Kentico CMS 6.0 Developer's Guide

User management

User management

Previous topic Next topic Mail us feedback on this topic!  

User management

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  

A user can be a member of any number of roles and can be assigned to any number of websites.

 

There are two important attributes of the user account:

 

Is editor - the user can access the CMS Desk interface. This attribute doesn’t grant any particular permissions — it only differentiates between site editors and “registered users” who can only access the live website and its secured areas and thus provides an extra security layer. The user can access CMS Desk for all sites to which they are assigned on the Sites tab

 

Is global administrator - the user is authorized to perform all operations and their access cannot be denied by permissions or otherwise limited. Global administrators are the only users who can use the Site Manager interface

 

 

 

Global administrators

 

Global administrators are the only users who can manage site settings and all development tools. Their permissions cannot be denied or limited – they have access to all features and data.

 

Local administrators cannot modify global administrator accounts.

 

Default user accounts

 

The following default user accounts are available:

 

Administrator – user with full permissions.

Public – user that represents an anonymous visitor of the site.

 

Creating a new user

 

New user accounts are typically created when a user goes through registration on the live site. However, you can also create accounts manually in Site manager -> Administration -> Users or CMS Desk -> Administration -> Users. Click the AddUser New user link and enter the following properties into the displayed form:

 

User name - the user's user name (login). By default, it must be unique across all websites in the system.

Full name - user's full name (first name, middle name and last name).

E-mail - user's e-mail address.

Enabled - indicates if the user account is enabled and the user can sign in.

Is editor - indicates if the user is authorized to sign in to CMS Desk. It's used to differentiate users who are only allowed to visit member areas of the website from content editors who can use the CMS Desk user interface. This provides an extra security layer.

Password - user's password.

Confirm password - user's password again for confirmation.

 

 

 

User passwords

 

It is highly recommended to set a safe password for every user account to ensure the security of your website. Global administrators can monitor the list of users for accounts that have empty passwords, which will be marked with a warning icon (Warning).

 

You can add a password manually by editing the given users, specifically on the Password tab.

 

The system can be configured to require users to enter passwords matching specific strength requirements. For more information, please see the Authentication -> Password settings topic.

 

Editing user properties

 

You can edit user properties in Site manager -> Administration -> Users -> click the Edit (Edit) icon of the chosen the user.

 

General properties

 

The following properties can be set on the General tab:

 

User name - the user's user name (login). By default, it must be unique across all websites in the system.

Full name - user's full name (first name, middle name and last name).

First name - user's first name.

Middle name - user's middle name.

Last name - user's last name.

E-mail - user's e-mail address.

 

Enabled - indicates if the user account is enabled and the user can sign in.

Is editor - indicates if the user is authorized to sign in to CMS Desk. It is used to differentiate users who are only allowed to visit member areas of the website from content editors who can use the CMS Desk user interface. This provides an extra security layer.

Is global administrator - indicates if the user is a global administrator. Global administrators have full permissions for all features and data across the system and are not affected by permission settings for particular modules.

Is external user - this attribute is used when you are using an integration with an external user database.

Is domain user - indicates if the user was imported from Active Directory.

Is hidden - if true, the user is not visible on the site (e.g. on-line user monitoring, repeaters displaying users, etc.).

Disable site manager - this option is available only when editing a global administrator, but not when a global administrator is editing their own account. If enabled, the user will still be designated as a global administrator, but will not be able to access the Site Manager interface, i.e. will  only be allowed to perform actions in CMS Desk.

 

Preferred content culture - preferred culture in which the content is displayed to the user.

Preferred user interface culture - preferred culture in which the users wants to see the user interface (CMS Desk and Site Manager).

 

Created - date and time when the user account was created.

Last logon - date and time when the user last logged in.

Last logon information - information about the IP address and browser agent of the user's last logon.

 

Starting alias path - the starting alias path of the content tree in CMS Desk -> Content; if you specify this value, the user is not allowed to browse other sections of the website in the content tree; please note that this feature is only intended for better usability and it doesn't ensure security control - if you need to establish access rights for a given user, grant appropriate document permissions (Properties -> Security) to them

 

Impersonation

 

Global administrators can also see the Impersonate Log in as this user link at the top of this tab. By clicking this link, the administrator gets logged in as the currently edited user and gets redirected depending on the type of user:

 

Global administrator - if you log in as some other global administrator, you will stay on the General tab

Editor - if you log in as some editor (a user with the Is editor option enabled), you will be redirected to CMS Desk

Standard user - if you log in as a standard user, you will be redirected to the title page of the live site

 

User impersonation may also be performed by global administrators from anywhere in the administration interface by opening the context menu located on the main header of CMS Desk or Site Manager and selecting HeaderImpersonate Impersonate.

 

devguide_clip1492

 

When clicked, a dialog is displayed where the specific user to be impersonated can be selected from a list of all users in the system.

 

In Site Manager -> Administration -> Event log, any actions carried out while impersonating a user will be logged under the user name in format <user name> (<original user name>) where the original user is the administrator using the impersonate function.

 

Password

 

Here you can change the user's password:

 

Password - user's password.

Confirm password - user's password again for confirmation.

 

You can either enter a new password directly, or have the system generate a new one. The tab also provides the option to send an automatic notification e‑mail to the given user containing the new password.

 

This tab is hidden if the edited user is authenticated using either an external user database or Active Directory, i.e., if the user has the Is external user property enabled on the General tab of the user editing interface or if Is domain user is enabled and the application is configured to use Windows authentication.

 

Settings

 

On the Settings tab, you can edit the following properties of the user:

 

User nick name - nick name of the user used in website forums, on the user's profile, etc.

User picture - user's avatar image; this image will be used in forums and on user's profile; you can either upload an image or select a pre-defined avatar

User signature - user's signature that will be used below the user's forum posts

Description - optional text describing the user

URL referrer - URL from that the user came to the site when they performed registration

Campaign - if the given user arrived on the website through a campaign before registering, this field will store the name of that campaign. Please see the Modules -> Web analytics -> Campaigns chapter for details.

Messaging notification e-mail - notifications about new messages received in the messaging module will be sent to this e-mail address

 

Time zone - user's time zone; if set, this time zone will be used where applicable instead of the site time zone

Badge - user's badge; depends on the number of gained activity points

 

User activity points - number of user's activity points; these points are gained for forum posts, message board posts, blog posts and blog post comments

Live ID - user's Live ID token; this is a hexadecimal number that the user is identified by when logging-in via Windows Live ID

Facebook user ID - user's Facebook user ID; it is used when the user is logging in via Facebook Connect

OpenID - user's OpenID; it is used when the user is logging in via OpenID

LinkedIn ID - user's LinkedIn ID; it is used when the user is logging in via LinkedIn authentication

 

Activation date - date of the user's account activation

Activated by user - user who activated this user's account

Registration info - user's IP and browser agent detected on registration

 

Gender - user's gender

Date of birth - user's date of birth

 

Skype account - user's Skype account

Instant messenger - user's instant messenger; format of values of the field is not strictly required, you may use any string of characters according to your specific needs (e.g. ICQ: 123456789)

Phone number - user's phone number; the number may be entered in any format, no validation is applied

 

Waiting for approval - if checked, the user is waiting for an administrator's approval

Show splash screen - determines if splash screen should be displayed to the user when accessing Kentico CMS administration interface

 

Forum posts - number of user's forum posts

Forum comments - number of user's forum comments

Blog comments - number of user's blog comments

Message board posts - number of user's message board posts

 

Custom Fields

 

Here you can edit the custom fields added to the user profile. The custom fields can be defined in Site Manager -> Development -> System tables -> User.

 

Sites

 

Here you can specify the sites into which the user can sign in using their user name and password credentials. To assign the user to a site, simply click the Add sites button, check the appropriate boxes in the displayed dialog and click OK to save the changes.

 

 

 

Please note

 

The sites assigned here only limit access to the CMS Desk interface. Logging in on the live site is possible even for users who are not assigned to the given site.

 

This is intended to allow the separation of access privileges for content editors responsible for different websites.

 

Roles

 

Here you can manage the roles to which the edited user is assigned. Depending on the permissions available for individual roles, the user will be authorized to perform various actions on the website or in the administration interface. Please refer to the Role management topic for further information about roles.

 

Departments

 

Here you can specify the E-commerce module departments in which the user is authorized to manage products.

 

Notifications

 

On this tab, you can see a list of all notification subscriptions of the currently edited user. You can Delete (Delete) subscriptions in the list, which unsubscribes the user from receiving notifications.

 

Categories

 

This tab displays a list of the user's custom categories. Each of the categories can be edited (Edit) or deleted (Delete).

 

By clicking the New category link, you can create a new category that will behave the same way as if it was created by the user in CMS Desk -> Edit -> Properties -> Categories.

 

The following details will be required when creating a new category:

 

Display name - name of the category displayed in the user interface

Code name - name of the category used in website code

 

Friends

 

On this page, you can manage the currently edited user's friends.

 

Subscriptions

 

On this tab, you can manage the user's subscriptions to newsletters and notifications about new blog posts and message board messages.

 

Languages

 

On this tab, you can specify which cultural versions of documents can be edited by the user. You have the following options:

 

User can edit all languages - if selected, the currently edited user can edit documents in all language versions of all sites in the system

User can edit following languages - if selected, you can specify which language versions can be edited by the user by checking the check-boxes in the list of language versions; this can be set separately for each site in the system using the Select site drop-down list

 

Memberships

 

Here you can manage special types of website membership assigned to the edited user. Each membership represents a collection of roles. When a membership is assigned to a user, it automatically authorizes that user to perform any actions allowed for all contained roles. Please refer to Memberships to learn more.