User administration
An administrator with the “User administrator” privilege can create users in F2. Users are created in an authority and can also be attached to a unit. A user needs a “job role” before they can log in to F2.
The creation of a new user is described below. Once the user is created, they need to be assigned roles of which one must be a job role. The roles are affiliated with units and contain one or more privileges. Privileges let the user perform different actions in F2.
One or more role types must be defined before a user can be assigned any roles. One role type must be a “job role”.
Create user
Access to different functions in F2 is controlled using roles. Every role is given one or more privileges. In order for a user to log in to F2, one of these roles must be a “job role”. It is only possible for a user to access F2 through a job role.
If a user was already created through AD import, the user must be assigned a role.
Administrators/user administrators can create users in F2 via the “Administrator” tab by clicking on the Units and users menu item in the ribbon.
A dialogue opens in which the user’s master data can be entered.
Create user – information
For every user the master data, including name, initials, email address, user name, etc., must be added. This is done on the “Information” tab as displayed below.
The following table explains selected fields from the “Information” tab in the “Create user” dialogue.
| Field | Description |
|---|---|
“Limited access” |
Ticking the “Limited access” box restricts the user’s access to records or cases in F2. The user only gains access when added to a record’s or case’s access restriction either by username or by being in a security group, unit or team. The user must also have access to the record, e.g. as a supplementary case manager. A user with limited access can access any record they create. The user will lose access to a record if it is added to a case with an access restriction. If the user creates a case, they are automatically added to its access restriction. |
“Get email” |
The use of the "Get email" field depends on how F2’s email import is set up for the user in question:
F2 creates a record for each transferred email. |
“Receive email externally” |
Ticking the "Receive email externally" box means that emails sent internally from F2 to the user are received in the user’s external email client, such as Outlook, and not in the user’s inbox in F2. Other communication channels are unaffected by a tick in the “Receive email externally” box. This means that chats, approvals, and records for which the responsibility is allocated to the user will still be found in F2 only. |
| "Get email" and "Receive email externally" cannot both be ticked. "Receive email externally" lets the user receive email in another email client. These emails must be manually moved to F2 using the "Move to F2" folder. |
Click on OK when the fields are filled in. The user then needs a job role. This is described in the next section.
Create user – roles
A new user must be assigned a job role. Fill in all the relevant fields on the “Information” tab in the “Create user” dialogue and click on OK. F2 will then automatically shift to the “Roles” tab. Here, assign a job role to the user in either the top unit or in a subunit.
Click on Add role on the “Roles” tab.
| An administrator can check which roles are in the "job" category in the "Role types and privileges" dialogue, which is accessed from the ribbon of the "Administrator" tab. |
The “Add role to [user]” dialogue opens. Assign the user to an authority or unit. Then select a role type in the “Role type” drop-down menu.
Click on OK to apply the changes and close the “Add role to [user]” dialogue.
| It is important to select a unit for the user’s role, since the role and its location determine which rights the user has in the given unit. |
The “Roles” tab now shows that the new user has been assigned the role.
Click on OK. The user is created and can now log into F2.
When a user is created, they can be assigned several roles. Roles have associated privileges that let the user perform different tasks in F2. Read more in the Roles in F2 section.
| New users are always created with the “Addressbook owner” role. Read more about roles in the Roles in F2 section. |
Deactivate user
It is not possible to delete a user in F2. A user can instead be deactivated. In the main window, click on the “Administrator” tab and then the Units and users menu item to deactivate a user.
The “Units and users” dialogue opens. In the dialogue, click on the “Users” tab. Select the user in the tree structure and click on Deactivate.
F2 asks for confirmation before the user is deactivated. After deactivation the username is shown in italics.
| A user must be deactivated in both F2 and Active Directory to be completely deactivated. If the user is only deactivated in F2, it will be reactivated via AD import. |
| To immediately block a user’s access to F2, it may be necessary to both deactivate them and log them out. The latter is done using the Log out user function. |
Log user out of all sessions
You can log a user out of all sessions across all devices if you have the "User administrator" privilege. This function can be relevant in connection with security, e.g. if there is a suspicion that a user password has been compromised.
Go to the Administrator tab, and click the Log out user menu item.
Select the user you wish to log out, and click Log out user.
Activate user
A deactivated user can be reactivated. Click the Units and users menu item on the “Administrator” tab in the main window.
In the “Units and users” dialogue, click on the Users tab. Select the user in the tree structure and click on Activate.
A warning dialogue opens. Click on Yes to reactivate the user.
| A user must be reactivated in both F2 and Active Directory. If the user is only reactivated in F2, the user will be deactivated via the AD import. |