User administration

An administrator with the “User administrator” privilege can create users in F2. Users are created in an authority and can also be attached to a unit. A user needs a “job role” before they can log in to F2.

The creation of a new user is described below. Once the user is created, they need to be assigned roles of which one must be a job role. The roles are affiliated with units and contain one or more privileges. Privileges let the user perform different actions in F2.

One or more role types must be defined before a user can be assigned any roles. One role type must be a “job role”.

Create user

Access to different functions in F2 is controlled using roles. Every role is given one or more privileges. In order for a user to log in to F2, one of these roles must be a “job role”. It is only possible for a user to access F2 through a job role.

If a user was already created through AD import, the user must be assigned a role.

Administrators/user administrators can create users in F2 via the “Administrator” tab by clicking on the Units and users menu item in the ribbon.

image5
Figure 1. The “Units and users” menu item

A dialogue opens in which the user’s master data can be entered.

create user
Figure 2. Create user

Create user – information

For every user the master data, including name, initials, email address, user name, etc., must be added. This is done on the “Information” tab as displayed below.

image25
Figure 3. User information

The following table explains selected fields from the “Information” tab in the “Create user” dialogue.

Field Description

“Limited access”

Ticking the “Limited access” box restricts the user’s access to records or cases in F2. The user only gains access when added to a record’s or case’s access restriction either by username or by being in a security group, unit or team. The user must also have access to the record, e.g. as a supplementary case manager.

A user with limited access can access any record they create. The user will lose access to a record if it is added to a case with an access restriction. If the user creates a case, they are automatically added to its access restriction.

“Get email”

The use of the "Get email" field depends on how F2’s email import is set up for the user in question:

  • Automatic email import means that all emails from the user’s inbox in Outlook are imported into the user’s inbox in F2. Uncheck the "Get email" box if the user does not want their emails to be automatically transferred to F2.

  • Manual email import means that the user must move emails in Outlook to the "Move to F2" folder themselves. The "Get email" box must be checked in order to import emails from the "Move to F2" folder to the user’s inbox in F2.

F2 creates a record for each transferred email.

“Receive email externally”

Ticking the "Receive email externally" box means that emails sent internally from F2 to the user are received in the user’s external email client, such as Outlook, and not in the user’s inbox in F2.

Other communication channels are unaffected by a tick in the “Receive email externally” box. This means that chats, approvals, and records for which the responsibility is allocated to the user will still be found in F2 only.

"Get email" and "Receive email externally" cannot both be ticked. "Receive email externally" lets the user receive email in another email client. These emails must be manually moved to F2 using the "Move to F2" folder.

Click on OK when the fields are filled in. The user then needs a job role. This is described in the next section.

Create user – roles

A new user must be assigned a job role. Fill in all the relevant fields on the “Information” tab in the “Create user” dialogue and click on OK. F2 will then automatically shift to the “Roles” tab. Here, assign a job role to the user in either the top unit or in a subunit.

Click on Add role on the “Roles” tab.

image27
Figure 4. The “Roles” tab in the “Create user” dialogue
An administrator can check which roles are in the "job" category in the "Role types and privileges" dialogue, which is accessed from the ribbon of the "Administrator" tab.

The “Add role to [user]” dialogue opens. Assign the user to an authority or unit. Then select a role type in the “Role type” drop-down menu.

image29
Figure 5. Add a role to a new user

Click on OK to apply the changes and close the “Add role to [user]” dialogue.

It is important to select a unit for the user’s role, since the role and its location determine which rights the user has in the given unit.

The “Roles” tab now shows that the new user has been assigned the role.

Click on OK. The user is created and can now log into F2.

When a user is created, they can be assigned several roles. Roles have associated privileges that let the user perform different tasks in F2. Read more in the Roles in F2 section.

image31
Figure 6. Assign a role to a new user
New users are always created with the “Addressbook owner” role. Read more about roles in the Roles in F2 section.

Deactivate user

It is not possible to delete a user in F2. A user can instead be deactivated. In the main window, click on the “Administrator” tab and then the Units and users menu item to deactivate a user.

image5
Figure 7. The “Units and users” menu item

The “Units and users” dialogue opens. In the dialogue, click on the “Users” tab. Select the user in the tree structure and click on Deactivate.

user deactivate
Figure 8. Deactivate a user

F2 asks for confirmation before the user is deactivated. After deactivation the username is shown in italics.

user deactivated state
Figure 9. A deactivated user
A user must be deactivated in both F2 and Active Directory to be completely deactivated. If the user is only deactivated in F2, it will be reactivated via AD import.
To immediately block a user’s access to F2, it may be necessary to both deactivate them and log them out. The latter is done using the Log out user function.

Log user out of all sessions

You can log a user out of all sessions across all devices if you have the "User administrator" privilege. This function can be relevant in connection with security, e.g. if there is a suspicion that a user password has been compromised.

Go to the Administrator tab, and click the Log out user menu item.

log out user
Figure 10. The "Log out user" menu item in the "Misc." menu group

Select the user you wish to log out, and click Log out user.

log out user dialogue
Figure 11. The "Log out user" dialogue

Activate user

A deactivated user can be reactivated. Click the Units and users menu item on the “Administrator” tab in the main window.

image5
Figure 12. The “Units and users” menu item

In the “Units and users” dialogue, click on the Users tab. Select the user in the tree structure and click on Activate.

reactivate user
Figure 13. Reactivate a user

A warning dialogue opens. Click on Yes to reactivate the user.

A user must be reactivated in both F2 and Active Directory. If the user is only reactivated in F2, the user will be deactivated via the AD import.