empty
| 
Sugar Enterprise 5.2 Documentation
Sugar Enterprise Installation and Administration Guide
Version 5.2
|
|
|
|
Chapter 2 Administering Sugar : Users
Use this sub-panel to manage teams, users, and roles for your organization.
Use the User Management option to create, edit, activate, and deactivate users in Sugar. You can create a Sugar user, a System Administrator, a Group User, or a Portal-only user. When you create a user, by default, the system creates a Sugar user unless you specify Administrator, Group User, or Portal Only User.
A Sugar user can access and use Sugar modules but does not have administrative privileges.
A System Administrator is a user who has administrative privileges in Sugar to perform tasks such as creating users. The System Administrator has the rights to access all modules and records.
A Group User is a bucket that is used for inbound emails, and does not count toward the number of Sugar licenses that you purchase for your organization. For example, when you create a group mail account for Support, a group user named Support is created to handle customer support issues. Users can then distribute the emails to other users from the group inbox. Users can create a group user with the User Management option or when you create a group for inbound emails as described in “Inbound Email” on page 76.
A Portal Only User is used by portals created in Sugar to access the system. Portal users do not count towards the number of Sugar licenses that you purchase for your organization.
You can activate the Offline Client status for any user to allow that individual to use the Sugar application on their local machines without connecting to the Sugar server. For more information on the Offline Client, see the Sugar Offline Client Installation Guide.
After you create a regular Sugar user, administrator, or portal-only user, the user name displays in the list on the Users Home page and the employees list on the Employees Home page. Group user names display in the users list as group users and does not display in the employees list.
You can assign users to roles and teams depending on the tasks they perform for the organization. If necessary, you can reassign a user’s records to other users. For example, when a user leaves the organization you can reassign that individual’s tasks to other members of the team.
|
Note:
|
You cannot delete users but you can deactivate them. Inactive users do not count towards the number of Sugar licenses you purchase for your organization.
|
|
1.
|
The Users Home page displays on the page.
|
2.
|
|
3.
|
On the Users page, enter the following information:
|
|
a.
|
|
b.
|
In the User Settings sub-panel, select the appropriate option to specify whether the user is an administrator, an end-user, a group user, or a portal-only user. If you do not select any of these options, the system creates an end-user.
|
You can also specify the user’s Offline Client status. If the user has installed the Offline Client and is using it, select Active; if the Offline Client is installed but not being used, select Inactive.
For information on SugarPortal, see the SugarPortal Installation and User Guide. For information on the Offline Client, see the Sugar Offline Client Installation Guide.
You can enable Email notifications to the user when a record is assigned to that person. You can also enable automatic reminders for upcoming meetings and calls. If the user has access to the Sugar Plug-in for Microsoft Word, you can enable the Mail Merge option.
|
c.
|
The Locale Settings sub-panel displays the default values for the date and time format, the time zone, decimal symbol, and currency values as specified on the System Settings page. However, you can change these values for individual users if necessary.
|
|
d.
|
In the User Information sub-panel, specify whether the user is still active, terminated, or on a leave of absence, the title, department, phone numbers, IM (Instant Messenger) type and ID. You can add comments in the Notes field, if necessary.
|
|
e.
|
In the Address Information sub-panel, specify the user’s home address.
|
|
f.
|
In the Calendar Options sub-panel, you can enter a Publish Key to prevent others from publishing the user’s calendar without authorization.
|
|
g.
|
In the Layout Options sub-panel, you can limit access to Sugar modules by granting the user access only to specific modules, depending on the tasks that the user needs to perform. By default, the user has access to all the modules. To hide a module from the user’s view, move the module tab to the Hide Tabs list using the arrow buttons. Similarly, to display a module to a user, move it from the Hide Tabs list to the Display Tabs list.
|
To apply these settings to all users, move the modules from the Hide Tabs list to the Remove Tabs list.
To move up a module, select the module in the Display Tabs list and click the up arrow; to move down the module, click the down arrow.
Use the Number of tabs box to specify the maximum number of module tabs to display in the User Interface. Similarly, specify your preference for number of sub-tabs, sub-panel tabs, and sub-panel links. You can also specify the placement of the Last Viewed links and the Shortcuts menu.
From the Navigation Paradigm drop-down list, select Modules if you want each module to be displayed as a separate tab, or select Grouped Modules to group them into categories such as Sales, Marketing, and Collaboration.
|
h.
|
In the Email Options sub-panel, you can set one or more email addresses for the user’s mail accounts. You can further specify whether an email address is the user’s primary email address or whether it will be used for an automated response to email. You will also need to specify an email client from the drop-down list. For more information on setting up and configuring emails, see the Sugar Enterprise User Guide.
|
|
4.
|
|
5.
|
To change the user password, click Change Password, enter the new password, and save it.
|
After you create the user, the system adds the user name to the user list on the Users Home page. You can now assign the user to roles and teams.
To assign roles and teams to a user
|
1.
|
Select the user from the Users list to view the detail page.
|
|
2.
|
To assign a role to the user, click Select in the Roles sub-panel and select one or more roles that you want to assign to the user.
|
The user is assigned to the role and the role is now listed in the Roles sub-panel.
|
3.
|
To assign the user to a team, click Select in the My Teams sub-panel and select one or more teams that you want to assign to the user.
|
|
1.
|
From the Shortcuts menu on the Users Home page, select Reassign Records.
|
|
4.
|
From the Set Team drop-down list, select the new user’s team, if necessary. If both users belong to the same team, use the default value of No Change.
|
|
5.
|
From the Modules list, select the modules to reassign. All records related to the selected modules will be reassigned to the new user.
|
|
6.
|
Click Submit to reassign the records.
|
|
•
|
To update the status of some or all users, including Sugar Users, Offline Client users, and Sugar administrators use the Mass Update panel on the Users Home page as described in “Editing and Deleting Multiple Records in the Sugar Enterprise User Guide.
|
|
•
|
To edit user details, click Edit on the detail page, change the information as needed, and click Save.
|
|
•
|
To duplicate the user details, on the detail page, click Duplicate, edit the information as necessary, and click Save. The following field values are not duplicated: Publish key, Layout options, Email addresses, User settings, and Locale settings.
|
|
•
|
To import user data, click Import. For more information on importing data see the Sugar Enterprise User Guide.
|
|
•
|
To change the user password, click Edit on the detail page and then click Change Password. Enter the new password, and click Save.
|
|
•
|
If you re-configured your User Preferences settings, Homepage, or Dashboard, and you want to reset it to default values, click the appropriate button.
|
To enable users to create PDF versions of quotes and email them to customers directly from the Quotes detail view, you must ensure that the correct fonts are installed and specify the appropriate character set from the Import/Export Character Set drop-down list in the My Account page. On Microsoft Windows, if you are using USD or Western European fonts, you can select ISO-8859-1 (Western European and US) or CP 1252. The default character set in Sugar is CP1252.
|
1.
|
Use a program such as Font Forge to generate PS Type1/Binary font of.afm (Adobe Font Metrics) type.
|
|
2.
|
Copy the file into sugarcrm/include/fonts.
|
|
3.
|
Navigate to the layout directories located in sugarcrm/modules/Quotes/layouts/ or sugarcrm/custom/modules/Quotes/layouts/.
|
|
4.
|
In any layout file such as Invoice, Standard, and Custom Layout, find the parameter “$font=include/fonts/FontName” where FontName is the name of the font that you generated.
|
Depending on the needs of your organization, you can create multiple teams. For example, based on the reporting hierarchy, you may want to create a team of users who report to the same manager. Based on product management requirements, you may want to create a cross-functional team of users who report to different managers but who manage the same product. By default, all Sugar records such as accounts, contracts, and opportunities are assigned to a specific team and can only be accessed by the members of that team.
A user can belong to one or more teams. When you create a user, the system automatically creates a private team for the person. Any record that the user creates, such as a contract or a quote is assigned to the user’s private team by default. Only the user can access and manage records assigned to this team. But the user can assign a different team to manage the record. Managers can view any record that their subordinates can view, regardless of their team membership.
Users can be both explicitly and implicitly assigned to teams, and will appear as either Member, or Member Reports-to. When a user is manually, or explicitly, assigned to a team as described above, the user will appear as a member in the Membership column. For example, Will and Chris both report to Jim. Will is a member of the East team; Chris is a member of the West team. As a result, Jim will be an implicit member of both the East and West teams. To delete Jim from the West team, either Chris must be removed from the West team, or Chris must no longer report to Jim.
When a user is manually assigned to a team, the user’s management reporting hierarchy is implicitly added to the team as well. This ensures that members of the user’s management hierarchy also have visibility over the records of the user in question. Implicit members appear as Member Reports-to in the Membership column.
|
•
|
Implicit team members cannot be removed from teams; the Remove icon does not appear next to their names.
|
|
•
|
Implicit team members can also be explicitly, or manually, assigned to teams; the Remove icon will appear next to their names.
|
|
•
|
Due to the implicit membership, clicking the Remove icon will not remove them from the team.
|
|
•
|
To remove an implicit member from a team, either a down-level user in the reporting hierarchy must be removed from the team, OR the reporting hierarchy must be broken.
|
|
1.
|
|
2.
|
On the Teams page, enter the team name and a brief description.
|
|
3.
|
|
4.
|
On the Team Home page, click the team name to view its detail page.
|
|
5.
|
|
6.
|
Select the users that you want to add to the team and click Select; to search for a user, use the Search field on the top of the page.
|
|
7.
|
|
2.
|
To edit team details, on the detail page, click Edit, change the information as needed, and click Save.
|
|
3.
|
To duplicate the team details, on the detail page, click Duplicate, edit the information as necessary, and click Save.
|
|
5.
|
For each team, you can create team notices to broadcast team-specific information to team members. These broadcasts display as a scrolling marquee in the Team Notices dashlet of the each team member’s home page.
|
1.
|
|
2.
|
Date Start. Click the Calendar icon and select the date to begin broadcasting the team notice.
Date End. Click the Calendar icon and select the date to end the broadcast.
Team. Click Select to view the team list; click a team name to select it.
Status. From the drop-down list, select Visible to make the notice visible to team members; select Hidden to hide the notice.
Title. Enter the message title.
Description. Enter the message text.
URL Title. Enter a title for the notice URL. This title is a hyperlink to the URL.
URL. Enter the notice URL. The URL hyperlink is inserted into the Team Notices.
|
4.
|
|
5.
|
|
1.
|
To update the start date and end date of some or all notices, use the Mass Update panel on the Team Notices Home page as described in “Editing and Deleting Multiple Records” in the Sugar Enterprise User Guide.
|
|
2.
|
|
3.
|
To delete one or more notices, on the Team Notices Home page, select the notice you want to delete and click the corresponding Delete icon.
|
A role defines a set of permissions to perform actions such as viewing, editing, and deleting information. Roles enable you to control user actions in Sugar by restricting access to modules or module fields.
Users are affected by roles only if they are assigned to roles. That is, users who are not assigned a role can, by default, access and take any action in any module. Users can have multiple roles assigned to them, and roles can be assigned to multiple users.
For example, if you want to prevent a group of users in your organization from accessing the Opportunities module, you can create a role that restricts access to this module. When you assign this role to an engineer, the individual will no longer be able to access the Opportunities module. Or, you may want to assign junior sales representatives to a role that allows them to view and edit opportunities, accounts, and contacts but prevents them from deleting these records.
For more fine-grained access control, you can restrict access to specific fields within a module. For example, you can restrict access to the billing address within the Accounts module. You can grant limited access or hide the fields completely.
For organizations that would like to delegate ownership of specific tasks in certain modules to groups or individuals, Sugar provides different access types within roles. Roles can provide users with administrator access to manage all records in a specified module, and developer access to customize modules using the Developer Tools and to configure any administrative settings specific for the module.
A System Administrator has the right to access all modules and records. You cannot use roles to restrict this privilege.
|
•
|
Normal: The user granted this access type can view and manage records depending on team membership. Regular Sugar users are granted Normal access type.
|
|
•
|
Admin: The user granted this access type can administer all records in the specified module regardless of team membership. However, the user does not have access to administration tools such as Studio and Workflow Management.
|
|
•
|
Developer: The user granted this access type has developer privileges for the specified module. This allows the user access to the administration and development tools, namely Studio, Workflow Management, and Dropdown Editor, that are required to customize the module. Additionally, the user can access any administration tools that are available to manage the modules. For example, the user may be able to access the Releases tool for the Bugs module or the Time Periods tool for the Forecast module. However, appropriate team membership is required to view records in the module.
|
|
•
|
Admin & Developer: The user granted this access type has both Administration and Developer privileges for the specified module. This allows the user to not only view and manage all records but also access administration and development tools available to manage the module. The user does not require team membership to view records in the module.
|
|
•
|
Sales Administrator: This role has administration and developer privileges for Accounts, Contacts, Forecasts, Forecast schedule, Leads, Opportunities, and Quotes.
|
|
•
|
Marketing Administrator: This role has administration and developer privileges for Accounts, Contacts, Leads, Campaigns, Targets, and Target Lists.
|
|
•
|
Customer Support Administrator: This role has administration and developer privileges for Accounts, Bug Tracker, Cases, Contacts, and Knowledge Base.
|
The table below lists the administration tools available to module administrators with Developer access:
For complete control over record access, you will need to set access control at both the module level and the field level. For example, if the field level access is set to “Read Only”, and you want to restrict actions such as Edit and Delete at the record level, you need to set access control at the module level.
All changes to roles such as changing role definitions, assigning, or revoking roles take effect when the assigned users log into Sugar after the change has been made.
|
Note:
|
Because records are assigned to a team to take action, a user must not only belong to the appropriate role but also to the team assigned to a record in order to perform actions on that record. Admin users can view any record.
|
Sugar also provides a Tracker role that grants access permission to create and manage tracker reports. If you want to allow other administrators or regular users to view the Tracker page and its contents in the Home module, run pre-defined tracker reports, and create custom tracker reports, you will need to add them to this role. For more information on tracker reports, see the Sugar Enterprise User Guide.
When you create a role, you specify whether access is permitted or not, the modules that the role can access, the access type such as Normal (for regular Sugar users) or administrator, and the actions that they can perform.
|
•
|
Enabled: permits the user to view the module.
|
|
•
|
Disabled: hides the module from the user’s view.
|
|
•
|
Not Set: leaves the setting unchanged.
|
|
•
|
Not Set: Ensures that the role does not affect a particular setting. This access type is discussed in more detail later in this section.
|
|
•
|
Normal: Regular non-administrator user privileges in the module.
|
|
•
|
Admin: Administrator privileges at the record-level in the module.
|
|
•
|
Developer: Administrator privileges for the module. Needs team membership to view records.
|
|
•
|
Admin & Developer: Administrator privileges for the module. Does not need team membership to view records.
|
|
•
|
Delete: Delete records in the module. If None is selected, the Delete button is disabled on the detail page.
|
|
•
|
Edit: Users can edit records in the module. If None is selected, the Edit button is disabled on the detail page. Additionally, the user cannot use the Mass Update panel to update records for the module.
|
|
•
|
Export: Export record data in the module. The Export link located at the top of List Views is removed when this privilege is not available to the user.
|
|
•
|
Import: Import record data in the module. The Import link in the navigation bar does not appear when this privilege is not available.
|
|
•
|
List: Users can view list of records in the module or in a sub-panel but cannot edit them. Users are unable to access the module's list view when this privilege is not available.
|
|
•
|
View: Users can view the detail page of records in the module.
|
|
•
|
All: all users who are assigned to the role can perform the action.
|
|
•
|
Owner: Only the user who is assigned to the record can perform the action. If there is no assigned user, then the user who created the record can perform the action.
|
|
•
|
None: prevents all users assigned to the role from performing the action.
|
|
•
|
Not Set: leaves the setting unchanged.
|
When a user is assigned multiple roles, the roles definitions are merged and the more restrictive settings prevail. For example, if a user is assigned to two roles pertaining to one module where one role grants administrator access and the other grants end-user access, then user has only end-user access. In this case, the end-user access overrides the role with the administrative access because it is more restrictive.
A special case is the “Not Set” value in a role definition. You can use “Not Set” to ensure that a role does not affect a particular setting. This allows simple roles to be constructed and then combined to achieve the desired security level.
Then, users can only see records that are assigned to the team to which they belong. But they cannot export the data.
|
1.
|
All the Sugar modules along with the associated properties and actions are listed below in table format. You use this table to disable/enable modules or grant/deny permissions to perform specific actions.
|
3.
|
Click Save to create the role.
|
|
4.
|
To specify access to a module, double-click the Access field corresponding to that module, and from the drop-down list, select Enabled; to deny access to the module, select Disabled.
|
|
5.
|
To specify the access type, double-click the Access Type field corresponding to the module and select Normal to specify end-user privileges or Admin to specify administrator privileges.
|
|
6.
|
To set role permissions for a module, such as editing or deleting records, double-click the appropriate Action field corresponding to the module, and select one of the following:
|
All: allows all users of the specified access type to delete a record in the module.
Owner: allows only the record owner to delete the record.
None. Prevents all users of the specified access type from deleting records in the module.
|
•
|
Delete: Delete records in the module. If None is selected, the Delete button is disabled on the detail page.
|
|
•
|
Edit: Edit records in the module. If None is selected, the Edit button is disabled on the detail page. Additionally, the user cannot use the Mass Update panel to update records for the module.
|
|
•
|
Export: Export record data in the module. The Export link located at the top of List views is removed when this privilege is not available to the user.
|
|
•
|
Import: Import record data in the module. The Import link in the navigation bar does not appear when this privilege is not available.
|
|
•
|
List: List views of records in the module. The user is unable to access the module's list view when this privilege is not available.
|
|
•
|
View: View records in the module. The user is unable to access the module detail view when this privilege is not available.
|
|
8.
|
|
1.
|
Select the role on the Roles Home page.
|
The current role permissions for the module display at the top and the module fields display below. A plus sign (+) next to a field name indicates grouped fields. For example, the Billing Street field also includes the city, state, postal code and country. The permissions that you set for Billing Street also applies to the other fields that are grouped with it. You can click the plus sign to view grouped fields.
|
3.
|
To set permissions for a field, click Not Set and select one of the following options from the drop-down list:
|
Read/Write. Permits role members to view and edit the field value.
Read/Owner Write. Permits role members to view the field value and the record owner to view and edit the field value.
Read Only. Permits all users including record owners to only view the field value.
Owner Read/Owner Write. Permits only the record owner to view and edit the field value.
None. The field is hidden from all users.
|
4.
|
Click Save.
|
|
Note:
|
To restrict actions such as editing and deleting records, you will need to set access control at the module level.
|
The system assigns the selected users to the role and displays the user name in the Users sub-panel of the Roles page. Alternatively, you can also assign users to a role in the User Settings sub-panel of the User Management page. Role restrictions do not apply to Admin users.
|
3.
|
Click Save.
|
|
1.
|
To view the role details, click the role name on the Role home page.
|
|
2.
|
|
3.
|
To duplicate the access control information, on the detail page, click Duplicate, enter a new name for the role, and then click Save. Note that the users list associated with the role is not duplicated.
|
|
5.
|
To view access permissions for a specific user, in the Shortcuts menu, select List Roles by User and select the user from the adjacent drop-down list.
|
|
6.
|
To remove a user, in the Users sub-panel, click the Remove (rem) icon corresponding to the user name.
|
|
1.
|
The page displays details of the user’s privileges for each module. The restrictions are then merged and the more restrictive settings across all roles are assigned to the user. You cannot change any of the privileges because they are associated with the role.
|
|
|
|
|
Copyright 2004-2008 SugarCRM Inc.
Enterprise License
