User Management

This window allows to configure the users, the groups and their associated rights.

Note

The functionalities are available only if Use user management was previously checked in the General Settings (tab Global Configuration, see User management).

Users and groups rights

visionCATS provides the following rights for users and groups:

  • Guest: Guest users are limited to the special Guest folder of the Explorer whereas other users have access to the whole Explorer files and folders (see Main explorer view).

Note

The Guest folder is created automatically at the root of the Explorer as soon as the Guest right is granted for at least one user.

Note

Changing lens type or white balance parameters of Visualizer is also controlled by the Diagnostics rights, as they cause the invalidation of the diagnostics.

Note

At least one Admin user should always be active, with at least the rights System settings, Licensing, User management and without Guest. If such user is missing or disabled, a popup asking for the creation of a new Admin user will be shown.

Users

../../../_images/users.png

All users are displayed in the table. The internal account visionCATS_user (default user used when User Management is not activated) is not modifiable.

Toolbar

  • addnewuser Add a new user

  • addwinuser Add an existing user from Windows or ActiveDirectory

    If most users use their own Windows account when working with visionCATS, you can import these Windows users in system, therefore a known Windows user will be automatically logged in.

    To add Windows users, the Windows search window is used:

    ../../../_images/addwinuserpopup.png

    visionCATS Login Name will be set to simple old Windows logon name. The UPN login (User Principal Name), if existing, given by ActiveDirectory will also be linked to visionCATS (the link is done on the security identifier (SID)). Therefore, it is possible to login (or E-Sign) with both type of logon name.

Note

Passwords of Windows users are not stored in the system, and it is not possible to modify them from visionCATS.

Note

Password hashing (for local visionCATS users) is done by bcrypt hash algorithm.

Note

Local- or Workgroup-users can also be used.

  • changepwd Change the password of the currently selected user

  • updatewinuser Update login and name information from Windows or ActiveDirectory (SID should remains the same)

  • showhidden Toggle the display of locked users (useful if you have a lot of locked users)

  • exportusers The full table can be exported as a report CSV file

  • exportgroups A PDF report of the user management parameters, users and groups can be exported

Note

It’s not possible to delete a user because users are referenced in the different actions logged in the system and in the analysis. Instead, use the Lock check box to prevent some users from using visionCATS.

User table

For each user (expect system accounts), you can set the following options:

  • Locked: A locked user can’t log in this visionCATS installation

  • Login name: Login used in visionCATS, after creation, it cannot be modified

  • Full name: Real name of the user

  • Position: Position of the user

  • Email address: the address used to send notification. See Notifications

  • Custom rights: indicate whether the users have custom rights or rights defined by group. clicking on the customrightsedit icon allows to change the rights (see Users and groups rights):

    ../../../_images/customrights.png
  • The last columns correspond to each active group defined in the Groups tab. This associates users to groups. Of course, the rights provided by groups are provided to users belonging to these groups.

Tooltips

Tooltips help the definition of the users, groups and their associations. On the User table, and in the System Status Bar, the tooltip over the user shows the details of the rights granted and the corresponding groups granting each right:

../../../_images/usertooltip.png

Furthermore, a tooltip on the group column header recalls the associated rights:

../../../_images/grouptooltip.png

Groups

In order to facilitate the management of user rights on large installations, visionCATS includes a group management feature. Each group is actually a set of rights. Each can either have Custom rights (means that they don’t belong to any group) or be linked to one or several groups.

../../../_images/groups.png
  • A main list (1) is displayed. There is no priority in groups – they are simply ordered by name.

  • The selected group details appear under the list (2), where the rights can be configured. The set of users in this group also appear here.

  • There are built-in groups (3) which cannot be changed. These groups are designed to encourage standard and best practices.

  • Groups, including built-in ones, can be deactivated (4). Deactivated groups are hidden in all other windows in visionCATS.

  • Double-click on the Name or Description fields (5) to change the values.

  • Groups can be added or deleted (non-built-in only) (6)

Toolbar

  • addnewgroup Add a new group, see New group

  • addwinuser Delete a group (non-built-in only)

  • exportgroups A PDF report of the user management parameters, users and groups can be exported

New group

A new group can be added by entering a unique name for the group, and then select the rights (see Users and groups rights):

../../../_images/addgroup.png

Note

It is possible to create a group with no rights. Users having no rights can still open method/analysis/comparison files in read-only mode.