Skip to main content

Manage Admin User Accounts

CreatingThe Manage Admin User Accounts feature provides the tools necessary to create, modify, and managingdisable administrator accountsprofiles inwithin OPSCOMthe system. Its primary purpose is essentialto forgrant grantingsecure systembackend access to staff, definingdefine their specific responsibilities through assigned roles, and maintaining secure andmaintain accurate userhistorical records.records of administrative actions. This article guidesis OPSCOMintended for OPS-COM administrators throughresponsible for managing system security and personnel access.

Setup and Configuration

This feature requires high-level administrative access to properly configure and manage other user accounts.

Admin Side: Administrators must have the processappropriate ofsystem creatingrole permissions enabled to access the admin management tools. Multi-factor Authentication (MFA) is strictly required for all administrative accounts to ensure system security.

Using this Feature

Administrators can use the following instructions to create new admin accounts, editingedit existing ones,profiles, resettingreset passwords, view activity logs, and disablingdisable accountsdeparting as needed.staff.

UsingCreating thisa Feature
New Admin Account

  1. Hover over System Configuration,Configuration, click Admin Management,Management, then Edit Admin Users. Theto Manage Active Administrators screen displays, providing options for both new user creation and existing user modification.

Creating a New Admin Account
  1. Onaccess the Manage Active Administrators screen,screen.

    select
  2. Click the + Create New Admin.
     button.

  3. The screen will display

    Enter the Create New Administrator form divided into two sections:

    • On the left, you will enter therequired user information for the new administrator (e.g., username, first name, last name, email, and initial password). into the fields on the left side of the screen.

    • On

      Select the right,specific inadmin role or roles this person will be granted from the Active Roles form,form you will selecton the adminright role(s)side thisof personthe willscreen. Further details can be granted.found Foron morethe information aboutManage Roles and Permissions refer to this wiki article.

    page.

  4. Once all

    Click information is entered and roles are selected, clickthe Insert New User button to add the admin account to the system.

Multi-factor Authentication (MFA) is now required when creating an Admin account. After the account is created, itthe user must first beaccess accessedit through the Admin portal before attempting to sign in on a handheld device. During thetheir initial login, a One-Time Password (OTP) will be sent to thetheir email associated with the new Admin account,email, and youthey will be prompted to resetset theup password.their credentials. For more details, please refer to ourthe MFA wiki article.
article.

Editing an Existing Admin Account

  1. On

    Hover over System Configuration, click Admin Management, then Edit Admin Users.

  2. Select the Manage Active Administrators page, select thespecific user you wish to modify.
    modify from the active list.

  3. You can now change any of

    Modify the available options for that selected user, including their personal information, roles, and account status.

  4. Click the Update User whenbutton youto are finished makingsave your changes.

Viewing Login Activity
  • For any selected user, you can click the Login Activity button to view a log of when the administrator last logged into the OPSCOM system or a handheld device.
  • Additional admin activity has been added on:
    • Log out
    • New incident creation
    • Incident marked as opened
    • Incident marked as closed

Resetting an Admin's Password

  1. Locate

    Select the specific administrator's account.account from the Manage Active Administrators screen.

  2. In

    Enter a new, temporary password directly into the Password field, enter a temporary password.field. The password is hidden (displayed as asterisks "**********")asterisks), but you can simply type over the existing symbols.

  3. Click the Update User button.

  4. Inform the admin of this temporary password.

  5. password
  6. Whenso thethey admincan logslog in using the temporary password, they willand be prompted to update their passwordit to a morepersonal, secure,secure personalpassword.

    one.

Disabling an Admin Account

  1. Hover over System Configuration, click Admin Management, then Edit Admin Users.

  2. Select the specific user's account you wish to disable.

  3. Disable the Activate this account and allow system login checkbox located in their profile.

  4. Click the Update User button to apply the change and move the account to the disabled list.

Admin users cannot be permanently deleted from the system because their accounts are oftenpermanently linked to historical data (e.g., ticket issuance, system changes). IfWhen disabling an adminaccount, useryou changes roles or leaves the organization, the best practice is to disable their account.

Important Reporting Note - It is very important tomust leave the admin user's permissions in place. even when disabling their account, as theseThese permissions will still affect historical reportingreporting, (e.g., showingverifying which permissionsaccess levels were active at the time certain actions were performed).performed.

Once

Viewing theLogin account is disabled, any existing permissions obviously cannot be actioned by that user, but they remain associated for reporting purposes.

Activity

  1. Hover over

    Select a specific administrator's account.

  2. Click the SystemLogin ConfigurationActivity menu,button clickto view a detailed history log.

AdminKey Management,Information Displayed:then The activity log tracks when the administrator last logged into the OPS-COM backend or a handheld device. It also records critical actions, including log outs, new incident creations, and when an incident was marked as opened or closed.

Available Actions and Buttons

  • Edit+ AdminCreate UsersNew Admin:.
     Click this button to open a blank profile form for onboarding a new staff member.

  • Select

    Insert New User: Click this button to finalize the user'screation accountof youa wishnew administrator profile.

  • Update User: Click this button to disablesave (e.g.,any "jim_daniels").modifications made to an existing account.

  • The

    Login Activity: Click this button on a user's profile willto display.open Locatea thehistorical checkboxlog titledof their system access and major actions.

  • ActivateView Disabled: Click this account and allow system login.

  • Uncheck this box to disable the account.
  • Click Update User to apply the change.
  • After disabling, the account will now appearlink on the Managemain Disabledmanagement Administratorsscreen page,to accessed by clicking on View Disabled onview the Managelist Activeof Administratorsdeactivated page.

    accounts.

    This actionYou can bereverse reverseda deactivation at any time by editing thea disabled user account and re-checkingenabling the Activate this account and allow systemtheir login checkbox.


Best Practices &and Considerations

  • SecureUse Initialsecure Passwordsinitial passwords:: When creating new accounts or resetting passwords, use strong, temporary passwords and instruct users to change them immediately upon their first login.

  • Role-BasedEnforce Accessrole-based access:: Always assign granular, appropriate roles to admin users. Avoid giving out Primary Administrator access unless absolutely necessary. Granular roles ensure users only have access to the functions they need.strictly need for their daily duties.

  • Prompt Disabling: Disable accounts promptlypromptly: Disable accounts immediately when an employee's role changes or they leave the organization. ThisPrompt deactivation is a critical security measure.measure to prevent unauthorized access.

  • Audit Loginlogin Activityactivity:: Regularly review the Login Activity for your admin accounts to monitor for unusual patterns or unauthorized access attempts. Proactive monitoring helps secure your organization's backend data.

  • ClearMaintain Documentationclear internal documentation:: Maintain internal records of your admin accounts, their assigned roles, and any specific notes,notes. This is especially important for disabled accounts.accounts to provide context for future administrators or security audits.