User administration
An administrator with the “User administrator” privilege can create users in F2. Users are created in an authority and can also be attached to a unit. A user needs a “job role” before they can log in to F2.
The creation of a new user is described below. Once the user is created, they need to be assigned roles of which one must be a job role. The roles are affiliated with units and contain one or more privileges. Privileges let the user perform different actions in F2.
One or more role types must be defined before a user can be assigned any roles. One role type must be a “job role”.
Create user
Access to different functions in F2 is controlled using roles. Every role is given one or more privileges. In order for a user to log in to F2, one of these roles must be a “job role”. It is only possible for a user to access F2 through a job role.
If a user was already created through AD import, the user must be assigned a role.
Administrators/user administrators can create users in F2 via the “Administrator” tab by clicking on the Units and users menu item in the ribbon.
A dialogue opens in which the user’s master data can be entered.
Create user – information
For every user the master data, including name, initials, email address, user name, etc., must be added. This is done on the “Information” tab as displayed below.
The following table explains selected fields from the “Information” tab in the “Create user” dialogue.
| Field | Description | ||
|---|---|---|---|
“Limited access” |
Ticking the “Limited access” box restricts the user’s access to records or cases in F2. The user only gains access when added to a record’s or case’s access restriction either by username or by being in a security group, unit or team. The user must also have access to the record, e.g. as a supplementary case manager. A user with limited access can access any record they create. The user will lose access to a record if it is added to a case with an access restriction. If the user creates a case, they are automatically added to its access restriction. |
||
“Get email” |
Tick the checkbox to automatically import emails from Outlook to F2 for this user. This is only relevant if F2 is set up with manual email import. With this setup a user must manually move emails from Outlook to the "Move to F2" folder if the checkbox is unticked.
|
||
“Receive email externally” |
If this box is ticked, the user will only receive emails in Outlook. This also applies to emails sent internally in F2. Any other communication channels are not affected by a tick in the “Receive email externally” box. For example, chats, approvals and records that are either sent or for which the responsibility is allocated internally will still be found in F2 only. |
| "Get email" and "Receive email externally" cannot both be ticked. "Receive email externally" lets the user receive email in another email client. These emails must be manually moved to F2 using the "Move to F2" folder. |
Click on OK when the fields are filled in. The user then needs a job role. This is described in the next section.
Create user – roles
A new user must be assigned a job role. Fill in all the relevant fields on the “Information” tab in the “Create user” dialogue and click on OK. F2 will then automatically shift to the “Roles” tab. Here, assign a job role to the user in either the top unit or in a subunit.
Click on Add role on the “Roles” tab.
| An administrator can check which roles are in the "job" category in the "Role types and privileges" dialogue, which is accessed from the ribbon of the "Administrator" tab. |
The “Add role to [user]” dialogue opens. Assign the user to an authority or unit. Then select a role type in the “Role type” drop-down menu.
Click on OK to apply the changes and close the “Add role to [user]” dialogue.
| It is important to select a unit for the user’s role, since the role and its location determine which rights the user has in the given unit. |
The “Roles” tab now shows that the new user has been assigned the role.
Click on OK. The user is created and can now log into F2.
When a user is created, they can be assigned several roles. Roles have associated privileges that let the user perform different tasks in F2. Read more in the Roles in F2 section.
| New users are always created with the “Addressbook owner” role. Read more about roles in the Roles in F2 section. |
Deactivate user
It is not possible to delete a user in F2. A user can instead be deactivated. In the main window, click on the “Administrator” tab and then the Units and users menu item to deactivate a user.
The “Units and users” dialogue opens. In the dialogue, click on the “Users” tab. Select the user in the tree structure and click on Deactivate.
F2 asks for confirmation before the user is deactivated. After deactivation the username is shown in italics.
| A user must be deactivated in both F2 and Active Directory to be completely deactivated. If the user is only deactivated in F2, it will be reactivated via AD import. |
| To immediately block a user’s access to F2, it may be necessary to both deactivate them and log them out. The latter is done using the Log out user function. |
Log user out of all sessions
You can log a user out of all sessions across all devices if you have the "User administrator" privilege. This function can be relevant in connection with security, e.g. if there is a suspicion that a user password has been compromised.
Go to the Administrator tab, and click the Log out user menu item.
Select the user you wish to log out, and click Log out user.
Activate user
A deactivated user can be reactivated. Click the Units and users menu item on the “Administrator” tab in the main window.
In the “Units and users” dialogue, click on the Users tab. Select the user in the tree structure and click on Activate.
A warning dialogue opens. Click on Yes to reactivate the user. Select the user again and click on Properties. The “Properties for the user [user name]” dialogue opens.
When the user is deactivated, the user name field will state “Not employed”. For the user to be reactivated completely, the “User name” field must contain the user’s name, in this example Ann Sekner. Either the user’s full name or an abbreviated version, e.g. the initials used for login and/or email, must be entered here.
If F2 has not automatically executed this change during reactivation, it must be done manually.
| F2 considers the user activated when the “Username” field contains the participant’s username. |
| A user must be reactivated in both F2 and Active Directory. If the user is only reactivated in F2, the user will be deactivated via the AD import. |