Users section

• The user management interface is the section where the console admin can manage all actions related to the users.

  

2.3.1 Upload user list

2.3.1.1 Upload from excel

• In this section, the console manager can download an Excel file which is a template of a list of users that he fills in order to reimport it later.

  • First step: The console manager clicks on “Download template” button, “Users-template-MDC.xlsx” file will be downloaded.

  • Second step: The console manager fills the fields with users information that he wants to add, fields are:

    • First name: This field is required and its length must be between 2 and 60 characters.
    • Last name: This field is required and its length must be between 2 and 60 characters.
    • “Role Level”: This field is required, it is the rank of the role that he wants to attribute to the user of the actual line and it must a number between 1 and the biggest rank of roles.
    • Email: It must be a valid email, one of the email field or the username field is required.
    • Username: Its length must be between 2 and 60 characters, the company prefix will be added automatically, one of the email field or the username field is required.
    • Status: This field is required, this field can be “y” to make the actual user’s account activated or “n” to make the actual user’s account disabled so that he can’t connect to the MDC application.
    • Country: This field is not required and its length must be between 2 and 60 characters.
    • Attributes: In this field, the console manager can separate attributes that he wants to add to the actual user by a semicolon ” ; ” or leave blank , or enter “all” to make to attach all attributes.
    • Department: This field is not required and its length must be between 2 and 60 characters.
  

  • Third step: The console manager clicks on “Upload template” button and select the users-template file.

    • A table similar to “User list” table will be displayed containing the list of the users from the template selected, if a row contains an error or an invalid field it will be shown as a warning icon in the beggining of the row, with a detailed text about the error.
    • The console manager has the option to edit or delete a row from the list before updating it.

  • Fourth step: The console manager clicks on “confirm” button and confirms his password in order to add the uploaded users in the template to the “User list” table.

  

2.3.1.2 Upload from active directory

• In this section, The console manager can import a list of users from a distant Active Directory server, this process is done in two steps:

• First, the console manager has to add Active Directory connection parameters by clicking on “AD settings” button:
  • Host: The hostname or IP address of the Active Directory server the user wants to connect to.
  • Port: The port number used for the LDAP or LDAPS (secure LDAP) connection, typically 389 for LDAP and 636 for LDAPS.
  • Username: The username or service account used to bind and authenticate with the Active Directory server.
  • Password: The corresponding password for the username used for authentication.
  • BaseDn (Distinguished Name): The starting point in the Active Directory hierarchy where LDAP searches and operations will begin, often representing the root of the directory subtree you want to work with.
  • Use LDAP or LDAPS toggle button: Specifies whether to use a secure connection (LDAPS) or a non-secure connection (LDAP) to communicate with the Active Directory server.
  • A “Test connection” button appears which the user clicks on , if a notification ” everything seems to be fine ” is displayed users can be imported for the Active Directory server.
  • The “Save” button will be enabled to click on so that the user can save the Active Directory connection parameters.

• After saving the Active Directory connection parameters, the console manager clicks on “import from AD” button.
  • “Import from AD” pop-up is displayed in which the user can add at least one filter, filters can be : Department, First name, Last name, Country, Email, Username, City. These filters will be related with fileds of users from “User and Group Management” in the active directory remote server.
  • The console manager clicks on “Confirm” button to upload users.

• After clicking on “confirm”, a table will be displayed showing the imported users.
  • User status can be “New user”, it indicates that this user is new to this console’s users list.
  • User status can be “Updated user”, it indicates that this user is an existing user in this console’s users list (existing username or email), but there are fields which are updated so that after the confirmation the information of this user in the console will be the like the one’s in this upload action from Active Directory.
  • User status can be “Deleted user”, it indicates that this user is deleted from active directory server “User and Group Management” section and after confirmation this user will be deleted from the console’s users list.

2.3.2 User list

2.3.2.1 Actions

• The “User list” section is composed of the main table of users and actions that the console manager can do related to that list.

• Actions can be:

• Add single user: The console manager clicks on “Add user” button, “Add user” pop-up will be displayed containing:

  1. First name: This field is required and its length must be between 2 and 60 characters.
  2. Last name: This field is required and its length must be between 2 and 60 characters.
  3. Role: In this field The console manage selects one of the roles to attach to the added user.
  4. Email: It must be a valid email, one of the email field or the username field is required.
  5. Username: The company prefix will be added automatically, one of the email field or the username field is required.
  6. Attributes: In this field, the console manager can choose, search and attach one or more or no attribute to the added user.
  7. Country: This field is not required and its length must be between 2 and characters.
  8. Department: This field is not required and its length must be between 2 and 60 characters.

• Change lines per page: The console manager can change the pagination of the “User list” table.

• Show/hide columns: The console manager can custom the columns that he wants to be displayed in the “User list” table.

• Exportar todos os usuários: O gerente do console pode clicar no botão “Exportar todos os usuários”, e um e-mail contendo um arquivo Excel como anexo contendo a lista de todos os usuários será enviado para seu endereço de e-mail.

• Export selected users: The console manager can click on the “Export selected users” button, then he will asked if the file that he wants to download will has as extension “.xlsx” or “.pdf” and enter the file name. After that, a file containing the displayed users depending on the pagination will be donwloaded.

• The console manager can delete users using a delete template which is an excel file which can be downloaded after clicking on “Download delete template”, then the user fills at least email or username field for the user that he wants to delete, then uploading this file after clicking on “Import delete template” button.

• Select users to delete: By clicking on “Delete users” button, a checkbox will be displayed near to every user, and the console manager can select the users and then click on “Confirm” button and confirms his password.

2.3.2.2 User list table

• This table is composed of columns:

• Email: This column contains the email address of the user (at least one of the email/username fields should be filled).

• Username: This column contains the username of the user (at least one of the email/username fields should be filled).

• First name: This column contains the first name of the user.

• Last name: This column contains the last name of the user.
• Phone: This column contains the phone number of the user, added from MDC application.
• Country: This column contains the country of the user

• Activated: This column indicates the first time this user has connected to MDC application.
• Last login: This column indicates the last time this user has connected to MDC application.
• Last Activity: This column indicates the last time this user has interacted with MDC application.
• Attributes: This column shows the attributes attached to this user from “Add/update user” pop-pup or from attributes tables
• Passwords in use: This column contains the number of strong and weak passwords in this user’s MDC application. Weak passwords are those which length is less than the “Password length” parameter in the general settings section.
• Backup file: This column contains the last automatic backup file which the user can Import in his MDC application “import backup” section. Automatic backup is an encrypted “.mycenadc” file which is generated everyday containing encrypted passwords of this user.
• Status: This column indicates that this user’s status is activated or not, that means he has the permission to connect to MDC application or not.
• Department: This column contains the department of the user which is an informative field user to better filter users.
• Role: This fields contains the role of the user.

• Actions: This column contains actions that can be affected to the user. Actions buttons can be displayed also by clicking right click in the first two columns, user can click on:

  • Update user button: This opens “User details” pop-up, the user can’t edit his email/username. The console manager has to confirm his password.

  • Reset user keys: This button allows the console manager to reset the security keys (PIN code, Lock pattern, passphrase) of this user in MDC application. The console manager has to confirm his password.

  • Reset user questions: This button allows the console manager to reset the security questions of this user in MDC application. The console manager has to confirm his password.

  • Reset user 2FA method: This button allows the console manager to reset the 2FA method of this user in MDC application. The console manager has to confirm his password.

  • Display old backup file: This opens a pop-up containing the last six automatic backup files for this user.

  • Delete user: The console manager has to confirm his password to delete this user.

2.3.3 AD auto-synchronization filters

This feature works only if the ” Refresh Active Directory ” Add-on is enabled for the current company.

• In this section, the console manager can add filters that make users imported automatically from the configured active directory remote server.

2.3.3.1 Add filter section

• The console manager clicks on “Add filter” button in order to open the “Add AD filter” pop-up wherein the user can set o combination of filters, in this pop-up the user can set:

  • Label: Labelled text to the filter.

  • Department: Which corresponds to “Department” field in the User and Group Management section in active directory.

  • First name: Which corresponds to “First Name” field in the User and Group Management section in active directory.

  • Last name: Which corresponds to “Last Name” field in the User and Group Management section in active directory.

  • Country: Which corresponds to “Country/Region” field in the User and Group Management section in active directory.

  • Email: Which corresponds to “Email” field in the User and Group Management section in active directory.

  • Username: Which corresponds to “User Logon Name” or “Display Name” field in the User and Group Management section in active directory.

  • City: Which corresponds to “City” field in the User and Group Management section in active directory.

  • Auto delete users: A toggle button to make the imported users with “Deleted user” status can be imported or not, in other words the users who correspond to this filter will be automatically deleted from the users list or not.

  • Status: A toggle button to make this filter activated or not.

• When the console manager submits by clicking on the “Confirm” button, MyCena will search in the active directory remote server configured in “Add AD parameters” the users who correspond to the added filter every number of days configured in ACTIVE DIRECTORY SYNC TIMER parameter in the “General settings” section.

2.3.3.2 AD auto-synchronization filters table

• This table is composed of columns:
• Label: This field contains the “label” of field of each filter.
• Email: This field contains the “Email” of field of each filter.
• Username: This field contains the “Username” of field of each filter.
• First name: This field contains the “First name” of field of each filter.
• Last name: This field contains the “Last name” of field of each filter.
• Department: This field contains the “Department” of field of each filter.
• Country: This field contains the “Country” of field of each filter.
• City: This field contains the “City” of field of each filter.
• Auto delete users: This field contains the “Auto delete users” toggle button of each filter.
• Status: This field contains the “Status” toggle button of each filter.

• Actions: This column contains actions that can be affected to the filter. Actions buttons can be displayed also by clicking right click in the first column, user can click on:

  • Update filter button: This opens “Update AD filter” pop-up, the console manager has to confirm his password.
  • Delete filter: The console manager has to confirm his password to delete this filter.

• The console manager can apply other actions to this table:

  • Change lines per page: The console manager can change the pagination of the “AD auto-synchronization filters” table.
  • Show/hide columns: The console manager can custom the columns that he wants to be displayed in the “AD auto-synchronization filters” table.

2.3.4 Roles and permissions

2.3.4.1 Introduction

• In MyCena Deskcenter system, there are multiple roles which can be attached to the users ( each user must have a role):

  • “Owner” is the role of the first account which the company has been created with ( you can look at MyCena Desk Center first steps). It is the root and the first role which has all the privileges in the console and in the application.

  • Except the owner, the rest of the roles have ranks, Any level can only manage a level under his own ( level * = highest level)

  • “SuperAdmin” ( Level * ): This role has all the privileges in the console and in the application.

  • “Operator”/”Supervisor”/”Manager” ( Level 1, 2, 3 ): These are the default roles, they are all editable (the level field is not editable) but not deletable.
  • If the company has the Add-on “manage roles”, the console can contain seven more roles. These roles can’t have a level less than 4.

• The console manager can custom the columns that he wants to be displayed in the “Roles and permissions” table.

2.3.4.2 Add/update role

• When the console manager clicks on “Add role” or “Update role” button, ” Add new role ” or ” Role details ” pop-up will be displayed, they contain:

  • Level: In this field, the console manager enters the level of the concerned role.

  • Name: In this field, the console manager enters the name of the concerned role.

  • Access console: In this field, the console manager sets if the users who have this role can accesss to the console. When adding a user with this role, a “Welcome to MyCena Desk Center Console” email will be sent containing a temporary password.

  • Manage users: In this field, the console manager sets if the users who have this role can access to the users section in the console and manage it.

  • Delete users by template: In this field, the console manager sets if the users who have this role can use the “Delete users by template” feature.

  • Manage reset security questions: In this field, the console manager sets if the users who have this role can click on the “reset security questions” button of the user.

  • Manage general settings: In this field, the console manager sets if the users who have this role can access to the “general settings” section in the “home” interface and manage the parameters.

  • Manage preloaded passwords: In this field, the console manager sets if the users who have this role can access to the preloaded passwords section and manage preloaded passwords.

  • Delete preloaded password by template: In this field, the console manager sets if the users who have this role can use the “Delete preloaded password by template” feature.

  • Copy preloaded password (console): In this field, the console manager sets if the users who have this role can copy the “password” field when generating it in “Add” or “Update” preloaded password pop-up.

  • Manage preloaded systems: In this field, the console manager sets if the users who have this role can access to the preloaded systems section and manage preloaded systems.

  • Manage GRC:in this field, the console manager sets if the users who have this role can access to the GRC section.

  • Manage update servers: In this field, the console manager sets if the users who have this role can access to the “Local update servers” section in the “home” interface and manage the update servers.

  • Manage IP restrictions: In this field, the console manager sets if the users who have this role can access to the “IP restriction” section in the “home” interface and manage the authorized ip addresses.

  • Manage device restriction: In this field, the console manager sets if the users who have this role can access to the “Device restriction” section in the “home” interface and manage the authorized devices.

  • Manage access kit: In this field, the console manager sets if the users who have this role can access to the “Access kit” interface and manage the access kit.

  • Delete access kit by template: In this field, the console manager sets if the users who have this role can use “delete access kit by template” feature.

  • Manage credit cards: In this field, the console manager sets if the users who have this role can access to the “Credit cards” interface and manage the credit cards.

  • Delete credit cards by template: In this field, the console manager sets if the users who have this role can use the “Delete credit cards by template” feature.

  • Create password (application): In this field, the console manager sets if the users who have this role can copy the “password” field in the application.

  • Create login for preloaded system (application): In this field, the console manager sets if the users who have this role can create login for preloaded systems in the application.

    • This feature works only if the ” Manage permission ‘Create password for preloaded systems’ ” Add-on is enabled for the current company.

  • Create password for preloaded system (application): In this field, the console manager sets if the users who have this role can generate password for the preloaded systems.

  • See password (application): In this field, the console manager sets if the users who have this role can see the password field in the application.

  • Copy password (application): In this field, the console manager sets if the users who have this role can copy the password field in the application.

  • Copy CVV (application): In this field, the console manager sets if the users who have this role can copy the CVV field in the application.

  • See CVV (application): In this field, the console manager sets if the users who have this role can see the CVV field in the application.

  • See card number (application): In this field, the console manager sets if the users who have this role can see the card number field in the application.

  • See access kit password (application): In this field, the console manager sets if the users who have this role can see the access kit password field in the application.

  • Copy access kit password (application): In this field, the console manager sets if the users who have this role can copy the access kit password field in the application.

  • Display passwords section (application): In this field, the console manager sets if the users who have this role can see the passwords section in the application.

  • Display access kit section (application): In this field, the console manager sets if the users who have this role can see the access kit section in the application.

  • Display credit cards section (application): In this field, the console manager sets if the users who have this role can see the credit cards section in the application.

  • Access to settings (application): In this field, the console manager sets if the users who have this role can access to the settings section in the application.

  • Use code (extension): In this field, the console manager sets if the users who have this role can use the verification code when connecting to MyCena extension.

    • This feature works only if the ” Manage ‘Require extension code’ ” Add-on is enabled for the current company.

  • Enable mobile fortress: In this field, the console manager sets if the users who have this role can connect with their accounts to the Android or IOS versions of MyCena desk center.

    • This feature works only if the ” Manage permission ‘Activate Mobile’ ” Add-on is enabled for the current company.

  • Colors: The console manager facilitates customization of the role name’s appearance in the “Name” column by allowing users to modify the colors.

  • Display: The console manager enables users to toggle between light and dark modes, altering the display of colors for the appearance of role names in the “Name” column.