Manage System Users

Home > Settings > System Settings > System Users
Project > Settings > System Settings > System User

Requires System Users - View permissions to view System Users, Add/Edit permissions to manage System Users

By default, all System Users can view the System User list, but while IT and System Administrators and System Managers have the permissions needed to add and delete System Users and modify System User accounts, including their Organization A group set up by a System Administrator of a provider to represent either an external company that pays for provider services, or an internal division. The provider configures the necessary system components and system storage, then sets up the Organization with a primary Administrator account and document storage to support further setup and Project creation using the eDiscovery application. As part of the provisioning process for a given Organization, an Administrator establishes Users, Groups of Users, and Connectors, which provide access to a number of defined data import and export locations to enable import and export of Organization data. memberships, System Members do not. Only IT and System Administrators can give a new or existing System User the System Administrator role.

For full information about System User roles, see View and Manage System Role-Based Permissions.

Note: A System User's permissions are determined by the union of the permissions from the System User's individual role (if applicable) and their role within a System Group, meaning the highest permission between the two sets applies. A System User in the System Administrator role will receive email notifications of all Project delete requests made by an Organization User, Project deletions, and Organization deletions, assuming a Mail Server has been configured on the system and the System User entry contains a valid email address in the Email field.

System User List

• Username The unique name of an item. For many items, the name can have up to 100 characters. Some items, such as a Connector name, can have up to 255 characters. An Excluded Content Block name is limited to 32 characters. (default sort column) – Either the email address assigned to the User for TransPerfect Authentication (TP Auth) or the login account name used to log in under Standard Authentication (Standard Auth). (For more information about authentication mechanisms, see Add or Edit an Organization User.) Each username is unique across the system.

• Role — A role represents a set of permissions to apply actions to objects. As long as you have the appropriate permissions, you can assign a System User to any role from the drop-down list of those available, which includes the predefined roles and any custom roles created. Predefined roles include the following:
  • IT Administrator — Has full permissions to manage all aspects of the system. Only a System User in the IT Administrator role has the Add/Edit and Delete permissions for Storage, which are needed to configure and manage the system storage on which extracted documents and other data are stored. (All System Roles have the View permission for Storage.) This role cannot be deleted.
  • System Administrator — Has full permissions to manage all aspects of the system except Add/Edit and Delete for Storage. Only a System User in the IT Administrator or System Administrator role can assign other System Users to the System Administrator role. This role cannot be edited or deleted.
  • System Manager (default) — Has permissions to manage many aspects of the system, but not all. For example, a System User in this role does not have permissions to perform some IT-level functions.
  • System Member — This role has a smaller set of permissions, mainly for viewing System-level information.

• First Name, Last Name – The System User's name.

• Email – The full email address at which the System User receives Digital Reef emails . (For TP Auth Users, this is likely to be the same as their login email, but some may use a different address.) All email addresses must be unique across the system.

• Authentication Method — The additional login authentication options configured for the User. (Only the options that match the configured system authentication method are applicable.)

• TP Auth Status (TP Auth only) — The authentication status of the System User, either Success or Failure (plus All for both). When an Organization User entry has Failure status, you can use the right-click option Retry TP Auth Setup to retry the TP Auth setup process (see below).

• Status(Standard Auth only) — The authentication status of the System User, either Unlocked or Locked (plus All for both). Under Standard Auth, a System User entry becomes locked when the User enters an incorrect password five times in a row. (Attempted User access with an invalid IP address does not affect the failed login count.) To unlock a Standard Auth System User account, you can either use the Unlock option or change the password of the User (see below for both actions).

  Description Provides a helpful description of an item. A description can have up to 255 characters. – A description of this System User.

Note: You can drag column headers to the left or right to reorder them. You can also right-click any header to reset all filters or choose which columns to display.

System User Options

To add a new User, use the New System User button. To manage an existing User, right-click the User or click at the far right and select Edit to display a dialog that lets you do the following (if you do not have permission to perform an action it is not available):

• Modify the entry — You can modify the name fields, the email address or the description by entering the new value in the text box.
• Change the role — The drop-down lets you assign a different role to the user, selecting from among those described in the previous section.
• Change the password — Use the Change Password button to reset the User's locally authenticated password, which has several additional effects:
  • If the User's account was locked, it is unlocked.
  • In most cases the User is logged out on all devices.
  • At next login, the User is required to change the password again.
• Add Authentication options — Adds authentication requirements for email confirmation (Standard Auth only) and/or IP authorization, as described in About the eDiscovery Login Process.

Note: Under Standard Authentication, an Organization User or System User must change their password when first logging in after the account is created, when the current password expires based on the system password policy, and when a System Administrator resets the account password. Any password change is logged as an event in the system Status Log. A password change event identifies both the User who made the change and the User whose password was changed.

Other options available (with the needed permissions) from the context () or right-click menu include:

• Retry TP Auth Setup (TP Auth only) — For an Organization User entry with a status of Failure, retries the TP Auth setup process either by launching the New User dialog to add a new User with the appropriate credentials, or retrying authentication for an Organization User who has valid TP Auth credentials after the user is given permission to access the application or issues with their user settings have been corrected.
• Unlock (Standard Auth only) — If the User's account is locked (due to five straight incorrect passwords), unlock it.
• Add to / Remove from Organizations — Launches the Add to / Remove from Organizations dialog, which enables you to manage the selected System User's membership in one or more Organizations.
• Log out on All Devices — Logs the User out on all logged in devices.
• Delete — Deletes the selected System User account. Note that while deletion of a System User account on a TP Auth system prevents the User from accessing Digital Reef, the TP Auth credentials continue to provide access at the corporate level.