Security at Login Level

...

‘A’ is a function which allows the user to authorise an unauthorized record.

‘2’ is not a function. This is used along with the function ‘A’ to allow the user to authorise a record which needs a second authoriser. (Record status of a record which needs a second authorisation would be INA2).

‘C’ is a function which allows the user to copy a record.

‘D’ is a function which allows the user to delete a record which is not yet authorised. A live record cannot be deleted.

‘E’ function allows the user to list the unauthoirsed records.

‘H’ function is used to move a record from history to live file.

‘I’ function allows the user to input a record in an application.

‘L’ function is used to list live records.

‘P’ is used for printing.

‘R’ is used to reverse a record which is no longer used.

‘S’ allows user to only view the records.

‘V’ is a special function which is supported only by some applications in T24. It is used to produce some extra information and also performs some extra actions.

[pic 7]

Fig.1.1.

Sign on Off Log: If set to YES, will log sign on and sign off details of the user in the PROTOCOL file.

Security Mgmt L: If set to YES will log details in the PROTOCOL file when the user accesses the following SMS related files in T24

Application Log: If set to Yes will log details of applications that the user uses on to the PROTOCOL file.

Function Id Log: If set to Yes will log the functions and the IDs used by the user on to the PROTOCOL file.

Input Day Month: Format for the user to input dates. No matter how the date is input by the user, T24 will store the data in YYYYMMDD format.

Date.Last.Sign.On: Indicates the date this User Last Signed On successfully. It is displayed on the SIGN.ON Screen. This date is the actual date (system date) on which the User Signed On.

Time.Last.Sign.On: Indicates the time of day at which this User last Signed On successfully. It is displayed on the SIGN.ON Screen.

Passw Change Date: Indicates the date this User last successfully changed Password

Override.Class - Specifies which override class the user is allowed to approve.

Staff Id – this field accept Staff Id

ATTRIBUTES: - used to control specific T24 functionality. What you set in this field will decide what the user can or cannot do. Some of the attributes can only be used if the front end is DESKTOP. Some options available are explained in detail below.

COMMAND.LINE: The user is allowed the use of the command line in T24 Browser.

LOCK.DEACTIVATION: Prevents user access to the User Deactivation listed in Tools dropdown list.

SUPER.USER: The user has access to all of the features detailed above, and for all future functionality with the exception of REALTIMEENQUIRY.

ATTRIBUTES:

[pic 8]

When a record is committed or authorised, T24 updates the following audit fields. They are no input fields attached to the end of every record across applications.

RECORD STATUS: Holds the status of the record. Possible values are INAU, IHLD, INAO, etc... If the record is in live file, then there is no entry in this field.

CURR NO.: Holds the number of times the record was edited.

INPUTTER: Holds the ID of the user who has inputted the record.

DATE TIME: Holds the date and time when the record was last edited.

AUTHORISER: Holds the ID of the user who has authorized the record.

CO CODE: Defaults based on current company logged into.

DEPT CODE: Defaults to the user’s department code.

The two fields below are populated only when a record is audited (Q function),

AUDITOR CODE: Holds the code of the auditor who has reviewed the record.

AUDIT DATE TIME: Holds the audit date and time.

[pic 9]

PASSWORD RESET

For password reset, the user will send a mail to t24support@nib-ghana.com

If user forget his/her password or the account is locked after a user unsuccessfully tried different passwords and exceed the maximum number of attempts. The application PASSWORD.RESET will allow an administrator to reset the account.

[pic 10]

The ID of a record in PASSWORD.RESET can be any alphanumeric text. For consistency sake the User Id can be used as the ID.

User Pw Attempt: This field specifies the ID of the user whose record has been locked. T24 resets the password and enables the profile at the same time. You must set a new password the next time you log in. If a user crosses the number of password attempts or if the user forgets the password, these can be set in the following fields:

User Attempt: Every user is given a specific number of password attempts after which the user account gets locked. Maximum number of password attempts is specified in the application USER. Such locked user accounts can be unlocked by giving the user name in the field User Attempt.

Deact Perd: is used to activate a profile of a user even before the end of the deactivation period you can achieve this by setting the following field.

Specifies the ID of the user for whom the security administrator wants to reactivate the profile before the end of the deactivation