Users

Managing users via the Keyfax Admin Tools.

Users can be said to be Advisors/Operators/Agents who actually run the scripts or Administrators who are responsible for creating and maintaining scripts. Anyone attempting to launch Keyfax must be registered as a user via Admin Tools.

Clicking Users from the menu ribbon will present the following tab:

The User Maintenance tab

Menu options

The list can be filtered by any combination of:

  1. Full Name or Username (and toggled between the two with the ‘Full/User’ button)

  2. Selecting a user ‘Type’ to filter by disabled or administrative status

  3. Selecting a 'User Group' to filter by - this filters by the group displayed in the brackets after the Full Name of the user

Filtering Users by 'Type'

User Properties

Login Mode - There are 3 options for Admin logins. This is what each mode does:

  • Windows mode expects the Username to be a valid Windows User allowing Admin login without a password. The Admin Password Reset button is hidden as not required. In Windows mode, the Usernames can be prefixed or suffixed with the domain name; this will be set up by your system implementor.

  • Keyfax mode requires a password as with the current login. Security has been added around the password storage and authentication process. Configuration of (e.g.) password strength will be set up by your system implementor.

  • Keyfax SSO (Entra ID) mode allows password and permissions to be managed from Microsoft Entra Id allowing users to start Keyfax without entering a username or password. Read more detailed information via our Keyfax SSO - via Microsoft Entra ID Support page.

Username - for all operators, this name must match the name passed by the system that launched the Keyfax diagnostic. There is no password validation when launching from a host system

WARNING Usernames can be changed, however any previous activity/history records will be retained with the original Username.

Forename, Surname & Email Address - these three fields are mandatory.

User Group - This allows a free format text entry identifying the user as a group member. The User Group is intended for scripting purposes allowing different behaviour according to the user’s group. For example, some users may be designated as out of hours shift workers requiring that different script sets are presented to them; these could be set up in a group named 'OOH' and a Startup script can examine this and load the appropriate Script Set.

There is no predefined list of User Groups, however, the system presents a dropdown of all current User Groups for selection. This allows easy selection of any existing used group or just type a new group name to create one.

Other details:

The following fields can be hidden by configuration, if required:

  • Department

  • Address1-3

  • Town

  • County

  • Postcode

  • Telephone

  • Extension

  • Fax

  • User Group

Script Permissions

This section is only displayed for Admins with permission to access the ‘User Permissions’ feature themselves. Script Permissions control access to all Script maintenance functions.

Scripting permissions

Advisors without a need to use Admin tools should be set up with no Script or System permissions.

Script permissions are as follows:

Scripting - Allows maintenance of the script and all related structures and entities.

Scripting (Exclusive allowed) - Allows selection of Exclusive mode for all scripting as above.

Templates - Allows maintenance of Keyfax Base Task Templates.

System Permissions

System permissions

Reporting - Allows access to the Reports Viewer and all standard Keyfax reports.

System Admin - This option is only available for system administrators in their support capacity.

Communications queue - To monitor the progress of outbound Keyfax communications, such as emails and SMS. Access to the communication queue can only be granted/applied to Keyfax Administrator accounts when logged in as the System Administrator.

User Maintenance - Allows maintenance of Keyfax Users as described in this document.

User Permissions - Allows Keyfax User maintenance as above with the ability to change user permissions (excluding System Admin permission).

Call Permissions

Call permissions

Disable service priority edits - Disable the option to override the service priority on the Results (final) Page.

Disable service quantity edits - Disable the option to override the service quantity on the Results (final) page.

Disable visibility of service costs - Hide the value of the service and total service cost on the Results (final) page.

The example below shows the Quantity and Priority fields have been disabled for the selected user, preventing them from editing these fields. The Service Costs have also been disabled and are therefore not visible.

Disabled call permissions for Priority, Quantity and Service Costs fields on the Results Summary Page

Passwords

Keyfax user passwords are only required for administrators configured with a Keyfax login. Advisors and Admins using Windows login have no separate Keyfax password.

Initially, new Keyfax users, with any Admin permissions, are set up with a system generated random password. The person setting up a new user is never aware of the new users password which is automatically emailed to the new user. Emails are sent directly to the new user from the web server. The Password Reset button is enabled before an Edit session is started. If a user forgets their password this can be reset by any user with User Maintenance permission. Clicking ‘Reset’ will set a new random password and email this to the selected user. A confirmation message is displayed when the email has been sent.

The Password Reset button is hidden when the Edit button is clicked and the user properties are being edited.

Password Authentication Process

New administrative users are set up with an auto-generated password emailed to the email address assigned to that user. Users must change this password when they first login to Admin Tools. The same process applies for password Reset.

Entry Fields Validation

Mandatory fields must be populated, the Username must be unique and password validation prevents re-use of last n passwords (where 'n' is configurable).

Keyfax can also be configured to enforce password requirements as follows:

  • Minimum character length of 12 characters

  • Password must be changed every n days

  • Cannot repeat last n number of passwords

  • Ensure mixed case is used

  • Ensure alpha characters are entered

  • Ensure numeric values are entered

  • Ensure special characters are entered

Please contact Omfax Support to assist with implementing password requirements.

Deleting Users

'Exclusive mode' is not required to delete a User. Any other admin trying to select or edit a newly deleted user will be presented with a message advising the user has been deleted and the administrator will be unable to edit.

DANGER Deleting a user cannot be undone and is permanent.

See also

PreviousDsNextFinding active users

Last updated