Process User Admin

1.6 Process User Admin

This topic provides the systematic instructions to define User Profiles.

On Home screen, type SMDUSRDF in the text box, and click Next.
The User Admin screen is displayed.

Figure 1-3 User Admin

Description of "Figure 1-3 User Admin"

On User Admin screen, click New to enter the details.

For more information on fields, refer to the field description table.

Table 1-4 User Admin - Field Description

Field	Description
User Details	The section displays the following fields.
User Identification	Alphanumeric; 12 Characters; Mandatory Specify a unique identifier for the user.
Name	Alphanumeric; 35 Characters; Mandatory Specify the name of the user.
External Identifier	Alphanumeric; 20 Characters; Optional Specify the External Identifier. External user is an alternative name for user id where two users cannot have same external identifier.
LDAP DN	Alphanumeric; 500 Characters; Optional Specify LDAP DN details that is maintained in SSO screen. The application will verify if only one user ID in Oracle FLEXCUBE Investor Servicing is mapped to the subject (DN) while authentication via SSO. Four SSO types SAML, TOKEN, IDCS_TOKEN and DEFAULT are currently supported in FCIS. Refer to the topic FCIS_Property_File_Creation for setting up FCIS to support SSO.
MFA Applicable	Optional Select if Multi Factor Authorization (MFA) is applicable or not from the drop-down list. The list displays the following values: Yes No
MFA ID	Alphanumeric; 50 Characters; Optional Specify the multi factor authorization ID. If MFA Applicable field is selected as Yes, then MFA ID is mandatory.
Language	Alphanumeric; 3 Characters; Mandatory Specify the preferred language for the user profile. Alternatively, you can also select language from the option list. The list displays all valid language code maintained in the system.
Home Branch	Alphanumeric; 3 Characters; Mandatory Specify the home branch details.
Home Module	Alphanumeric; 30 Characters; Mandatory Specify the default module from which the user profile will operate.
Debug Window Enabled	Optional Check this box to enable debug window.
Show Dashboard	Optional Check this box to show dashboard.
Classification	Optional Select one of the classification options: Staff Auto End Of Day Customer You can classify a user as belonging to one of the following categories: Staff: A user of the system who is an employee of your AMC. You can include any of the functions available in the system in the user profile. Ideally, you should not include functions that are part of End of Cycle or End of Day operations in the profile of a Staff user. Customer: A customer who would want to log into the system from a remote terminal. You can include only those functions through which the customer can inquire into balances and transactions. AEOD: A user at the AMC who is responsible for running the automated End of Day operations. You can include any of the functions available in the system in the user profile. Ideally, you should include only functions that are part of End of Cycle operations in the profile of a AEOD user. You can indicate this through the Classification field in the User Admin screen.
Access To Classified Information	Optional Select if access to classified information is allowed or not from the drop-down list. The list displays the following values: Allowed Disallowed
View PII	Optional Select if Personal Identifiable Information (PII) has to be viewed or not from the drop-down list. The list displays the following values: Yes No View PII field is set to Yes by default. If you select No, then you need to amend user roles with View only Roles to all Personal Identifiable Information related screens. This is usually applicable to a user with only back office role.
Modules	The section displays the following fields.
Investments	Optional Check this box if the user is investment module user.
Corporate	Optional Check this box if the user is corporate module user.
Status Description	The section displays the following fields.
User Status	Optional Check one of the user status by checking the appropriate radio button: Enabled Hold Disabled Locked
Time Level	Numeric; 1 Character; Mandatory Specify the time level.
Status Changed On	Display The system displays the most recent date of status change of user profile.
Last Signed On	Display The system displays the last logged in details.
Invalid Logins	The section displays the following fields.
Cumulative	Display The system displays the number of successive invalid login attempts (in a single session) after which the user ID will be disabled for this profile.
Successive	Display The system displays the number of successive invalid login attempts (spread across different sessions) after which the user ID will be disabled for this profile. After you have entered these basic details, you can specify any of the following information for the user profile, depending upon the necessity. Note: When authentication of credentials is unsuccessful due to an incorrect user ID, then the user ID will not be logged in the audit logs. In case the user ID is correct and the password is wrong, the attempt is logged in the audit log and the successive and cumulative failure count is incremented. When the user ID and password are correct, this is logged into the audit logs.
User Passwords	The section displays the following fields.
Password	Alphanumeric; 32 Characters; Optional Specify the user password to log in. The static data AUTO_GEN_PASS_REQ is provided. The defaulted value Y indicates whether the auto generation of the password is required or not. Note: If the application level parameter which indicates the auto generation of the password is required or not is set to `Y (Yes)`, then this field will be disabled and the system will create a random password in accordance with the parameters maintained at the level of the bank. The new password will be send to the respective user via mail. At the time of setting up the Oracle FLEXCUBE Investor Servicing, the number of repeated successive parameters allowed in a password will be indicated. For instance, if the number of repeated successive parameters allowed in a password has been set as `2`, then the user password can have a character repeating only twice. Suppose, if the number of repeated successive parameters has been specified as `2`, a user password like AAA777 will be invalid. A valid password would be AA77.
Password Changed On	Display The system displays the date when the password was last changed.
Email	Alphanumeric; 50 Characters; Optional Specify the e-mail ID of the user.
Start Date	Date Format; Mandatory Select the start date for the user password from the adjoining calendar.
End Date	Date Format; Optional Select the end date for the user password from the adjoining calendar. Note: The System is also configured to disallow the use of a pre-set number of previous passwords. This pre-set number is assigned at the time of installation, as a system parameter; the number can be subsequently changed if required, by changing this system parameter.
Access Control	Optional Select the access control from the drop-down list. The list displays the following values: UI Gateway Both The system is configured to disallow the use of a pre-set number of previous passwords. This preset number is assigned at the time of installation. As a system parameter; the number can be subsequently changed if required by changing this system parameter.
Amount Limits	The section displays the following fields.
Limit Currency	Alphanumeric; 3 Characters; Mandatory Specify the currency to be mapped for transaction amount and auth amount.
Transaction Amount	Numeric; 18 Characters; Mandatory Specify the maximum amount value that the user can specify while entering a transaction request from an investor.
Auth Amount	Numeric; 18 Characters; Mandatory Specify the maximum amount value of an investor transaction that the user can authorize.
Date Format	Optional Select the date format from the drop-down list. The list displays the following values: M/D/YYYY M/D/YY MM/DD/YY MM/DD/YYYY YY/MM/DD YYYY-MM-DD DD-MMM-YY DD-MMM-YYYY DD/MM/YYYY DD-MM-YYYY
Auto Auth	Optional Select auto authorization status from the drop-down list. The list displays the following values: Yes No
Amount Format	Optional Select the amount format from the drop-down list. The list displays the following values: Dot Comma Comma Dot Comma
Number Format	Optional Select one of the number format options to be used: XXX,XXX,XXX,XXX XX,XX,XX,XX,XXX

Restrictive Passwords
This topic provides the systematic instructions to maintain a list of passwords that the user must not use.
Module Button
This topic provides the systematic instructions to restrict the user to operate only from certain modules.
Roles Button
This topic provides the systematic instructions to define a role to the user profile.
Functions Button
This topic provides the systematic instructions to give access to functions for the user profiles.
Branches Button
This topic provides the systematic instructions to define the branches to operate.
Disallowed Functions Button
This topic provides the systematic instructions to define a list of functions that the user is not allowed to operate.
Dashboard Mapping Button
This topic provides the systematic instructions to map the dashboards.
Other Attributes for User Profile
This topic explains the other attributes for a User Profile.
Static Tables
This topic provides the systematic instructions to allow the various operations at record level for the role profile.
Contracts and Online Transaction Processing
This topic provides information on Contracts and Online Transaction Processing.
Reports
This topic provides information on Reports generation.

Parent topic: Ensure Security for Fund Manager