iWeb User

The User is a person who logs into netFORUM iWeb using network authentication, or a program that logs into the netFORUM xWeb web service. For more information, search xWeb on the Wiki. Both of these users are managed similarly in netFORUM. All of netFORUM Security starts with the User.

If your database is hosted by Abila, the user authentication is managed by Active Directory. In order to successfully log in to netFORUM, a user must have valid setup in iWeb and they must have a valid account in Active Directory created through the Hosting Control Panel located at: https://cpanel.avectra.com:8443. More information related to the Hosting Control Panel can be found in the Avectra Community located at: http://avectracommunity.com/groups2/profile/resources/groupid/2198.

Based on the Group(s) to which a user is assigned, the user will have corresponding rights to navigate netFORUM and to perform selects, inserts, updates and deletes on certain data.

Adding Users

To add a user, first navigate to the Admin module (from the Module Menu) and expand the User group item link and click the Add User link. This link will launch a 3-page wizard. Each page of the wizard is explained below.

Important! Only users with certain administrative rights are allowed to go to the Admin module. If you do not have access to the Admin module when you log into netFORUM, then talk to your system administrator.

Page 1 - User Info

Enter the user code and user name of the user (see Managing Users below for more details on these fields) and any other needed fields. In most cases, the user code and the user name are identical. If you added the user in Abila's Control Panel (https://cpanel.avectra.com:8443), then be sure to enter the same user code and name as you did in that site.

Depending on the build of your netFORUM site, you may see fewer fields on this first page; for example, the 2007.01 release added a number of Time and Billing and Sales fields for those modules.

The 2008.01 release added more fields related to xWeb Users. For regular users, leave all the xWeb-related fields blank. These only need to be filled out for special users created just for xWeb.

For now, if you're not sure about these extra fields, you can always come back to them later. At this stage, all you really need to do is enter the user code and user name.

After you have filled out this page, click the Next button.

Page 2 - Groups

Add the user to any Security Groups. You may want to take a look at an already existing user who is in the same general role/profile of the user you are adding to know which group(s) to assign the user.

If you want to add multiple groups, click the Save & Add button to add the Group and then stay on this page to add an additional Group. For the last group you want to add, click the Next button to add that Group and move to the next page in the wizard. If you realize you just added the last one, and you don't need to add more, then press the Skip button to go to the next page without adding a Group.

Page 3 - Populate User Privileges

On this page, you will run the Populate User Privileges process by clicking the Now button.

If you are adding only one user, then run the process now. If you are adding multiple users, then you can run the process for each user or you can wait until the end and run it for all users.

Managing Users

Users are managed from the Admin module of netFORUM.

The User Profile page contains the following fields:

Sales and Time and Billing settings, see Sales#Configuring_User_Settings for more:

xWeb Settings The bottom half of the User page contains various xWeb settings. See xWeb User Administration on the Wiki for more information.

Primary tab child forms

The following child forms on the Primary tab serves the following purposes (note: in 2008.01, the User page split the child forms onto different tabs; prior to that build, all the child forms were on the front).

Groups

The security Groups to which the user belongs.

To add a security group:

-From the user profile, select add (+) on the groups child form.

-Select the appropriate group and save.

The user is added to the new security group. Do not forget to Populate User Privileges and Clear cache.

Roles

User Role is a new feature in netFORUM 2.0. Roles are based on the user's job responsibilities (e.g., Events Manager or Membership Manager). After a role is selected, the items that appear in the Actions list change to reflect the assigned role. Once set, the role is in effect for all of the netFORUM modules.

Options

The User Options. User Options should not be managed here, but from the Setting Up User Preferences page.

Email Aliases

The e-mail addresses that a user is permitted to send emails in netFORUM. See main article for more.

xWeb Tab

See main article for explanation.

Entity Tab

Manage the user's entity(ies) on this tab. This feature is very rarely used in netFORUM.

Users

In netFORUM, a User is an iWeb User or an xWeb User. In netFORUM, a User as described on this page does not apply to an eWeb User, which is not stored in the netFORUM User table but in the co_customer table as an Individual or Organization. For more information, search the co_customer table on the Wiki. Although you might say in general terms, "the user logs in and registers for a meeting", this "user" is not stored in the netFORUM User table; this "user" is stored as an Individual in netFORUM. See eWeb Login on the Wiki for more about eWeb Users in particular.

To help cut through the confusion of having three kinds of different "users" in netFORUM, please see this chart for a comparison:

Attribute iWeb xWeb eWeb
General description: Is a staff person who uses netFORUM for their work at the association. Is a program or application (not a person) that authenticates to netFORUM via an xWeb integration. An internet user who accesses netFORUM via eWeb on their browser. Typically a member, prospect, consumer, or other constituent of the association.
Has network login? Yes no no
Has record in netFORUM User table? Yes; associated with network login via usr_login column Yes No; stored in co_customer table
User Name in Table fw_user.usr_code; 99% of time same as usr_login but may differ Table fw_user.usr_code In co_customer table, either cst_web_login or cst_eml_address_dn based on UseEmailForAuthorization system option
Password location? Network account; unknown to netFORUM Stored in table fw_user.usr_password Stored in table co_customer.cst_web_password
Password protection? Based on network settings Stored in clear text Hashed or not according to HashPassword
Password change ability? Based on network settings Can only be changed from User record in netFORUM Change Password page in eWeb
Security regulation Based on netFORUM security settings Based on netFORUM security settings Based on CMS Visibility SQL at site, section, page, page detail, and link level
Assigned to security Groups? Yes Yes No
Added to system by: Network administrator and netFORUM System Administrator (which might be the same person) netFORUM System Administrator Whenever an Individual is added by staff in iWeb or by site registration process in eWeb
Account disabled by: Network administrator inactivates network account, and deactives netFORUM user account Delete the User account in netFORUM Check the "web login disabled" checkbox on Individual record
Adds/Edits to records logged: Yes, in Add/Change User Yes, in Add/Change User Yes, in Add/Change User like web:joe@zzz.org

Processes

Windows Account

Before a User can be created, a Windows network account first must be added. See main article for more.

Add a Single User

From MS SQL Query Analyzer (SQL 2000) or MS SQL Server Studio (2005), you may use the fw_user_create database stored procedure to create a new netFORUM user:

For an ordinary iWeb user:

execute dbo.fw_user_create  @usr_code = 'jdoe', -- be sure this matches the person's network account!  @domain = 'av',  @grp_code_list = 'netForumUser'go

For an xWeb user:

execute dbo.fw_user_create  @usr_code = 'xWebUser', -- be sure to choose an appropriate user name  @domain = 'av',  @grp_code_list = 'netForumUser'go

Load Users in Bulk

Follow these instructions to load many users in bulk.

Users exist in two places — in the operating system of the web server, and in the netFORUM application. Here is how to bulk load the users:

In Excel, place the username and clear text password for the users in 2 adjacent columns. Copy the two columns, then paste to Notepad, these will be tab-separated entries now.

If the web server is standalone (not on a domain), then the users can be added to the OS with the scripts below:

Create a batch file named addu.bat with the following contents:

rem Run this to add users from a tab delimited fileremrem format of file is username      passwordremrem from command line, run addu [filename]remrem put the batch file, addusers.vbs, and file with users and passwords in same directory for /F "tokens=1,2" %%i in (%1) do cscript addusers.vbs %%i %%j

Create a VBscript file named addusers.vbs with the following contents:

strUNAME = WScript.Arguments.Item(0)strPWD  = WScript.Arguments.Item(1)Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 Set net = WScript.CreateObject("WScript.Network") strComputer = net.ComputerName Set colAccounts = GetObject("WinNT://" & strComputer & "")Set objUser = colAccounts.Create("user", strUNAME)objUser.SetPassword strPWDobjUser.SetInfo Set objUser = GetObject("WinNT://" & strComputer & "/" & strUNAME)objUserFlags = objUser.Get("UserFlags")objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWDobjUser.Put "userFlags", objPasswordExpirationFlag objUser.SetInfo set group = GetObject("WinNT://"& strComputer &"/Users")group.Add "WinNT://" & strComputer & "/" & strUNAME

Running addu.bat from a MS-DOS command line will add the users to the OS of the web server and set their passwords to never expire.

To add users to netFORUM, copy the text file with the users and passwords to the SQL server. Open the SQL Query analyzer and use the netFORUM db. Modify the following SQL script and run it:

/* usernames must be saved in a text file called usr.txt with a TAB separate*/ declare @domain varchar(200)declare @prv varchar(200) SET @domain ='[DOMAIN NAME OR WEBSERVER COMPUTER NAME]'SET @prv = 'netforumuser' CREATE TABLE #load(usr varchar(200),pwd varchar (200)) BULK INSERT #loadFROM '[PATH AND NAME OF TEXT FILE]' --local path of user fileWITH (            FIELDTERMINATOR = '\t',        ROWTERMINATOR = '\n') CREATE TABLE #temp(ColId int identity,usr varchar(200))INSERT INTO #temp SELECT usr = ltrim(rtrim(l.usr))FROM #load l   declare @var intdeclare @cnt int declare @usr varchar (20)SET @cnt = 1SET @var = (SELECT count(usr( FROM #temp) while @cnt <= @varbeginSELECT @usr = usr FROM #temp where ColId = @cntexec dbo.fw_user_create @usr,@domain,@prvSET @cnt = @cnt +1endDROP TABLE #tempDROP TABLE #load

Troubleshooting

Q. The Populate User Privileges process takes a very long time to run. What could be wrong?

A. Indexes may need to be rebuilt on the database. See md_database_tune on the Wiki.

See Internet Explorer Settings on the Wiki for various recommended browser settings.