Manage Organization Users

Home > selected Organization >menu or right-click >Settings > Users
Project > Settings > Organization Settings > Users

Requires Organization - Users - View, Add/Edit, and Delete Permissions

System Users in a role with the needed permissions can use the Organization User list to view, manage, add, modify, and delete the Users in a particular Organization A group set up by a System Administrator of a provider to represent either an external company that pays for provider services, or an internal division. The provider configures the necessary system components and system storage, then sets up the Organization with a primary Administrator account and document storage to support further setup and Project creation using the eDiscovery application. As part of the provisioning process for a given Organization, an Administrator establishes Users, Groups of Users, and Connectors, which provide access to a number of defined data import and export locations to enable import and export of Organization data..

Note: A System User's permissions are determined by the union of the permissions from the System User's individual role (if applicable) and their role within a System Group, meaning the highest permission between the two sets applies.

Organization User List

The Project Member list includes the following columns:

• Type – Either an Organization User () defined by an Organization Administrator, or a System User () defined by a System Administrator and assigned to one or more Organizations.

• Username The unique name of an item. For many items, the name can have up to 100 characters. Some items, such as a Connector name, can have up to 255 characters. An Excluded Content Block name is limited to 32 characters. (default sort column) – Either the email address assigned to the User for TransPerfect Authentication (TP Auth) or the login account name used to log in under Standard Authentication (Standard Auth). (For more information about authentication mechanisms, see Add or Edit an Organization User.) The username must be unique across the system.

• Role — A role represents a set of permissions to apply actions to objects. If you have the appropriate permissions you can select the default role (determined by the Set as Default option from Role Permissions), another of the predefined roles, or a custom role created for the Organization. By default, the predefined roles have the following permissions:
• Organization Administrator — Always has permissions to manage all Organization Settings and all aspects of Projects within the Organization; cannot be edited or deleted.
• Project Administrator — Has view permissions for all Project Data nodes in the Navigation Tree and add/edit permissions for some of those nodes, such as Tags, Folders, Saved Searches, Workflows, Comparisons, and Synthetic Documents. Also has document-related permissions to add or remove Tags from documents and documents from a Folder, download native document and PDFs, and view document reports, as well as view permissions for some settings and the ability to edit the list of Metadata View Fields.
• Project Member – Has limited permissions to perform general document search and analysis, but not to control any aspects of the Project.
• Claimant — Used in Reef Claims (previously known as Class Action) Projects on a Reef Express system; not intended for use in eDiscovery.

• First Name, Last Name – The User's name.
• Email – The full email address at which the User receives Digital Reef emails . (For TP Auth Users, this is likely to be the same as their login email, but some may use a different address.) All email addresses must be unique across the system.
• Authentication Method — The additional login authentication options configured for the User. The options depend on the system's primary authentication method, and only those are available in the filter drop-down.

• TP Auth Status (TP Auth only) — The authentication status of the user, either Success or Failure (plus All for both). When an Organization User entry has Failure status, you can use the right-click option Retry TP Auth Setup to retry the TP Auth setup process.

• Status (Standard Auth only) — The authentication status of the user, either Unlocked or Locked (plus All for both). Under Standard Auth, an Organization User account becomes locked when the User enters an incorrect password five times in a row, or when an Organization User does the same with an incorrect Email Security Code. (Attempted User access with an invalid IP address does not affect the failed login count.) To unlock an account, you can either use the Unlock option (see below) or change the password of the User.
• Description Provides a helpful description of an item. A description can have up to 255 characters. – An optional description of this User.

Note: You can drag columns to the left or right to reorder them. You can also right-click any column title to reset all filters or choose which columns to display.

Organization User Options

To add a new User, use the New Organization User button. To manage an existing User, right-click the User or click at the far right and select Edit to display a dialog that lets you do the following (if you do not have permission to perform an action it is not available):

• Modify the entry — You can modify the name fields, the email address or the description by entering the new value in the text box.
• Change the role — The drop-down lets you assign a different role to the user, selecting from among those described in the previous section.
• Change the password — Use the Change Password button to reset the User's locally authenticated password, which has several additional effects: If the User's account was locked, it is unlocked.
  • In most cases the User is logged out on all devices.
  • At next login, the User is required to change the password again.
• Add Authentication options — Adds authentication requirements for email confirmation (Standard Auth only) and/or IP authorization, as described in About the eDiscovery Login Process.

Note: Under Standard Authentication, an Organization User or System User must change their password when first logging in after the acount is created, when the current password expires based on the system password policy, and when a System Administrator resets the account password. Any password change is logged as an event in the system Status Log. A password change event identifies both the User who made the change and the User whose password was changed.

Other options available (with the needed permissions) from the or right-clickmenu include:

• Retry TP Auth Setup (TP Auth only) — For an Organization User entry with a status of Failure, retries the TP Auth setup process either by launching the New User dialog to add a new User with the appropriate credentials, or retrying authentication for an Organization User who has valid TP Auth credentials after the user is given permission to access the application.
• Unlock (Standard Auth only) — If the User's account is locked (due to five straight incorrect passwords or email codes), unlock it.
• Log out on All Devices — Logs the User out on all logged in devices.
• Delete — Deletes the selected User account from the Organization.

Note: While deletion of an Organization User account on a TP Auth system prevents the User from accessing Digital Reef, the TP Auth credentials continue to provide access at the corporate level.