copyright © 2006, infinite campus, inc. all rights reserved. user security administration
TRANSCRIPT
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Security Administration
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Agenda & Objectives
Setting up User Groups Setting up Individual User Rights Creating Student Portal Logins Creating Parent Portal Logins Best Practices
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Campus Security Overview Design intent: Balance security and usability. Secure Socket Layer (SSL) encryption of all data
transferred between the application server and the browser.
Every login attempt is logged (much accessible via AdHoc)
Data captured includes Source IP address User name and password used Success or fail of the login attempt Operating system and browser.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Campus Security Options
Strong passwordsCampus can force strong passwords
Force Password Reset Account Expiration Disable Account
Automatically after five failed login attempts Session Timeouts
Default setting 60 minutes
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Application Level Security
Granular control over the functional options available.
Forced security checks every time a user requests a new page.Every request passes the security control
object to verify the user is authorized to access that function.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Two main functional area
Tool Rights Calendar Rights
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Tool Rights: Definition
View, store or edit district information in Campus.
An object that has security rights associated with it.
An object in Campus that allows a user to perform a task.
Examples Walk-in-Scheduler [task] Telephone number [information].
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Assigning Tool Rights
Groups based on function or roleThis is Best Practice!
Easier to document Easier to troubleshoot Easier to make changes May cross building boundaries
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Security: User Groups
User Groups are built to give work groups a basic set of tool rights. Users may belong to more then one user group. A secretary may be part of the clerical user group for enrollments but also needs to be part of the attendance user group.
User groups can be set up for Calendars and Tool rights.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Setting up a User Group
Path: Index > System Admin > User security > User groups.
Click on the link, Create a new User Group Enter the group name and save. You can now
build the tool rights for this group.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Group: Tool rights Tool rights are divided into 4 levels.
Each level includes the level above. Read – user can only read data Write – user can edit the data Add – user can add new data Delete – user can delete data
The list is separated into Index categories. If a check is placed into a box by the category it will place a related check on every item in that category. To modify category check marks, expand the area and uncheck the boxes.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Group: Tool rights
The Membership Summary page will list the individuals who have been assigned to this user group. Clicking on a user name will take you to individual user rights for selected user.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Group: Calendar Rights Individuals need to have rights to access specific calendars. This
can be done within a group or by setting up separate groups for Calendars.
Open the Calendar Rights tab for a Group. Clicking NEW, will open the editor box where a School, Year, and
Calendar can be selected. If you want this Calendar to be READ ONLY, uncheck the modify
rights box. This will allow a staff member to look at data in a previous year but not have rights to change it.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Creating a New User
Every person who is entered into Campus will appear in the User Search list
From the Quick Search, select User and enter a name.
Click on the user’s Name to bring up the Create New User Screen.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Assigning New User to Groups A User Name and Password can be auto generated or manually
entered. User Groups can be assigned by checking the appropriate
groups. A user may be assigned to more than one group. Once the user has been created and saved they will have an
individual page.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
User Security: Individual Rights Individuals may have more then one login. For example,
a person may have an admin account with all rights and a separate account with restricted rights.
Users may also be given additional rights outside of a User Group. For example a teacher is a member of the Teacher Group but needs to search for all students because they are also an activity advisor, so may be given Unfiltered Search.
An Access log which shows when this user was logged in and from where is also available.
It is from the User Account tab that the Banner can be hidden, the Disabled box can be unchecked, and the Force password change can be set.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Best Practices
It is recommended that 2 types of User Groups are created
Work related Groups across all schools.
Calendar Groups - School and year (FHS 05-06).
Having Calendar Groups will aide the system administrator in managing calendar rights.
Calendars groups can be for the current year only, for archived calendars or any combination in-between.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Best Practices
Placing all users into groups, even if it is a group of one is recommended. Groups make managing tool rights easier when users change.
Portal Access – accessing the link for the Portal off the District Web Site will greatly reduce the number of issues reaching the correct URL.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Portal logins: Student
Student Accounts are created in User Security. This tool will auto-generate student accounts for portal access and online registration. It creates user accounts with the student number as the username, and the birth date MMDDYY as the password for students that don't already have an account.
Students will only see their information in the Portal and, when permitted, enter course requests for the upcoming school year.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Portal Logins: Parents Using the GUID All people in Census are given a GUID number (Global
Unique Identifier). The GUID is a 32 digit activation key that parents use to create their own user name and password. The district will guide parents to the portal URL where they can enter their login. The login they create may be visible in User Security
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
Portal Logins
Parent Accounts Manual Entry In Users, a parent
account can be manually set by creating a user name and password and selecting Campus Portal from the Homepage drop list.
Copyright © 2006, Infinite Campus, Inc. All rights reserved.
System Admin: Related Areas System Admin>System Preferences Settings related to passwords
Hide Passwords – in the user account the password is not visible.
Allow password reminders – On the login screen for the parent portal is the link “Problems logging in”. If the user has an e-mail address in Census, a message with the users login information will be sent to the e-mail address.