setup of user access can help minimize problems with your database, such as accidental or malicious errors, missing or incorrect data, and nonstandard formats or nomenclature. Each person who has access to WebTMA has a record in User Management.

The Role you select in the Role field determines the options available on the other User Management Tabs. Users with the Admin Role have access to all windows in WebTMA. The User Role can be granted comprehensive access if given those rights. Settings for Technicians, Contractors, and Requestors can only be granted access to a limited subset of windows specific to their role.

General records are created  for Technicians, Contractors, and Requestors from the modules specific to those types of Users (Organization > Repair Center > Technicians; Organization > Vendors; or User Management > Requestors). When the records are saved, go to User Management to add Access, Preferences, and Privileges.

The Locked Out check box applies when your organization specifies the maximum number of attempts to enter a valid password. If a User has been locked out, another user with appropriate permissions can clear this check box to allow login. This is a mandatory action when the lockout period is 0 (zero), which makes the lockout indefinite.

Rules for User Access Entries

The following rules apply to the fields in the Access section of the User Management > Records / Identity Tab.

  • A User account or Administrator account can also have a technician, requestor, and/or contractor record associated with it.
  • User, Administrator, and Technician accounts can be granted access to mobile applications. If a mobile check box is selected, a technician must also be selected.
  • Technician accounts can be designated as mobile only with the Mobile Access Only check box.
  • For Technician, Requestor, and Contractor accounts, a corresponding record of the same type must be selected.
  • Each Technician, Requestor, or Contractor record can only be linked to a single user account. The drop-down list for each record type only includes unlinked records (or the records already linked to the current user account).

Role Behaviors

Administrator Roles. Administrators have complete control on this window with special rights on the User Management and User Group windows. Administrators can see all user accounts regardless of role or Repair Center association and all user groups regardless of RC association. Administrator records are not visible to non-administrator users from the User Management window.

User Roles. Users with the User role have limited data access on the User Management and User Groups windows. These users can only view User and User Group records associated with Repair Centers to which they have access and cannot view or edit Administrator User accounts. These restrictions are worthwhile when larger organizations want to delegate site-specific Administrator capabilities without granting full administrator access to all sites.

Technician/Requestor/Contractor Roles. Access for Technicians, Requestors, and Contractors is controlled through the User Management window not from their general records. The Window Access Tab determines which windows these types of users can access. While browse listings for other windows can be shared with these users through MyPage, hyperlinks to windows that require full user account access are not available.

Groups. All User roles inherit Preferences and Privileges from the Group level. Group level Deny values for Window Access, Data Access, and Privileges override any access granted by other groups or those set at the User level.

Hierarchy to Determine “From” Email Address

Automatic email messages sent within WebTMA (for records generated when a user is logged in) follow certain rules to determine a “From” email address. Note this is based on the Default From Email check box in the User Management / Identity Tab.

If the Default From Email check box is marked, the hierarchy is:

  1. Logged-in user email
  2. Repair Center Mailbox Name
  3. Dispatcher email
  4. Client email
  5. webtma@tmasystems.com

If the Default From Email check box is not marked, the hierarchy is:

  1. Repair Center Mailbox Name
  2. Dispatcher email
  3. User email
  4. Client email
  5. webtma@tmasystems.com

Electronic Authorization

Path: Admin > User Management > Records / Identity Tab

The User Management / Identity Tab includes a section titled Electronic Authorization.

Use the Subtabs on this window to grant authorization permission, dollar limits, and approval levels for projects, purchases, estimates, and other items. Each Electronic Authorization Subtab displays check boxes for windows related to the function, for example, you can give a user Purchase Requisition and Material Requests permissions but disallow Purchase Orders and PO Changes Orders.

You can mark the check box and add dollar amounts to any of the Tabs. If this user will also authorize work orders and estimates, be sure to indicate the approval level. Higher numbers indicate more authority.

Electronic Authorization settings apply if Approval Routing System in Client Info / Preferences is turned off.

User Signature

 Path: Admin > User Management > Records / Identity Tab

If someone with an Admin or User role authorizes certain transactions, you can upload a graphic of their signature that will print with the record or related reports.

To add a signature:

  1. Click Edit on the WebTMA toolbar.
  2. Click the Browse button adjacent to the Signature Browse
  3. Locate the desired graphic file.
  4. Click Open on the File Upload window to add the file.
  5. Click Save on the WebTMA toolbar, and your signature displays on the window.

Note: The maximum size of the signature is 144 x 96 pixels. The acceptable file formats are .prn, .jpg, or .gif.

In view mode, the signature selection fields are not visible. If you want to change the signature, repeat the steps above, and select a new file. To remove the signature, edit the record and click the Delete Signature link below the signature box. Click Save on the toolbar.

How to Add User Records

Most of the fields on this window are self-evident. Organization Unit is an alpha-numeric field used exclusively for a client's reference. Text entered in the field is not included in standard reports.

Mark the Default From Email check box if you want this user's name to appear by default in the From field of automatic email messages sent within WebTMA for records generated when this User is logged in. WebTMA checks the record of the logged-in User first. If no e-mail address is specified, WebTMA looks to the dispatcher record and then the client record.

The LDAP check box applies to organizations that use the Lightweight Directory Access Protocol for login. See the next topic, How to Add LDAP Users, for more information.

If you do not use the LDAP protocol and you want to give some users access to WebTMA without requiring login, mark the URL Login check box. When the box is marked, you can generate a Login URL using the Action Menu. For instructions, see Login without ID and Password on page 2.

  1. Open the User Management
  2. Click Add on the WebTMA toolbar.
  3. Type a unique Login ID — used to log in to WebTMA. If you use LDAP, see the next topic, How to Add LDAP Users
  4. Complete the other required fields on the window. The labels are self evident.
  5. Select the Role.
  6. (Optional) Mark the LDAP check box if you use the Lightweight Directory Access Protocol for login. See the next topic, How to Add LDAP Users.
  7. Click Save on the WebTMA toolbar.

NOTE: After a user record has been created, assign preferences, privileges, and access rights to the user. This is done using other Tabs on the User Management window. Until access is assigned, the new user cannot open any windows in WebTMA.

How to Add LDAP Users

The instructions in How to Add User Records on the previous page apply to LDAP; however, the Login ID field is not free-form. The following steps outline how to set up LDAP users.

  1. Click to mark the LDAP check box.
  2. Select the LDAP Server on the LDAP Selection popup and click OK.
  3. Click the Login ID field selection button . This opens the LDAP Popup Window used to search for the user.
  4. Select the Domain on the LDAP Popup Window.
  5. Add other criteria to filter your search. This is very important to cut search time.
  6. Click the Search
  7. Double-click the desired user in the search results grid. The popup window closes and automatically populates the Login ID on the user record.
  8. Add a Password. *
  9. Click Save on the WebTMA toolbar.

* At login, users enter the full Login ID (domain\user) and the Domain (network) Password. If the password in the user's record is incorrect, the system automatically changes the contents of the WebTMA Password field to reflect the current domain password when the user successfully logs in using LDAP.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

2024 Client Training Schedule
See the full list of web training events.