The SystemWeaver Admin application, called swAdmin2, is a utility used by administrators to maintain user accounts in SystemWeaver Explorer.
The following tasks are available:
- Add, update and delete users
- Assign and unassign users to specific roles
- Set password requirements/policy and security levels of server
- Import users from an LDAP server
- View and handle current licenses
- View active sessions
When the administration software (swAdmin2.exe) is started, it will first display a general information page and a login form. In order to login, the user will need to enter the server name (TCP/IP address) of the SystemWeaver server, its TCP/IP port, their username and password. Click Login and the application will open to the Users screen. If there are any problems with the login, an error message will show up in red below the Login button. The user should be assigned the Administrator role for full functionality.
The interface consists of six sections:
- Import users
- Logged on
The Users tab is where swExplorer user accounts are managed.
The Users Toolbar
The toolbar provides the tools to edit, add, and delete user accounts. You can also use the Find text box to filter and search for user accounts. To include inactive user accounts in the display, check the box provided.
The tab displays the following information:
- Login Name: A unique username. Usernames are not case-sensitive. Required.
- Network id: The user's network id that exists in your corporate Active Directory (AD). The user can then login without entering a password if they are already logged in to the corporate Active Directory. Optional.
- Real Name: The display name that consists of the user's first and last name. Recommended.
- E-Mail: The user's email address. Optional.
- Active: This is checked by default as it is assumed the new account will be active.
- Last Login: The date of the user's last login to the system.
- Roles: The roles assigned to the user.
See Managing User Accounts for how to add, delete, search for and view accounts.
User roles are managed from the Roles tab. Although not required, users can be assigned a role to further define the type of access that they have. A user may have multiple roles.
On the Roles tab, the available SystemWeaver roles are listed to the left. If you select one in the list, the following information will display to the right:
- SID: The role's unique ID.
- Name: The name of the role.
- Info: Any optional information about the role that you want displayed for admin users.
- Description: This is read-only information.
- Users in role: A list of user accounts that are currently assigned to the role.
See Managing User Roles for a description of each role and how to assign and unassign roles.
The password requirements/policy and the security level of the SystemWeaver server is set on the Security tab.
- Min password length: Minimum number of characters in passwords to be accepted when users set new passwords.
- Quarantine period (days): Number of days until reuse of an old password of the user is allowed. The purpose of this setting is to prevent a user from reusing their favorite password by quickly changing a password the number of times required by the setting according to Number of passwords before reuse is allowed.
- Number of passwords before reuse is allowed: Number of passwords required until reuse of an old password of the user is allowed.
- Max password age (days): Number of days after a password was created until the user will be prompted for setting a new password.
- Request password change at login by default: Requires the user to change his/her password from the initial password created for the user account. The purpose of this setting is to minimize possible risks caused by passwords that have been sent via email to users. It also prevents users from saving their notification emails with generated passwords since these will be become obsolete.
- Level 0: Level 0 is equivalent to level 1. Note: In previous releases of SystemWeaver, level 0 meant that access was unrestricted for all libraries and items, regardless of the security setting of these.
- Level 1: In security level 1, any library or item may be freely accessed by any user unless an access right of the library or item has been set limited to a user or group, in which case access will be limited to this setting. However, on level 1 all users always have Read rights regardless of access rights settings.
- Level 2: In security level 2, access to libraries or items is limited to the explicit access rights of the library or item. This means that no users have rights to a library without security settings. Still, on level 2 all users always have Read rights regardless of access rights settings, similar to level 1.
- Level 3: Security level 3 is equivalent to level 2, apart from that also Read rights are governed by the library and item security setting.
Users can be imported to SystemWeaver from an existing LDAP server (Lightweight Directory Access Protocol) using the Import users tab.
The tab displays the following:
Path: Populated with the LDAP configuration added using the Add new LDAP configuration button.
Clear: Clears the Path.
Filter: There are 3 filtering options using the Filter button:
- Name: Enter a string to filter on the name.
- Display name: Enter a string to filter on the Display name.
- Email: Enter a string to filter on the Email.
LDAP user list: Lists the LDAP users from the provided LDAP configuration.
See Importing Users From LDAP Server for more information.
The Licenses tab is used to manage license files. The following information is readily available at the top of the page:
Total available licenses: Number of currently available licenses of type "Read/Write" and "Read". This number includes 5 default licenses, i.e., the minimum available licenses provided by default.
Registered users: Number of registered users (using a license). These are the accounts marked as "Active".
Remaining licenses: Number of remaining licenses that exist and are available for use.
The table displayed below the license information lists the current licenses.
Note: The Expiration Date is displayed in the third column. If the expiration date has passed, the license count associated with that License id will not count.
See Managing Licenses for how to retrieve your Server Id and add and delete licenses.
This screen is read-only and displays a list of users who are currently logged in. You can click on the column headers to modify the sort. Click Refresh to update.
Note: If a user account has an active session on one IP address and attempts to log in to the same database from a second IP address, the first session will become inactive. A user may only be logged in from one IP address at a time. However, until the first session is closed, i.e., using the Logout or X button, two entries will display on the Logged On screen with the Last Login timestamp of the most recent session indicated for both sessions.