Managing Operators

In ActivID CMS, an operator is a trusted individual who has administrative rights to perform specific operations. Each operator has a role that defines what functions s/he is allowed to perform.

For security reasons, a given operator can access only the ActivID CMS functions that are authorized by the role. Only an operator with an Active status can access the ActivID CMS Operator Portal.

To securely connect to ActivID CMS, operators use their device to establish an SSL connection with mutual authentication to the ActivID CMS Operator Portal. Managing operators involves controlling all aspects of what an operator can access and do.

From the Operators page, you can:

  • Enroll an operator,

  • Update an operator,

  • View information about an operator,

  • Delete an operator, and

  • Log off an operator.

Important: During the setup phase, ActivID CMS is configured so that it can be accessed with a soft certificate.
However, it is recommended that you configure ActivID CMS to prevent the use of the soft certificate as soon as possible.
To do this, create one or more operators with devices and disable the initial operator ID.

  1. Select the Configuration tab.

  2. Go to the Operators page.

From this page, you can:

  • Search for a user to enroll as an operator using the function Enroll User. In this case, the operator will be one of the existing ActivID CMS users with a valid device.

  • Enroll a new operator using the function Enroll New Operator. In this case, you need to provide the operator’s certificate.

  • Duplicate an existing operator.

  1. Go to the Operators page.

  2. Click Enroll User. The Operator Enrollment - Search User page appears:

  3. In the Search for users drop-down lists, accept the default starting with to search using any one of the listed user identifiers.

    Alternatively, select matching from one or more of the drop-down lists for specific user identifiers, and then enter the attribute(s) in the field(s).

  4. To add a custom field, see Setting Parameters for User Attributes.

  5. Enter an attribute in the field(s) you want to use for your search.

  6. In the From groups sections, select the groups you want to search.

  7. In the Limit number of results to field, enter a number.

    8. Note: To improve performance, set the value between 1 and 10 in the Limit number of results to field.

  8. Click Search.

If a record matches the search criteria, then that user’s information appears in the table at the bottom of the Operator Enrollment - Search User page.

If only one user matches the search criteria, the Operator Portal automatically displays the Operator Enrollment page for this user. To enroll the user as an operator, see Enrolling a New Operator.

You can create a new operator by duplicating an existing operator.

  1. Go to the Operators page.

  2. In the Search for operators: with name drop-down list, select either starting with or matching and then enter an attribute for the search.

  3. In the with role drop-down list, either accept Any (the default) or select the appropriate role.

  4. In the with status drop-down list, either accept Any (the default) or select the appropriate status.

  5. In the Limit number of results to field, enter a number.

  6. Click Search.

    If a record matches the search criteria, then that operator’s information appears in the table at the bottom of the Operator Enrollment page.

  7. In the Operator Name column, locate the operator you want to duplicate.

  8. In the Action column, click Duplicate. The Operator Enrollment page appears.

  9. To enroll the new operator, continue with the next section.

Before you can enroll the operator, the operator must have a device containing a digital certificate for authentication.

  1. Go to the Operators page.

  2. Click Enroll New Operator. The Operator Enrollment page appears:

  3. Upload the Certificate to be used for authenticating to the Operator Portal.

  4. For the Operator Status option, accept the default, Active. Only an operator with an Active status can access the Operator Portal.

  5. From the Administrative Role drop-down list, select the appropriate role. For more information, see Managing Roles.

  6. Click Enroll.

If an operator is logged on to the Operator Portal, it is not possible to update or delete the operator. However, it is possible to force the operator to log out. For more information on how to log out an operator, see Forcing an Operator to Log Off From the Portal.

  1. Go to the Operators page.

  2. Under Existing Operators, in the Operator Name column, locate the operator you want to update.

  3. In the Action column, click Update.

    The Operator Update page appears:

  4. Update the operator’s privileges as needed. You cannot modify the operator’s Authentication Credentials field.

  5. Click Update. ActivID CMS updates the operator’s information, and a confirmation message appears.

  1. Go to the Operators page.

  2. Under Existing Operators, in the Name column, locate the name of the operator you want to view.

  3. In the Action column, click View. The Operator Information page appears:

  4. Click Done after viewing the information.

  1. Go to the Operators page.

  2. Under Existing Operators, in the Name column, locate the operator you want to delete.

  3. In the Action column, click Delete. The Operator Deletion page appears:

  4. Click Delete.

This function closes the session of an operator who is already connected to ActivID CMS.

  1. Search for the operator you want to force to log off.

    If a record matches the search criteria, then that user’s information appears in the table at the bottom of the Operators page.

  2. In the Operator Name column, locate the operator you want to force to log off.

  3. In the Action column, click Log out.

    The Log out link appears only if the operator is logged on. The Operator Logout page appears:

  4. Click Log out. The operator’s session is closed.