iWeb User
The User is a person who logs into NetForum iWeb using network authentication, or a program that logs into the NetForum xWeb web service. For more information, see xWeb. Both of these users are managed similarly in NetForum. All of NetForum Security starts with the User.
If your database is hosted by Abila, the user authentication is managed by Active Directory. In order to successfully log in to NetForum, a user must have valid setup in iWeb and they must have a valid account in Active Directory created through the Hosting Control Panel located at: https://cpanel.avectra.com:8443. More information related to the Hosting Control Panel can be found in the Avectra Community located at: https://community.abila.com/home.
Based on the Groups to which a user is assigned, the user has corresponding rights to navigate NetForum and to perform selects, inserts, updates and deletes on certain data.
Adding Users
To add a user, first navigate to the Admin module (from the Module Menu) and expand the User group item link and click the Add User link. This link will launch a 3-page wizard. Each page of the wizard is explained below.
Important! Only users with certain administrative rights are allowed to go to the Admin module. If you do not have access to the Admin module when you log into NetForum, then talk to your system administrator.
Page 1 - User Info
Enter the user code and user name of the user (see Managing Users below for more details on these fields) and any other needed fields. In most cases, the user code and the user name are identical. If you added the user in Abila's Control Panel (https://cpanel.avectra.com:8443), then be sure to enter the same user code and name as you did in that site.
Depending on the build of your NetForum site, you may see fewer fields on this first page; for example, the 2007.01 release added a number of Time and Billing and Sales fields for those modules.
For regular users, leave all the xWeb-related fields blank. These only need to be filled out for special users created just for xWeb.
For now, if you're not sure about these extra fields, you can always come back to them later. At this stage, all you really need to do is enter the user code and user name.
After you have filled out this page, click the Next button.
Page 2 - Groups
Add the user to any Security Groups. You may want to take a look at an already existing user who is in the same general role/profile of the user you are adding to know which group(s) to assign the user.
If you want to add multiple groups, click the Save & Add button to add the Group and then stay on this page to add an additional Group. For the last group you want to add, click the Next button to add that Group and move to the next page in the wizard. If you realize you just added the last one, and you don't need to add more, then press the Skip button to go to the next page without adding a Group.
Page 3 - Populate User Privileges
On this page, you will run the Populate User Privileges process by clicking the Now button.
If you are adding only one user, then run the process now. If you are adding multiple users, then you can run the process for each user or you can wait until the end and run it for all users.
Managing Users
Users are managed from the Admin module of NetForum.
The User Profile page contains the following fields:
- User Code - this code is what NetForum uses and displays within the application.
- User Name - 99% of the time, this is the same as the user code. The user name is associated with the network log in name. When a user authenticates to the web server, NetForum takes that name and matches with the NetForum user.
- e-mail - used when NetForum sends emails to alert this user to certain events. See also Add Email Address to User.
- friendly name - used in various places of NetForum when populating Drop-Down Lists with users.
- sort name - used to link the user to an Individual record.
- e-mail blast limit - entering a number here will limit the emails the user can send in Communicate.
- Super User - if this checkbox is checked and if entity is enabled (i.e. the system option MultiEntitySystem is 'true'), then the user is considered to be a Super User. If entity is not enabled, checking the Super User checkbox does not affect anything. A Super User automatically has insert, update, delete and select Privileges on all entity tables and columns, regardless to which Groups the user belongs. Essentially this checkbox overrides Group Table Privilege and Group Column Privilege configurations. The difference between the Super User and an Admin user class is the Admin user will have full privileges to NetforumProduct (e.g., Design/Edit forms or create user, manage all tables, etc.), and a super user will only have full privileges to all Entity data. The Super User can add/edit data but not have access to system tables.
-
exclude user flag - removes the user from the assignee dropdownlist on the Assignment forms.
Sales and Time and Billing settings, see Configuring User Settings for more:
- department - used in Time and Billing
- manager - used in Time and Billing
- sales rep - used in Sales module.
- sales manager - used in Sales module.
- department manager
- department head
- executive -
xWeb Settings The bottom half of the User page contains various xWeb settings. See xWeb User Administration for more information.
Primary tab child forms
The following child forms on the Primary tab serves the following purposes (note: in 2008.01, the User page split the child forms onto different tabs; prior to that build, all the child forms were on the front).
Groups
The security Groups to which the user belongs.
To add a security group:
-From the user profile, select add (+) on the groups child form.
-Select the appropriate group and save.
The user is added to the new security group. Do not forget to Populate User Privileges and Clear cache.
Roles
User Role is a new feature in NetForum 2.0. Roles are based on the user's job responsibilities (e.g., Events Manager or Membership Manager). After a role is selected, the items that appear in the Actions list change to reflect the assigned role. Once set, the role is in effect for all of the NetForum modules.
Options
The User Options. User Options should not be managed here, but from the Setting Up User Preferences page.
Email Aliases
The e-mail addresses that a user is permitted to send emails in NetForum. See main article for more.
xWeb Tab
For more information, see XWeb User Administration.
Entity Tab
Manage the user's entities on this tab. This feature is very rarely used in NetForum.
Users
In NetForum, a User is an iWeb User or an xWeb User. In NetForum, a User as described on this page does not apply to an eWeb User, which is not stored in the NetForum User table but in the co_customer table as an Individual or Organization. Although you might say in general terms, "the user logs in and registers for a meeting", this "user" is not stored in the NetForum User table; this "user" is stored as an Individual in NetForum. See eWeb Login for more about eWeb Users in particular.
To help cut through the confusion of having three kinds of different "users" in NetForum, please see this chart for a comparison:
Attribute | iWeb | xWeb | eWeb |
---|---|---|---|
General description: | Is a staff person who uses NetForum for their work at the association. | Is a program or application (not a person) that authenticates to NetForum via an xWeb integration. | An internet user who accesses NetForum via eWeb on their browser. Typically a member, prospect, consumer, or other constituent of the association. |
Has network login? | Yes | no | no |
Has record in NetForum User table? | Yes; associated with network login via usr_login column | Yes | No; stored in co_customer table |
User Name in | Table fw_user.usr_code; 99% of time same as usr_login but may differ | Table fw_user.usr_code | In co_customer table, either cst_web_login or cst_eml_address_dn based on UseEmailForAuthorization system option |
Password location? | Network account; unknown to NetForum | Stored in table fw_user.usr_password | Stored in table co_customer.cst_web_password |
Password protection? | Based on network settings | Stored in clear text | Hashed or not according to HashPassword |
Password change ability? | Based on network settings | Can only be changed from User record in NetForum | Change Password page in eWeb |
Security regulation | Based on NetForumsecurity settings | Based on NetForum security settings | Based on CMS Visibility SQL at site, section, page, page detail, and link level |
Assigned to security Groups? | Yes | Yes | No |
Added to system by: | Network administrator and NetForum System Administrator (which might be the same person) | NetForum System Administrator | Whenever an Individual is added by staff in iWeb or by site registration process in eWeb |
Account disabled by: | Network administrator inactivates network account, and deactives NetForum user account | Delete the User account in NetForum | Check the "web login disabled" checkbox on Individual record |
Adds/Edits to records logged: | Yes, in Add/Change User | Yes, in Add/Change User | Yes, in Add/Change User like web:joe@zzz.org |
Processes
Windows Account
Before a User can be created, a Windows network account first must be added. See Adding a NetForum Login for more information.
Add a Single User
From MS SQL Query Analyzer (SQL 2000) or MS SQL Server Studio (2005), you may use the fw_user_create database stored procedure to create a new NetForumuser:
For an ordinary iWeb user:
execute dbo.fw_user_create @usr_code ='jdoe',-- be sure this matches the person's network account! @domain ='av', @grp_code_list ='netForumUser'go
For an xWeb user:
execute dbo.fw_user_create @usr_code ='xWebUser',-- be sure to choose an appropriate user name @domain ='av', @grp_code_list ='netForumUser'go
Load Users in Bulk
Follow these instructions to load many users in bulk.
Users exist in two places — in the operating system of the web server, and in the NetForum application. Here is how to bulk load the users:
In Excel, place the username and clear text password for the users in 2 adjacent columns. Copy the two columns, then paste to Notepad, these will be tab-separated entries now.
If the web server is standalone (not on a domain), then the users can be added to the OS with the scripts below:
Create a batch file named addu.bat with the following contents:
rem Run this to add users from a tab delimited fileremrem format of file is username passwordremrem from command line, run addu [filename]remrem put the batch file, addusers.vbs, and file with users and passwords in same directory for /F "tokens=1,2" %%iin(%1)do cscript addusers.vbs %%i%%j
Create a VBscript file named addusers.vbs with the following contents:
strUNAME = WScript.Arguments.Item(0)strPWD = WScript.Arguments.Item(1)Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000 Set net = WScript.CreateObject("WScript.Network") strComputer = net.ComputerName Set colAccounts = GetObject("WinNT://" & strComputer & "")Set objUser = colAccounts.Create("user", strUNAME)objUser.SetPassword strPWDobjUser.SetInfo Set objUser = GetObject("WinNT://" & strComputer & "/" & strUNAME)objUserFlags = objUser.Get("UserFlags")objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWDobjUser.Put "userFlags", objPasswordExpirationFlag objUser.SetInfo set group = GetObject("WinNT://"& strComputer &"/Users")group.Add "WinNT://" & strComputer & "/" & strUNAME
Running addu.bat from a MS-DOS command line will add the users to the OS of the web server and set their passwords to never expire.
To add users to NetForum, copy the text file with the users and passwords to the SQL server. Open the SQL Query analyzer and use the NetForum db. Modify the following SQL script and run it:
/* usernames must be saved in a text file called usr.txt with a TAB separate*/ declare @domain varchar(200)declare @prv varchar(200) SET @domain ='[DOMAIN NAME OR WEBSERVER COMPUTER NAME]'SET @prv ='netforumuser' CREATETABLE#load(usr varchar(200),pwd varchar (200)) BULK INSERT#loadFROM'[PATH AND NAME OF TEXT FILE]'--local path of user fileWITH( FIELDTERMINATOR ='\t', ROWTERMINATOR ='\n') CREATETABLE#temp(ColId int identity,usr varchar(200))INSERTINTO#temp SELECT usr = ltrim(rtrim(l.usr))FROM#load l declare @var intdeclare @cnt int declare @usr varchar (20)SET @cnt =1SET @var =(SELECT count(usr(FROM#temp) while @cnt <= @varbeginSELECT @usr = usr FROM#temp where ColId = @cntexec dbo.fw_user_create @usr,@domain,@prvSET @cnt = @cnt +1endDROPTABLE#tempDROPTABLE#load