Table of Contents

Adding New Users

The process for initially adding new users to your system is covered in this brief video.
 

Password Complexity & Expiry Requirements

Administrators may specify password auto-expiry days for all user passwords (except for auto-login Kiosks).  This feature is available with Gnosis version 1.2.910 and later.

Additionally, user passwords may have complexity requirements specified.  The complexity requirements consist of one or more of:

  • The minimum password length
  • The minimum number of Uppercase Alpha (A..Z) characters required 
  • The minimum number of Lowercase Alpha (a..z) characters required 
  • The minimum number of Special (!@#$_-+=) characters required 

These options can be set in the User Administration dialog (Settings | Administration | User Management) in the "Security Settings" tab.

mceclip0.png

To meet HIPAA standards (if appropriate in your system), the expiry and complexity features must be enabled.

 

Fine Tuning Access Control

Gnosis user access is managed by an administrative user through User Group assignment and access control levels (ACLs). ACL settings can be managed at the group level or individually, allowing you to grant any combination of system access to your users. Proper group assignment will generally provide the necessary access for the different users in your system. However, if a user receives a system message that they do not have permission to proceed in a certain area, group, and or individual ACLs may need to be set for them.

Step 1

Create new users and assign them to at least one User Group as shown in the training video above.

Step 2

If you need to adjust the ACLs assigned to a group or user, refer to the training video above on how to manage system ACLs. The table below provides a brief description of the purpose of each ACL.

  • Read/Write access allows the person to access and edit data.
  • Administrative access allows the user to manage settings in addition to editing data.

Step 3

If you have edited permissions for an existing user, the user must log out and back in to gain the new access.

 

Access Description/Name Access Provided

Function Access ACLs

General Database Access Allows a user to log in to access the system.
System Administration Access to the system administration area and various system-level settings throughout the system.
Person/Household Data Management Access person records and associated data
Organization Data Management Access organization records and associated data
Communications Management Access the Communications Module
Recipient Group Access Create and edit Communications Recipient Groups
Document Template Access Access Document Templates in the communications area
User Administration Create and edit system users, including groups and ACLs
Reporting Access Access the reporting module and the various areas where reporting is available
Attribute Management Access attributes/attribute tabs in person and organization records
Reference Data Management Access Reference Data lists
Update Org. Level Preferences Allows editing of the Organization level preferences in preferences & settings area.
Update Group Level Settings Allows editing of the Group level preferences in preferences & settings area for the primary group of the user.
System Job Scheduler Access Allows access to schedule reports and communications
Contribution Management Allows access to gifts in Contribution Entry
Event Management - Event Approver This ACL is required to make events "Active" in event management
Subscription Management Rights Create and edit and subscription types and options
NO ACCESS (Mstr Admin) <For use only by Gnosis support>
Private Records Access [not for general use]
Bypass Data Validation Used for systems that have enforced data validation for setting some person fields as required. Allows a user to override those settings
Impersonation Person on Web Portal Allows the user to access the "Login to Website as This Person" function; See also Financial Systems Access below
Person Status Indicator Access Makes person status indicators visible
Web Page Template Edit Access [not for general use]
Contact Management Access Contact Management notes (also may require one of the ACL's listed below in "Data Access ACL's" area.
Case Management Access to the Case Management module
Issue/Inquiry Tracking Access to the issue/inquiry tracking module
Date of Birth Access Access to dates of birth in a person record
Member Groups Access Access to the Group Management module

Data Access ACLs 

Volunteer Notes For information on the setting and use of these four ACL's, please refer to the article on Implementing Contact Management Security
Programs Notes
Custom Notes
Donor Notes

Special ACLs 

SQL Code Access Level Allows a super-qualified user to hand-craft SQL queries for reports.
DACL Management [not for general use]
Financial Systems Access

Access to Invoice tabs and system; Transaction Batch Management module for  batch actions and QuickBooks posting; Read/Write access is also required for the Login to Website as This Person function

 

Comments

0 comments

Please sign in to leave a comment.