Manage Admin User Accounts
CreatingThe Manage Admin User Accounts feature provides the tools necessary to create, modify, and managingdisable administrator accountsprofiles inwithin OPSCOMthe system. Its primary purpose is essentialto forgrant grantingsecure systembackend access to staff, definingdefine their specific responsibilities through assigned roles, and maintaining secure andmaintain accurate userhistorical records.records of administrative actions. This article guidesis OPSCOMintended for OPS-COM administrators throughresponsible for managing system security and personnel access.
Setup and Configuration
This feature requires high-level administrative access to properly configure and manage other user accounts.
Admin Side: Administrators must have the processappropriate ofsystem creatingrole permissions enabled to access the admin management tools. Multi-factor Authentication (MFA) is strictly required for all administrative accounts to ensure system security.
Using this Feature
Administrators can use the following instructions to create new admin accounts, editingedit existing ones,profiles, resettingreset passwords, view activity logs, and disablingdisable accountsdeparting as needed.staff.
UsingCreating thisa Feature
New Admin Account
-
Hover over System
Configuration,Configuration, click AdminManagement,Management, then Edit Admin Users.ThetoManage Active Administratorsscreen displays, providing options for both new user creation and existing user modification.
Creating a New Admin Account
Onaccess the Manage Active Administratorsscreen,screen.select-
Click the + Create New Admin
.
button. Thescreen will displayEnter the
Create New Administratorform divided into two sections:On the left, you willenter therequired user informationfor the new administrator(e.g., username, first name, last name, email, and initial password).into the fields on the left side of the screen.
OnSelect the
right,specificinadmin role or roles this person will be granted from the Active Rolesform,formyou willselecton theadminrightrole(s)sidethisofpersonthewillscreen. Further details can begranted.foundForonmoretheinformation aboutManage Roles and Permissionsrefer to this wiki article.OnceallClick
information is entered and roles are selected, clickthe Insert New User button to add the admin account to the system.
Multi-factor Authentication (MFA) is now required when creating an Admin account. After the account is created, itthe user must first beaccess accessedit through the Admin portal before attempting to sign in on a handheld device. During thetheir initial login, a One-Time Password (OTP) will be sent to thetheir email associated with the new Admin account,email, and youthey will be prompted to resetset theup password.their credentials. For more details, please refer to ourthe MFA wiki article.
article.
Editing an Existing Admin Account
OnHover over System Configuration, click Admin Management, then Edit Admin Users.
-
Select the
Manage Active Administratorspage, select thespecific user you wish tomodify.
modify from the active list. Youcan now change any ofModify the available options for that selected user, including their personal information, roles, and account status.
-
Click the Update User
whenbuttonyoutoare finished makingsave your changes.
Viewing Login Activity
For any selected user, you can click theLogin Activitybutton to view a log of when the administrator last logged into the OPSCOM system or a handheld device.Additional admin activity has been added on:Log outNew incident creationIncident marked as openedIncident marked as closed
Resetting an Admin's Password
LocateSelect the specific administrator's
account.account from the Manage Active Administrators screen.InEnter a new, temporary password directly into the Password
field, enter a temporary password.field. The password is hidden (displayed asasterisks "**********")asterisks), but you can simply type over the existing symbols.-
Click the Update User button.
-
Inform the admin of this temporary
password.password Whensothetheyadmincanlogslog inusing the temporary password, they willand be prompted to updatetheir passwordit to amorepersonal,secure,securepersonalpassword.one.
Disabling an Admin Account
-
Hover over System Configuration, click Admin Management, then Edit Admin Users.
-
Select the specific user's account you wish to disable.
-
Disable the Activate this account and allow system login checkbox located in their profile.
-
Click the Update User button to apply the change and move the account to the disabled list.
Admin users cannot be permanently deleted from the system because their accounts are oftenpermanently linked to historical data (e.g., ticket issuance, system changes). IfWhen disabling an adminaccount, useryou changes roles or leaves the organization, the best practice is to disable their account.
Important Reporting Note - It is very important tomust leave the admin user's permissions in place. even when disabling their account, as theseThese permissions will still affect historical reportingreporting, (e.g., showingverifying which permissionsaccess levels were active at the time certain actions were performed).performed.
Viewing theLogin account is disabled, any existing permissions obviously cannot be actioned by that user, but they remain associated for reporting purposes.Activity
HoveroverSelect a specific administrator's account.
-
Click the
SystemLoginConfigurationActivitymenu,buttonclickto view a detailed history log.
AdminKey Management,Information Displayed:then The activity log tracks when the administrator last logged into the OPS-COM backend or a handheld device. It also records critical actions, including log outs, new incident creations, and when an incident was marked as opened or closed.
Available Actions and Buttons
-
Edit+AdminCreateUsersNew Admin:.
Click this button to open a blank profile form for onboarding a new staff member. SelectInsert New User: Click this button to finalize the
user'screationaccountofyouawishnew administrator profile.-
Update User: Click this button to
disablesave(e.g.,any"jim_daniels").modifications made to an existing account. TheLogin Activity: Click this button on a user's profile
willtodisplay.openLocateathehistoricalcheckboxlogtitledof their system access and major actions.-
ActivateView Disabled: Click thisaccount and allow system login. Uncheckthis box to disable the account.ClickUpdate Userto apply the change.
After disabling, the account will now appearlink on the Managemain Disabledmanagement Administratorsscreen page,to accessed by clicking on View Disabled onview the Managelist Activeof Administratorsdeactivated page.
This actionYou can bereverse reverseda deactivation at any time by editing thea disabled user account and re-checkingenabling the Activate this account and allow systemtheir login checkbox.
Best Practices &and Considerations
-
SecureUseInitialsecurePasswordsinitial passwords::When creating new accounts or resetting passwords, use strong, temporary passwords and instruct users to change them immediately upon their first login. -
Role-BasedEnforceAccessrole-based access::Always assign granular, appropriate roles to admin users. Avoid giving out Primary Administrator access unless absolutely necessary. Granular roles ensure users only have access to the functions theyneed.strictly need for their daily duties. -
Prompt Disabling:Disable accountspromptlypromptly: Disable accounts immediately when an employee's role changes or they leave the organization.ThisPrompt deactivation is a critical securitymeasure.measure to prevent unauthorized access. -
Audit
LoginloginActivityactivity::Regularly review the Login Activity for your admin accounts to monitor for unusual patterns or unauthorized access attempts. Proactive monitoring helps secure your organization's backend data. -
ClearMaintainDocumentationclear internal documentation::Maintain internal records of your admin accounts, their assigned roles, and any specificnotes,notes. This is especially important for disabledaccounts.accounts to provide context for future administrators or security audits.