IV 1. User Profile – General Information

1.     User Profile – General Information

The General tab on user profile component is used to define the user’s account status, authentication information and user’s default settings along with the permissions that are directly granted at the user profile level instead of the regular way of granting access through the roles.

5_1

Figure V‑2 User Profile – General Information

A.     Logon Information:

Information used by the system during user authentication

Account Locked Out?: Turning on the ‘Account Locked Out’ check box disables the user account. The user cannot access the system while this check box is selected. This can be turned on manually when it is appropriate to lock out a user from accessing the system. If the password controls are enabled, the system automatically disables the user account after the specified number of invalid login attempts by turning this check box on.

Symbolic ID: Symbolic ID is representation of access profile (Access ID and password) to access the database for user authentication. Refer to System Security – Authentication Process and related IDs for more details on Symbolic ID.

Password/Confirm Password: On existing user profiles, these fields store the encrypted value for user’s password. Administrators can change the user’s password by typing the required password (that conforms to the password control standards) in text form. Upon entering the matching password in both fields and saving the user profile, the entered password is automatically encrypted before it is saved to the database table.

User ID Alias: This field can be used to provide an alias user name for the user id. The user can use either the actual user ID or the User ID Alias (if populated) for authentication.

Password Expired?: This is a display only field that shows the status of the user’s password age. If password controls are enabled with a password expiration period and user has not changed his/her password before the expiration period, the system enables this check box and forces the user to reset his/her password upon the next login attempt. User cannot access the system without resetting their password once their password has expired.

Edit Email Addresses: Click on this link to enter the email addresses for the user profile. A user profile can be associated with different types of email addresses (ex: Business, Blackberry, Home, Work etc.). One of the entered emails should be marked as the primary email address for the user profile which is used by system for workflow routing email notifications.

B.     General Attributes:

Information used by the system to determine user’s session parameters:

Language Code: The default language in which the reports and batch jobs are created for the user. The actual language that the application pages are presented to the user is determined by the language selected at the login screen before entering the user id and password. Multi-language setup should be completed at the system level before the system can present information in any language other than the default language.

Currency Code: If multi-currency is enabled in the environment, this field is used to define the default currency code in which the monetary values are presented to the user.

Default Mobile Page: This feature is deprecated and not used in the recent versions of PeopleTools.

Enable Expert Entry: For the power users who enter data into the transactional pages with several PeopleCode events, Expert Entry allows them to enter all the data on the page without triggering the PeopleCode events until it is saved. This allows the users uninterrupted page session for quicker entry of data and reducing the database trips required for processing the information. This should be enabled for users who do a lot of data entry activity and are knowledgeable about the data validations on the component.

Allow Switch User: This option is only available on the user profile page if the Switch User function in the PeopleTools options is set to ‘Some’ in which case, the security administrator has the ability to selectively choose which users can switch user context within the session. The users with access (or all users when ‘All’ option is selected in tools), can switch their identity to different user profile without having to logout of the session.

** Most implementations do not require this capability and is rarely given to business users.

 

C.      Permission Lists:

Access granted to the user directly from the permission lists instead of roles. User can only be assigned one permission list for each parameter below.

Navigator Homepage: Navigation maps are visual step-by-step mapping for various business processes. Use the navigator home page field to the navigation map that should be presented to the user upon initial login. This provides the users with easy access to the business functions they perform regularly. Add the permission that has the right navigation page defined for the user.

** Refer to Permission Lists – Miscellaneous section for more information on setting the navigator home page for a permission list.

Primary: The system defines ‘Mass Change’ and ‘Definition Security’ permissions from the Primary permission list assigned on the user profile.

** Refer to Permission Lists – Mass Change section for more information on granting Mass Change access for a permission list.

** Refer to APPENDIX – A: Definition Security for more information on granting definition security access for permission lists.

Process Profile: The system defines the user’s access in the process monitor from the Process Profile permission list assigned on the user profile.

** Refer to Assigning Process Profile Permissions section in this book for more information on assigning process profile access for a permission list.

Row Security: Row security permission list defines the rows of data a user can see when searching on secured components/pages.

** Refer to Implementing Data Security in HCM  in this book for more information on granting row security access