Hitachi

JP1 Version 12 JP1/Data Highway - Server Administrator Guide

3.4.2 Users & Groups

This subsection describes how to manage users and groups.

In JP1/DH - Server, different users appear in different colors. The following table describes the relationship between colors and user types.

Table 3‒6: Relationship between colors and user types

Color

User type

Red (in bold)

Representative user

Blue

Group manager

Black

General user or guest user

Light blue

Read-only group manager

Gray

Read-only general user

The figures below illustrate the Users & Groups windows for representative users and group managers.

You can use the display style drop-down list box to display users and groups in tree or list view. In addition, you can sort the groups displayed in the window by using the Display order for groups drop-down list box. By default, groups are sorted alphabetically by their English names. If English is selected as the language, the only option displayed under Display order for groups is English names.

Organization of this subsection

(1) Searching for a user and group

To search for a user or group in the Users & Groups window:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the group selection drop-down list box to see groups filtered by your authority in the list box. Select a group to display the corresponding group in the window.

    [Figure]

  3. If you want to search for users matching a specific state (activated or inactivated), click the drop-down list box to the right of the text box, and then select one of the following options:

    • Activated user accounts: Displays users with activated accounts in search results.

    • Inactivated user accounts: Displays users with inactivated accounts in search results.

    If you click the Search button, users in the selected state are displayed in search results.

    [Figure]

    -- All users -- is selected by default. If you click -- All users --, the search results are cleared.

  4. To search for a user or group by entering a user name or group name, type your keyword in the text box.

    If you specify multiple keywords separated by a space, the search is executed with an AND condition.

    The following items are to be searched:

    User ID, Name, Email, Group Name (Japanese/Chinese), Group Name (English)

    The search criteria are case-insensitive. Wild cards (for example, * and ?) are not available. Any wild card symbol is interpreted as just a character.

  5. Click the Search button.

    Search results are displayed in current display style.

    If the display style is the list view and your search produces 25 or more results, the results are displayed in multiple pages. If the display style is the tree view and your search produces 100 or more results, an error message appears.

    If your search results contain a user belonging to multiple groups, multiple records are displayed based on the number of groups the user belongs to.

    [Figure]

    The following table lists and describes the items displayed in the search results window. If the display style is the tree view, only the Name (Email) and Groups belongs to are displayed.

    Table 3‒7: Items displayed in the search results window

    Item

    Description

    Name (Email)

    The name of the searched user or group, and email address are displayed.

    Groups belongs to

    The groups to which the searched user or group belongs are displayed.

    Created Time

    The creation date and time of the searched user or group is displayed.

    Updated Time

    The update date and time of the searched user or group is displayed.

    Count

    The number of search results. If your search results contain a user belonging to multiple groups, the count is based on the number of groups the user belongs to.

    << First

    This is visible if you are on the third page or later in the search results window.

    Clicking this will bring you to the first page.

    < Previous

    This is visible if you are on the second page or later in the search results window.

    Clicking this will bring you to the previous page.

    Next >

    This is visible if your search results have two or more pages.

    This is not visible on the last page.

    Last >>

    This is visible if your search results have three or more pages.

    This is not visible on the last page.

  6. View or edit the user or group in the search results, if necessary.

    For details about how to edit the user or group, see 3.4.2 (3) Editing a user or 3.4.2 (9) Editing a group.

  7. In the sidebar area, click Users & Groups to reset your search.

To Page Top

(2) Creating a user

To create a user:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the group to which the new user will belong, and then select New User.

    The New User window appears.

    [Figure]

  3. Configure the settings in the Basic tab.

    [Figure]

    The following table describes the items you specify.

    Table 3‒8: Setting items in the Basic tab

    Item

    Description

    User ID text box

    Enter the user ID.

    The user ID entered in this text box is postfixed with an ID assigned to the domain. The ID assigned to the domain starting with an at mark (@) is shown on the right of the text box.

    The user ID must be unique within a domain.

    • You can enter no more than 100 (for Windows) or 256 (for Linux) alphanumeric characters and symbols, including the ID assigned to the domain.

    • Some symbols (/\?*:|"<>#@^[]$) and space characters are not available.

    • A user ID consisting of only a period or periods (.) is not available.

    • Reserved words in Windows# are not available.

    Name text box

    Enter the name of the user in English.

    The name you enter here is displayed in the Common Name text box in the User Certificate tab.

    • You can enter no more than 100 (for Windows) or 256 (for Linux) alphanumeric characters and symbols.

    • Some symbols (/\?*:|"<>@^) are not available.

    • A name consisting of only spaces or periods (.) is not available.

    Email text box

    Enter the email address of the user.

    Notification emails for delivery and approval are sent to the specified email address. The email address you enter here is displayed in the Email Address text box in the User Certificate tab.

    • You can enter no more than 256 alphanumeric characters and symbols.

    • Some symbols (/\?*:|"<>^) and space characters are not available.

    Password text box

    Enter a password.

    A representative user can specify any password that does not follow the authentication rule.

    • You can use alphanumeric characters and symbols in a given length and type as defined by authentication rules.

    • The symbols of !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ are available.

    JP1/DH - Server manages the password specified here. If a directory server is used to authenticate users, specify the JP1/DH - Server password, instead of using the password managed by the directory server. You cannot change the password managed by the directory server here.

    Re-enter text box

    User Language drop-down list box

    Select the language that the user uses.

    You can choose one of the following: Japanese, English, or Chinese.

    Memo text area

    Enter a note on this user.

    You can enter no more than 4,096 characters.

    NameID(SAML)

    Available when SSO authentication is set up for the domain.

    Enter the ldp user ID with which the user is associated when SSO authentication is performed.

    #: The following words are reserved in Windows:

    • A word beginning with a space or period

    • A word ending with a space or period

    • Characters in the range from 0x00 to 0x31

    • The following words and those with an extension:

      CON, PRN, AUX, CLOCK$, NUL, COM0, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT0, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, LPT9

    • The following file and directory names cannot be used for the root directory name (immediately below the drive name):

      $AttrDef, $BadClus, $Bitmap, $Boot, $LogFile, $MFT, $MFTMirr, pagefile.sys, $Secure, $UpCase, $Volume, $Extend, $Extend\$ObjId, $Extend\$Quota, $Extend\$Reparse ($Extend is a directory)

  4. Configure the settings in the Groups belongs to tab.

    [Figure]

    The following table describes the items you specify.

    Table 3‒9: Setting items in the Groups belongs to tab

    Item

    Description

    Group selection drop-down list box

    You can use it to add the user to a group. Click the Add button to add the group in the list.

    A user can be a member of a maximum of 10 groups.

    Groups belongs to

    Selecting a group icon shows the following shortcut menu items:

    • Up: Moves the selected group up one place in the list.

    • Down: Moves the selected group down one place in the list.

    • Delete: Deletes the selected group from the list.

    The group at the top of the list is called the primary group.

    Managers of the primary group, or of parent groups of the primary group, can manage this user.

    A guest user can belong to only one group.

    override below properties derived from the top user's group. check box#1

    Selecting this check box can change the settings below from those of the user's group. If not selected, the setting of the primary group is used.

    • Expire Date

    • Quota

    • Inputing Address#2

    • Using User Options

    • Using Guest Users

    • Limit Number of Uses

    --

    Expire Date check box#2

    If selected, the account is no longer expired, or the expiration date can be specified in month, day, and year format. If not selected, it inherits the property value from the primary group.

    If the Indefinite check box is selected, the account never expires.

    The expiration date of a guest group cannot be changed.

    Quota check box

    Selecting this check box sets the storage quota to the value specified in the text box. If not selected, the setting of the primary group is used.

    Initial Display of the address Book check box

    If you select this check box, you can set the default view of the address book to either All or Group only.

    Inputing Address check box#3

    This setting specifies whether a sender can enter any recipient address before sending a file.

    Using User Options check box

    If selected, the Options (changing the password and language) function becomes available. Clearing the check box disables the function.

    If the user is not allowed to use the function, the Options menu item does not appear in the sidebar area.

    Using Guest Users check box

    If selected, the Guest Users function becomes available. Clearing the check box disables the function.

    If the user is not allowed to use the function, the Guest Users menu item does not appear in the sidebar area.

    Limit Number of Uses check box

    If selected, you can specify how many times a guest user can use JP1/DH - Server.

    This setting is only visible for guest groups.
    #1

    If a user is created as a member of the guest group, this check box appears dimmed. However, you can change the settings in the Expire Date, Quota, Inputing Address, Limit Number of Uses, and Using User Options fields.

    #2

    If an electronic certificate is used, it will expire on December 31, 2037. When an account created in this window expires before that date, the user with that account will no longer be able to log in to JP1/DH - Server.

    #3

    This check box might not appear depending on the setting.

  5. Configure the settings in the User Certificate tab.

    If JP1/DH - Server uses electronic certificates to authenticate users, the Use Certification check box must be selected in this tab. The check box is not selected by default.

    If the user is created as a member of the guest group, this tab appears dimmed.

    The Common Name and Email Address text boxes show the values specified in the Name and Email text boxes of the Basic tab, respectively.

    Important

    If the created user uses an electronic certificate, you must issue it after creating the user. For details, see 3.4.2 (5) Issuing an electronic certificate. Also, an authentication policy that authenticates users with an electronic certificate must be specified as the user's authentication rule. For details, see 3.5.5 Authentication Rules.

  6. Click the Create button.

    The user is now created.

    You need to notify the user of the user ID and password and ask the user to change the password.

    [Figure]

To Page Top

(3) Editing a user

To edit a user:

Important

  • If a user ID is changed (including any case change), the user's electronic certificate is automatically invalidated.

  • If the type of a user's group is changed to the guest group, the user's electronic certificate remains valid. However, the user will no longer be able to log in to JP1/DH - Server by using the electronic certificate.

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the user you want to edit, and then select Edit.

    The Edit User window appears.

  3. Change the settings.

    For details about each item on each tab, see 3.4.2 (2) Creating a user.

    If the password is not entered, it is not changed.

  4. Click the Update button.

    A dialog box appears indicating the information is updated.

  5. Click the OK button.

To Page Top

(4) Activating, inactivating, or deleting a user

To activate, inactivate, or delete a user:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the target user of your action, and then select the menu item for it.

    [Figure]

    Table 3‒10: Activating, inactivating, or deleting a user

    Item

    Description

    Activate

    Activates a user.

    For the user whose account is locked, the account is unlocked. You cannot activate a user if all groups to which the user belongs are inactivated.

    Inactivate#

    Inactivates a user.

    The inactivated user is no longer able to use JP1/DH - Server. To allow the user to use the system again, activate the user.

    Delete#

    Deletes a user. The deleted user cannot be restored.

    #

    • Before you inactivate or delete a user, make sure that the user does not have data currently in delivery.

    • Inactivating or deleting an approver user assigned to an approval route might cause the approval route to have no approver. No approval is required if a file is delivered by using a delivery rule that has the approval route with no approver.

  3. A confirmation dialog box appears depending on your choice. Click the OK button to perform the action.

    Important

    If the user you inactivate is assigned to an approver for an approval route and the user is the only approver for the approval route, the approval route might not work depending on the settings of the delivery rule. For details about the settings of delivery rules, see 3.5.4 (1) Creating a delivery rule.

To Page Top

(5) Issuing an electronic certificate

You can issue an electronic certificate for a user if the Use Certification check box is selected when the user is created or updated.

Important

The issued electronic certificate expires on December 31, 2037. However, when an account expires before this date, the user with this account is no longer able to log in to JP1/DH - Server.

To issue an electronic certificate:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the user you want to issue an electronic certificate for, and then select Edit.

    The Edit User window appears.

  3. Click the User Certificate tab.

    The Configuration CSR window appears.

  4. Click the To Issuing Screen button.

    The Issue Certificate window appears.

    [Figure]

    Note

    If the Use Certification check box is not selected in the User Certificate tab during user creation, the To Issuing Screen button does not appear. In this case, you need to select the Use Certification check box, click the Update button, and then edit the user again.

  5. In the Password and Re-enter text areas, enter the password for protecting the electronic certificate.

    The password must contain two or more different types of characters and consist of a string from 6 to 32 characters.

  6. Click the Issue button. A message is then displayed, asking you to check if the destination to save the certificate is correct.

    [Figure]

  7. Save the certificate and then click the Confirm button.

    [Figure]

  8. The Certificate window appears. When you click the Update button, a dialog box appears indicating the information is updated.

    [Figure]

  9. Click the OK button.

    The Users & Groups window appears.

    Important

    An authentication rule for a user must use the authentication policy that authenticates the user with the electronic certificate, so that the user can use the issued electronic certificate. For details, see 3.5.5 Authentication Rules.

To Page Top

(6) Invalidating an electronic certificate

To invalidate an issued electronic certificate:

Important

Invalidating an electronic certificate disables the use of it for login.

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the user you want to update or invalidate the electronic certificate for, and then select Edit.

    The Edit User window appears.

  3. Click the User Certificate tab.

    The Certificate window appears.

  4. Click the To Invalidation Screen button.

    The Certificate Invalidation window appears.

    [Figure]

  5. Click the Invalidate button.

    The Certificate (Unavailable Now) window appears, indicating the certificate is invalidated.

    [Figure]

To Page Top

(7) Re-issuing an electronic certificate

To re-issue an electronic certificate:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the user you want to re-issue the electronic certificate for, and then select Edit.

    The Edit User window appears.

  3. Click the User Certificate tab.

    The Certificate (Unavailable Now) window appears.

  4. Click the To Reissuing Screen button.

    The Reissue Certificate window appears.

    [Figure]

  5. Enter the password and click the Issue button to display the message, asking you to check if the destination to save the certificate is correct.

    Click the Save button.

  6. Click the Confirm button.

    The Certificate window appears.

  7. Click the Update button to complete re-issuing the certificate.

To Page Top

(8) Creating a group

To create a group:

Note

If you want to create a new group whose settings are identical to those of an existing one, click the menu icon ([Figure]) beside the group you want to edit, and then select Copy Group. The New Group window appears, in which the original group settings are specified as the default settings for the new group. This group copy function allows you to easily create a group, especially when you want to create a new group with a unique name but with settings that are identical to those of an existing one.

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the group to which the new group will belong, and then select New Group.

    The New Group window appears.

  3. Configure the settings in the Basic tab.

    [Figure]

    The following table describes the items you specify.

    Table 3‒11: Setting items in the Basic tab

    Item

    Description

    Group Name: (Japanese/Chinese) text box

    Enter the name of the group.

    The value you enter here is displayed in windows that use Japanese and Chinese.

    • You can enter no more than 200 characters.

    • Some symbols (/\?*:|"<>@^) are not available.

    • A name consisting of only spaces or periods (.) is not available.

    Group Name: (English) text box

    Enter the name of the group.

    The value you enter here is displayed in windows that use English.

    • You can enter no more than 200 alphanumeric characters and symbols.

    • Some symbols (/\?*:|"<>@^) are not available.

    • A name consisting of only spaces or periods (.) is not available.

    Parent Group drop-down list box

    Select a parent group of the group you create.

    Groups can be nested to a maximum of 10 levels, and the top-level group in the hierarchy is the first level. They cannot be nested to 11 levels or more.

    You need to select a parent group at the 9th level or less.

    Type of Group drop-down list box#

    Select either type of the groups below. The type of the group cannot be changed after it is created.

    • Group for Users: Non-guest users and groups can be members of this type of group.

    • Group for Guest Users: Guest users can be members of this type of group.

    Create Guests check box

    If selected, a user in this group can create a guest user. If the Type of Group drop-down list box is set to Group for Guest Users, this check box is disabled.

    #

    If you display the New Group window from the Copy Group menu item, you cannot change the group type.

  4. Configure the settings in the Properties tab.

    [Figure]

    The following table describes the items you specify.

    Table 3‒12: Setting items in the Properties tab

    Item

    Description

    Expire Date check box#1

    If selected, the group account is no longer expired, or the expiration date can be specified in month, day, and year format. If not selected, it inherits the property value from the primary group.

    This item is not visible for guest groups.

    Quota check box

    If you select the check box, you can specify the storage space amount for users in this group. The possible amount is defined by the system administrator.

    Clearing the check box sets the value to 1 GB.

    Initial Display of the address Book check box

    If you select this check box, you can set the default view of the address book to either All or Group only.

    Inputing Address check box#2

    Specifies whether a sender can enter an unregistered recipient address before sending a file. The check box is not selected by default.

    If you select the Inputing Address check box, you can choose either of the following:

    • accept: A user is allowed to enter an unregistered recipient address. The user can enter the email address in the email address field and send an email message to the unregistered user.

    • deny: A user is not allowed to enter an unregistered recipient address in the email address field. However, the user can choose the recipient address from the user's address book and send an email message.

    Using User Options check box

    Specifies whether users are allowed to use the Options function.

    If they are not, the Options menu item does not appear in the sidebar area.

    #1

    If an electronic certificate is used, it will expire on December 31, 2037. When an account created in this window expires before that date, the user with that account will no longer be able to log in to JP1/DH - Server.

    #2

    The check box might not appear depending on the setting.

  5. Configure the settings in the Address Book Manager tab.

    [Figure]

    The following table describes the items in this tab.

    Table 3‒13: Setting items in the Address Book Manager tab

    Item

    Description

    Shown groups list box

    Specifies groups that are listed in the address book.

    You can select a group in the group selection drop-down list box and then click the add button. The drop-down list box lists all groups in the domain.

    The groups you specify here, together with all users in those groups, are listed in the address book.

  6. Click the Create button.

    The group is now created.

To Page Top

(9) Editing a group

To edit a group:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the group you want to edit, and then select Edit.

    The Edit Group window appears.

  3. Change the settings.

    For details about items in the Basic, Properties, and Address Book Manager tabs, see 3.4.2 (8) Creating a group.

  4. Edit the Group Administration tab.

    In the Group Administration tab, you can add or delete group managers. The Group Administration tab is not visible for the top-level group.

    [Figure]

    Table 3‒14: Items in the Group Administration tab

    Item

    Description

    Users list box

    Lists all users in the group you are currently editing.

    Clicking the v button adds the selected user to the group manager list.

    Group managers list box

    Lists all group managers.

    To delete a group manager in the list, click the [Figure] icon to the left of the group manager you want to delete.

  5. Click the update button.

    The group settings are updated.

To Page Top

(10) Activating, inactivating, or deleting a group

To activate, inactivate, or delete a group:

  1. In the sidebar area, click Users & Groups.

    The Users & Groups window appears in the content area.

  2. Click the target group of your action, and then select the menu item for it.

    Table 3‒15: Activating, inactivating, or deleting a group

    Item

    Description

    Activate

    Activates a group.

    This action does not change the state of users in the group.

    Inactivate#

    Inactivates a group.

    Users in the inactivated group are no longer able to use JP1/DH - Server.

    If an inactivated group is activated, it becomes available again, but the users in that group remain inactivated. You need to activate the users separately.

    Delete#

    Deletes a group.

    This action also deletes users in the group and related delivery rules and authentication rules. The deleted group cannot be restored.

    #

    A user who belongs to multiple groups is not inactivated or deleted.

  3. A confirmation dialog box appears depending on your choice. Click the OK button to perform the action.

To Page Top

All Rights Reserved. Copyright (C) 2019, Hitachi, Ltd.

All Rights Reserved. Copyright (C) 2019, Hitachi Solutions, Ltd.