Using OPS Employee Security Management

Users can create security user accounts for active employees.

To use employee user name and passwords instead of badge IDs, the OPS > Self-Service > Admin Options > Log On Method property must be set to Username and Password.
Security accounts allow employees to sign in to Employee Self-Service using a user name and password instead of a badge ID and PIN. Security user account password policies are defined in Properties under Core > Security > Policy.

The authentication mode for the OPS Employee Security Management screen is defined in the Core > Security > LDAP > Authentication Mode property. Based on the selected authentication mode, the OPS Employee Security Management screen shows LDAP users, built-in users, or a mixed list of users. LDAP user security accounts are matched using first name, last name, middle name, and email address. If employees are associated with security user profiles for a type not selected in the Authentication Mode property, the system unassigns the security user account when the OPS Employee Security Management screen (or the Employee Profile screen) is opened.

  1. Open the OPS Employee Security Management screen.
  2. Set the Context (F3).
    Context options for the OPS Employee Security Management screen are Agency, Divisions, and employee Status types.
  3. Select the employees to be included in the Employee Self-Service Users security user group.
    Any users highlighted in red aren't currently active in the system. They won't be included in security groups generated that you create in this session.
    Use Shift to highlight groups of employees and Ctrl to highlight individual employees.
  4. Select Add Employee Self-Service Security Group Users: Add Employee Self-Service Security Group Users
    A confirmation message appears. If you choose Yes, a validation message appears to let you know which security users were created and are included in the group. If there are users that can't be added to the group, additional information is provided.

    User IDs are assigned to employees who didn't previously have them and employees with existing user IDs are added to the new group. If the system tries to create a new security user identity and an identity with the same name already exists in the system, an error message appears.

  5. To assign an existing security user profile to an employee:
    1. Select an employee and then select Assign Existing Security User: Assign Existing Security User
      The Assign Security User dialog appears.
    2. Select the existing security user Identity to use and then Assign.
      Assign Security User dialog.
      The Username the user should use when logging in to Employee Self-Service is listed in the CoreIdentity column.
      OPS Employee Security Management showing the CoreIdentity column.
  6. Optional: To remove a security user account from an employee, select the employee and then Un-Assign Security User: Un-Assign Security User
    Note: This removes access from the employee user, it doesn't remove the employee's Security user account. If desired, remove the user account in the Security screen.
Users signing in to Employee Self-Service must create a new password the first time they sign in. For existing security users, you can choose to manually reset the password and prompt them to create a new password when they sign in by clicking Reset in the Password Reset column. You can also undo a password reset (Undo Reset) for users with existing passwords.
Non-administrators can see employee security user identities on the Employee Profile - Employee Card screen, in the Identity field.
Employee Profile - Employee Card showing the Identity field circled in red.
If desired, add any specific permissions for Employee Self-Service Security Group members in the Security screen.