Open topic with navigation
Managing Users, Groups, and Email Notifications
The first User ID assigned to an Author has the rights to add and manage other users as well as manage user groups. If you have this authority, you will see an Access and Notifications section under the (Your Name) menu option. Each user can be assigned specific permissions and notifications within SOLO Server, giving the administrator great flexibility in limiting access to certain parts of SOLO Server to certain users. In addition, users can also be placed into groups, and will inherit any permissions given to the group. Any additional permissions given to a user will override the group settings, so it is also possible to assign a user to a group and give them extra permissions. This allows administrators to group users into distinct groups, each with a unique set of permissions, instead of assigning permissions on a user level, as well as the ability to override the group settings on a per user basis. By default, SOLO Server automatically creates an Administrators, Power Users, and Customer Service Rep groups for each author with appropriate permissions granted to each. It is recommended to examine and adjust or remove these default groups as well as create any new groups for the various departments across your organization, then create users and assign them to the groups based on their role.
To manage users and groups, from the menu select (Your Name) / Users or (Your Name) / Groups / Roles. This will display a listing of all current users/groups, with options to view/edit/delete existing users/groups as well as add new ones
For SOLO Server dedicated URL instances hosted on Concept Software servers, Concept Software Support accounts cannot be edited.
Users and groups are defined by the following properties (note that some properties are not shared among users/groups - this will be noted):
General Information - Users
- User ID
- This is what the user will use to log into the administration interface. This is typically a number or last name and first initial. This is only editable when creating a new user. Once the user is created, this cannot be changed.
- Password
- The user's password, used to log into the administration interface along with the User ID. When adding a new user, this is a required field. When updating an existing user, leave this field blank to leave the password as is, or enter a new password to change the password. By default, when adding a new user, this will be pre-populated with a random password. Click "Generate New Password" to generate a new random password. When creating a new user or changing the password on an existing user, be sure to record the password prior to saving the change, as the password cannot be displayed once saved.
- Last Login
- Read only. The date/time of the last login for the user.
- Last Login IP
- Read only. The IP address of the last login for the user. Click the IP adddress to perform a lookup on the IP address in a new window.
- Entered By/Entered Date
- Read only. The User ID which entered the user and the date/time the user was entered into the system.
- Modified By/Modified Date
- Read only. The User ID who last modified the user and the date/time the modification was made.
- User Name
- The user's real name.
- E-Mail
- The user's email address. This is the email address any notifications the user is signed up for will be sent to.
General Information - Groups
- Group Name
- The name of the group.
- Entered By/Entered Date
- Read only. The User ID which entered the user and the date/time the user was entered into the system.
- Modified By/Modified Date
- Read only. The User ID who last modified the user and the date/time the modification was made.
Settings - Users
- Group
- The group the user is assigned to.
- Order Level
- Order Level can be used to restrict users from not having access to certain products. Users must have at least the order level specified on a product to have access to the product. For example, if you set a product's order level to 10 and you leave a users order level at 0, that user will not see the product.
- Outside Access
- This can be used to only allow a user to log in from a certain IP address or range of IP addresses. It requires you to enter an IP address and subnet mask. It must be entered in the following format xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy|xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy. The | (pipe) separates the IP addresss. If you give a subnet of 255.0.0.0 and IP of 65.12.12.12, anyone with a 65. IP address will be allowed to enter. Note that currently only IPv4 addresses are supported.
- Change Password
- Check this to force the user to change their password the next time they log in.
- Enabled
- Whether the user is enabled. If this box is not checked, this user will not be allowed to log in. When editing your own user account, you will be prompted for confirmation if you uncheck this, as you will immediately be locked out of your account upon saving the setting.
- Master User ID
- This user is a senior level administrator and should have access to all authors on the system. Master User access is not available to authors using Instant SOLO Server.
- Global Access
- If this box is checked, the user has global access for reports and customer searching.
- Read Only
- If this box is checked, the user has read only access - they can view anything allowed by other permissions, but cannot change anything. When editing your own user account, you will be prompted for confirmation if you check this, as you will immediately be locked out of making any further changes in SOLO upon saving the setting.
Settings - Groups
- Description
- A short description of the group.
- Outside Access
- This can be used to only allow a user to log in from a certain IP address or range of IP addresses. It requires you to enter an IP address and subnet mask. It must be entered in the following format xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy|xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy. The | (pipe) separates the IP addresss. If you give a subnet of 255.0.0.0 and IP of 65.12.12.12, anyone with a 65. IP address will be allowed to enter.
- Read Only
- If this box is checked, the group has read only access - users in the group can view anything allowed by other permissions, but cannot change anything.
Master User ID Only - Users and Groups
The following permissions/notification settings can only be set by users with Master User access - they will not be displayed for other users. Master User access is not available to authors using Instant SOLO Server; it is only available to those self hosting SOLO Server on their own infrastructure.
- Accounting Reports
- Whether the user has permission to access advanced accounting reports.
- Issue Chargeback
- Whether the user has permission to issue a credit card chargeback.
- Issue RMAs
- Whether the user has permission to issue RMAs.
- View Password
- Whether the user has permission to view customer passwords. Note that implementation of this permission is currently a work in progress.
- View CC Numbers
- Whether the user has permission to view credit card numbers. If this is not checked, users will only see the last 4 numbers of credit cards.
- Notify Registrations
- Whether the user will receive email notification email when a customer registers a product.
- Notify Chargebacks
- Whether the user will receive email notification of any chargebacks.
- Notify Errors
- Whether the user will receive email notification of any errors generated during credit processing of online checkouts.
- Notify Referrals
- Whether the user will receive email notification of any referrals returned by the payment gateway.
- Notify Duplicates
- Whether the user will receive email notification of any duplicate charges run against the payment gateway.
- Notify Forgot PW
- Whether the user will receive email notification when a customer is unable to recover a lost password.
- Notify Author Signups
- Whether the user will receive an email notification when a new author signs up.
Report Access - Users and Groups
- Report Access
- Whether the user has access to basic reports.
- Financial Access
- Whether the user has access to extended sales and financial reports.
- Shipping Reports Access
- Whether the user has access to shipping reports.
- Sales Reports Access
- Whether the user has access to sales reports.
- Pending & Declined Reports
- Whether the user has permission to view the pending orders and declined orders reports.
User Permissions - Users and Groups
- Manage Account
- - Whether the user has permission to update company contact information. For Instant SOLO Server, this also controls whether the user also has permission to update company billing information. Users with this permission will also receive email notifications when either the contact or billing information of their author account is updated. This can only be granted by users with either Master User or Manage Account permission.
- Enter Rebates
- Whether the user has permission to enter rebates. Reserved for future use.
- Override Rebates
- Whether the user has permission to override rebates. Reserved for future use.
- Add Tickets
- Whether the user has permission to add new tickets.
- Edit Tickets
- Whether the user has permission to edit existing tickets.
- Ticket FAQ KB
- Whether the user has permission to mark tickets to be included in the FAQs and the Knowledge Base.
- Manage Storefront/Files
- Whether the user has permission to manage the virtual storefront and upload files.
- Manage Records
- Whether the user has permission to transfer licenses, merge customers, and edit ticket notes.
- Manage Users
- Whether the user has permission to manage users. When editing your own user account, you will be prompted for confirmation if you uncheck this, as you will immediately be unable to make any further permissions changes upon saving the setting.
- Manage Groups
- Whether the user has permission to manage groups.
- Reset Activation Count
- Whether the user has permission to reset the activation count on licenses whose activations have run down to zero.
- Issue Store Credit
- Whether the user has permission to issue store credits.
- Manage Mailings
- Whether the user has permission to view and edit mailings.
- Override Rules
- Whether the user has permission to override product option rules that are marked "Allow User Override".
Customer/License Access - Users and Groups
- Add Single Customer
- Whether the user has permission to add a single customer.
- Add Multiple Customers
- Whether the user has permission to add multiple customers/licenses.
- Edit Customers
- Whether the user has permission to edit customer records.
- Add Licenses
- Whether the user has permission to add licenses.
- Edit Licenses
- Whether the user has permission to edit licenses.
- Bulk Modify Licenses
- Whether the user has permission to bulk modify licenses.
- Activate Licenses
- Whether the user has permission to activate licenses.
- Manage Installations
- Whether the user has permission to deactivate/reactivate installations.
- Add Invoices
- Whether the user has permission to add invoices.
- Edit Invoices
- Whether the user has permission to edit invoices.
- Void Invoices
- Whether the user has permission to void invoices.
- Invoice Charge Credit Card
- Whether the user has permission to charge credit cards on the invoice add/edit page.
- Issue Refund
- Whether the user has permission to issue a refund.
Notify Emails - Users and Groups
- Notify Trial DL
- Whether the user will receive an email notification when a customer downloads a trial.
- Notify Orders
- Whether the user will receive an email notification when a customer makes a purchase. Note that this cannot be checked if Notify Orders Shipping is checked.
- Notify Orders Shipping
- Whether the user will receive notification email when a customer purchases a product that has a shipping amount greater than zero. Electronic orders are not notified. This could be used for a user in the shipping department who does not need to know about electronic orders. Note that this cannot be checked if Notify Orders is checked.
- Notify Affiliates
- Whether the user will receive an email notification when a new affiliate signs up to sell your product
- Notify Logins
- Whether the user will receive an email notification when a SOLO Server user logs into SOLO Server.
- Notify Ticket Assignments
- Whether the user will receive an email notification when a ticket is assigned to them.
- Notify Hard Declines
- Whether the user will receive email notification of any hard declines.
- Notify Soft Declines
- Whether the user will receive email notification of any soft declines.
Products/Distributors - Users and Groups
- Add Distributors
- Whether the user has permission to add new Distributors/Affiliates.
- Edit Distributors
- Whether the user has permission to edit Distributors/Affiliates.
- Export Distributors
- Whether the user has permission to export the Distributor/Affiliate list.
- Add Products
- Whether the user has permission to add products and product options.
- Edit Products
- Whether the user has permission to edit products and product options.
- View Products
- Whether the user has permission to view products.
- Edit Catalog
- Whether the user has permission to edit the product catalog (not used yet - reserved for future product catalog).
- Manage Inventory
- Whether the user has permission to view the Manage Inventory page and update inventory levels.
Payment Plans - Users and Groups
- Create Payment Plan
- Whether the user has permission to create payment plans.
- Edit Payment Plan
- Whether the user has permission to edit payment plans.
- Edit Payment Plan Instance
- Whether the user has permission to edit payment plan instances.
- Create Stored Payment
- Whether the user has permission to create stored payments.
- Edit Stored Payment
- Whether the user has permission to edit stored payments.
- Notify Successful Payment Plan Payments
- Whether the user will receive email notification for successful payment plan payment installments.
- Notify Declined Payment Plan Payments
- Whether the user will receive email notification for declined payment plan payment installments. In addition, users with this permission will receive an email notification when a customer updating their recurring payment details through the Customer License Portal encounter a decline from the test authorization performed to verify the credit card details.
- Notify Final Declined Payment Plan Payments
- Whether the user will receive email notification for the final declined payment plan payment installment. In addition, users with this permission will also receive email notification when a payment plan instance is canceled either by an administrator or by the customer through the Customer License Portal.
Resetting a Locked User Account
SOLO Server performs a velocity check against failed logins by both User ID and IP Address, and will automatically lock out a User ID and IP address which makes multiple failed login attempts in a short period of time. This prevents brute force attacks to gain access to the SOLO Server administrative interface. Unfortunately, this sometimes results in a user being locked out inadvertantly. When this occurs, you can unblock the user account by clicking the Reset Login Check at the top of the page when viewing the user details.
View User Audit History
All changes to user accounts are audited. To view the audit history for a user, simply click the "View Audit History" button in the page heading. See Viewing Audit History for more details.