Skip to main content

Creating a New Network User

Paige Freeman
  • Updated

Once LDAP authentication has been enabled, you can create a new network user who can log into ThreeSixty using their network credentials.

To create a new network user:

  1. From the left navigation menu, select Security Settings.
  2. Select User Security. The User Security page displays as shown below.
  3. Select +New Network User.
    This option will only display if LDAP authentication has been enabled.
    The Choose a Network User page displays, as shown below.
  4. Enter your network User ID and Password.
  5. Select the Domain. 
  6. Enter the Search Keyword.
  7. Select Filter to search for the network user based on your selected criteria.
    The results grid displays the network users that match your criteria. Select a user within the grid, then the Select button.
  8. The Add New User page displays.
  9. The user selected displays within the Network ID field. To search for and select a different user, select the Search button.
  10. Enter a unique User ID and Name.
  11. Enter the user's Email Address. Please note that an email address is required when adding or editing a user.
  12. Enter a Reply To Email address if desired.
  13. Enter the Account Expiration date by entering the date in the format shown or clicking the calendar icon to browse for the correct date.
  14. The following fields are optional:
    1. Managed By
    2. Primary Search Group
    3. Constituent
  15. In the User Options section, the Active toggle defaults to YES; change if necessary. Then set the appropriate toggles to YES or NO:
    1. Super User
    2. Contract Tracking Staff
    3. Required Password Change
      This toggle cannot be modified when creating a network user.
    4. User Locked
    5. Allow Email Alert
    6. Is Network Account
      This toggle is set to YES and cannot be modified when creating a network user.
    7. Is Administrator
      This toggle is set automatically based on certain criteria and cannot be modified. For more information, please see the table below.
    8. Auto Create Batch
  16. In the Copy User Permissions section, enter at least three letters and click the search icon to pull up a drop-down menu of users. Click on the user whose permission settings you wish to copy for the new user you are creating. Alternatively, click Advanced to browse for a user or search by user ID or user name.
    1. Select YES or NO on the toggles  to indicate if you want  to also copy the user's Security Groups and Personas.
  17. Click Save

Screen Element

Description

User ID

Text box. A unique ID for the user. This ID is used when signing into ThreeSixty. This field defaults based on the first character of the user’s first name and up to 19 characters of the user’s last name.

User Name

Text box. The long name or description of the User ID.

Email

Text box. The email address of the user. It is used in the Contact Tracking module to send an email to this user. An email address is required.

Reply To Email

Text box. The email address to which the user wants reply emails to be sent.

Account Expiration

You can set a user account expiration date so users cannot access their account after a specific date. This functionality exists for cases where organizations hire temps that should only need access for a given amount of time. The user can no longer log in after this date.

Managed By

Search or browser to select the user who manages the new user.

Primary Search Group

Select the primary search group (subgroup that is typically a chapter) to be used in searches for the user. 

Constituent

Select the constituent associated with the new user. The constituent lookup is limited to Individual Record Type. Only individuals can be selected as the associated constituent.

User Options

Active

Toggle. When YES is selected, the user is active. Inactivating a user means the user will not be able to log into ThreeSixty. Before you inactivate a user, make sure they are not assigned to any open or private contact tracking records or that the user doesn't own any public Quick Pick items with no expiration date.

As a matter of best practice, you should also re-assign another staff member if the staff member being inactivated is a current segment manager, defined as a manager of other back office users, or defined as a staff person on a current or future Abstracts Call Submission Type.

Staff can also be assigned as the point of contact for fundraising planned giving plan, but if the staff being inactivated was the person who worked with the donor to secure the planned giving commitment, it would be appropriate to leave that staff person assigned to the planned giving plan.  

Super User

Toggle. When YES is selected, it  indicates that the user is a super user. A super user can view all screens in all personas, regardless of other security groups. However, if organization unit segmentation is defined, those segmentation rules still apply to the super user. Typically, this toggle is set to NO because it allows the user to bypass screen and menu security. Only super users can create other super users on this screen.

Contact Tracking Staff

Select YES to indicate the user is a staff person who can be assigned to contact tracking items. If  YES is selected, the user will display in the Staff Assigned drop-down on the Contact Tracking screen when adding a new record.

 

Please keep in mind that this toggle does NOT affect security on the Contact Tracking screen. Staff that are NOT marked as contact tracking staff will still be able to add, view, and edit contact tracking records (assuming they already have the permissions to do so).

Required Password Change

Toggle. This toggle is disabled when creating a network user.

User Locked

Toggle. When YES is selected, it indicates the user is locked out of his or her workstation. The system limits repeated access attempts by locking out the user ID after six attempts. If this occurs, the user can try to log in again in 30 minutes, or the administrator can access this screen and select NO.

Allow Email Alert

Toggle. Select YES to allow the user to receive email alerts from the system through Contact Tracking alerts.

Is Network Account

 Toggle. When Yes is selected, it indicates the user account is the network account, and the Active Directory is enabled.

 

If the user's network password CANNOT contain a pipe ( | ) character, the system will display a message that the network credentials are incorrect.

Is Administrator

Toggle. This toggle indicates if  the user performs administrator tasks and should have administrator rights. Whether or not this toggle is set to YES or NO is calculated by the system based on the following properties:

·       User is a super user

·       User belongs to a security group with access to Application Designer and Database Designer

·       User belongs to a security group with access to publish screens

·       User belongs to a security group with access to use debug tools

·       User has permission to specific security application. For more information, see information regarding Administrative Application toggle on the Application Security page.

This toggle is set  automatically based on the criteria outlined above. It is a requirement for PA-DSS/PCI that all activities performed by a user who has  "administrative" rights must be recorded. The "Is Administrator?" toggle is an indicator that all of the user's activities are tracked by PA-DSS audit logging service.

Security Applications that are Administrator Applications will have Inherit Module Security set to No and disabled. The following applications will need to be reassigned if they were previously inheriting these permissions from the module:

  • Settings.ApplicationSettings
  • Settings.OrganizationSettings
  • Committee.Segmentation
  • CRM360.Segmentation
  • Subgroup.Segmentation
  • Settings.UserSecurity
  • Settings.SecurityGroups
  • Settings.AccessPoints
  • Settings.ApplicationSecurity

Auto Create Batch

Toggle. If YES is selected, the system will automatically open a batch when the user proceeds through the payment workflow in PersonifyGO. If NO is selected, when the user tries to create a batch through the payment workflow, the Batch Chooser screen will open asking the user to select a direct or deferred batch.

The security setup defined for the security group to which the user belongs will override the Auto Create Batch flag. Therefore, even if the Auto Create Batch checkbox is checked, if the user does not have access to create batches, the system will NOT auto-create a batch.

Copy User Permissions From

Source User

Enter the first three letters of the user whose permissions you wish to copy, and click the search icon. Alternatively, click Advanced to browser for a list of users.

Security Groups

Toggle. Select YES if you want the Source User's Security Groups to be the same for the new user.

Personas

Toggle. Select YES if you want the new user to have access to the same Personas as the Source User.