.. include:: /shortcuts.rstext .. index:: pair: Site administration; Users .. _users: Users ---------------- *Site administration → Users* In the *Users* menu of the site administration you can: * search for users * change settings for individual users * suspend and delete users * make users site staff or administrators * check the admin notification settings * add and update users manually or by CSV * view reports .. index:: pair: Site administration; User search single: New in Mahara 1.5; User bulk actions single: New in Mahara 1.5; Exact search .. _user_search: User search ~~~~~~~~~~~~~~~ *Site administration → Users → User search* Site administrators can search for any user on the entire site. You can search for their * first name * last name * display name * username * email address .. figure:: /images/site_admin/user_search.* :alt: User search User search You can combine any search and filter options. However, if you use too many, you may not yield any results. #. Filter the users you wish to display by their initials of the first and / or last name. #. Type the name, display name, username or email address or any partial thereof you wish to search for in the search field. |new15| :ref:`If you turned on the exact search `, you need to provide the correct name or email address and not a partial one. #. Choose the institution from the drop-down menu in which you wish to search for the user. #. Click the *Go* button to start searching. #. Decide how many results per page you want to view. #. View your results. The default order is alphabetically according the the first name. However, you can change the order of the results by clicking on a heading and sort that column in ascending or descending order. #. Click on the username of the user for which you want to :ref:`take further actions `. #. |new15| Select all or just a few users for bulk actions. #. |new15| Click the *Edit* button to perform the :ref:`bulk actions ` to * suspend users * delete users * change the authentication method of users #. |new15| Click the *Get reports* button to * view user reports * download user account information for further actions .. index:: pair: Site administration; User bulk actions single: New in Mahara 1.5; User bulk actions .. _bulk_actions: |new15| User bulk actions ^^^^^^^^^^^^^^^^^^^^^^^^^^^ You can perform a number of bulk actions for users on the *Bulk actions* page. .. figure:: /images/site_admin/user_bulk_actions.* :alt: User bulk actions User bulk actions Once you have selected users for whom you wish to perform the same action on the :ref:`User search ` page and clicked on the *Edit* button, you can take any of the following steps. #. Review the users you have selected. #. Click on the *Suspend* button to prevent these users from accessing their accounts. You can also provide a suspension reason. #. Click on the *Delete* button to delete these user accounts. #. Choose a new authentication method from the drop-down menu. #. Click the *Submit* button to change the authentication method to the new one. .. warning:: When you delete accounts, all user data will be lost and cannot be recovered unless from a server backup file. .. index:: pair: Site administration; User reports single: New in Mahara 1.5; User reports .. _user_reports: |new15| User reports ^^^^^^^^^^^^^^^^^^^^^^^^ You can download basic user information for easier updating of these via a CSV file. .. figure:: /images/site_admin/user_reports.* :alt: User reports User reports In order to get to the *User reports* page, you must select users for whom you wish to perform the same action on the :ref:`User search ` page and click on the *Get reports* button. #. You can then review the information that will be included in the CSV file. #. Click the *Download* link to download the information that you see on this page as CSV file. .. note:: You can use this CSV file later on for updating existing accounts. In addition to downloading basic user information, you can also view all the pages that have been created by the users and with whom they have been shared. This facilitates for example troubleshooting when users cannot view pages of others and the administrator would have to log in to the user account to check page permissions. .. note:: This list is only available to site and institution administrators unless staff receive access to this list as well. The site administrator can decide that in the :ref:`User settings ` in the option "Staff report access". .. figure:: /images/site_admin/user_reports_access_list.* :alt: User report page access list User report page access list #. Click on the *Access list* tab on the *User reports* page. #. The owners of the pages are listed. #. All the pages that the users have created are listed. If a collection is listed instead, the number of pages it contains is displayed. #. The users or groups of people who have access to any page or collection are displayed. .. note:: Though all pages, collections and groups are linked, you may not have direct access to them if you are not on the access list or a member of the group yourself. .. index:: pair: Site administration; User account settings .. _user_account_settings: User account settings ~~~~~~~~~~~~~~~~~~~~~~~~ *Site administration → Users → User search →* Click on a username On the *Account settings* page of a user in the administration area, you can perform a number of actions to manage the user's account. However, you cannot change personal information about this user, e.g. name, email, from this page. This can only be done in the *Content* area of the user's account or |new15| via the *Add users by CSV* page. .. figure:: /images/site_admin/user_account_settings.* :alt: User account settings Overview of the user account settings page #. :ref:`Login as this user ` #. :ref:`Change site account settings ` #. :ref:`Change institution settings ` #. :ref:`Suspend ` and / or :ref:`delete ` this user .. index:: see: Masquerading; Login as pair: Site administration; Login as .. _login_as: Login as ^^^^^^^^^^^^^^ As administrator you have the power to log in as any user that you manage and masquerade as them. If you are a site administrator, you can log in as any user while institution administrators can only perform this action for any user who is in their institution. It is a great function for troubleshooting a user account because you see everything as the user would without having to know the password. .. warning:: This function can be misused by administrators because you can make changes to the user's portfolio and artefacts as well as participate in groups while logged in as that user. Users should be aware of this function and that an administrator can enter their account. Sites should have clear policies around the use of this function so that the privacy of users and their portfolios and collaborative work is protected. Therefore, there should also not be many users within an institution who have administrator rights. .. figure:: /images/site_admin/login_as.* :alt: Login as another user Login as another user #. Click on the user's name to go to this user's profile page. You can click on the *Login as ...* link to become that user. #. Click on the *Login as* button to become that user. You see a red bar at the top of the browser window telling you that you are masquerading as another user. .. figure:: /images/site_admin/masquerading.* :alt: Stop masquerading as another user Stop masquerading as another user When you want to return to your own account again, click the *Become [your username] again* link at the top of the browser window. .. index:: single: New in Mahara 1.5; Display used file quota in admin area single: New in Mahara 1.5; User tags single: New in Mahara 1.5; Used user quota .. _site_account_settings: Change site account settings ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ You can view and change a number of settings for a user's account. .. note:: Depending on the authentication method that is associated with this user, you may not be able to edit all settings. .. figure:: /images/site_admin/site_account_settings.* :alt: Site account settings of a user Site account settings of a user #. **Change username**: Give the user a different username. This field is not available when the account is managed by an external authentication method. #. **Reset password**: Change the password for this user account. This field is not available when the account is managed by an external authentication method. #. **Force password change on next login**: Check this box if the user shall change the password upon the next login. This field is not available when the account is managed by an external authentication method. #. **Site staff**: Check this box if the user shall become a staff member for the entire site. #. **Site administrator**: Check this box if the user shall have full administrative rights for the entire site. #. **Disable email**: Check this box to disable the sending of emails for this user. If email is disabled, notifications and messages can only be viewed in the internal inbox. Depending on your setup, if emails are bounced back to the sender, then email may be automatically disabled. #. **Account expires**: Choose the date on which the user's login is automatically disabled. The default setting is that the date is not specified. You always see the current date in the greyed out date fields. You can set an automatic account expiry date for all users in the :ref:`account settings of the site configuration `. #. **File quota**: Change the storage allowance for a user's personal files area. The default value as set in the :ref:`files configuration ` in the plugin administration. #. |new15| **Quota used**: You can see how much of the allocated quota has already been used. #. **Authentication method**: Choose the authentication method that the user uses to log in to Mahara. The authentication methods can be set up in the :ref:`institution administration `. Depending on the authentication method that you have chosen, you may have to provide a *remote username* to allow the user to log in. #. **Username for external authentication**: Add or change the remote username for the chosen external authentication method here. Per default, if no external authentication method is chosen, the internal username is displayed. #. |new15| **Tags**: A user can be tagged by an administrator. The tag of the institution to which the user belonged prior to joining a new institution is not displayed to avoid its deletion. #. Click the *Save changes* button when you are done editing the settings. .. warning:: When the email address is disabled, users cannot reset their passwords themselves as no email can be sent. .. index:: pair: Site administration; Change user institution settings .. _user_institution_settings: Change institution settings ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ You can view and change settings regarding a user's membership in institutions. Depending on the :ref:`site settings for institutions `, a user may be added to more than one institution. .. figure:: /images/site_admin/user_institution_settings.* :alt: Institution settings for a user Institution settings for a user #. Choose the institution to which you want to add this user from the drop-down menu. #. Click the *Add user to institution* button to make this user a member of this institution. #. **Membership expires**: If you wish, specify the date when the user will be removed from this institution automatically. If you click the "Not specified" check box, no end date will be set. #. **ID number**: Provide an optional identifier for this user in this institution. This field is not editable by the user. #. **Institution staff**: Check this box if you want to give this user staff rights in this institution. This will allow him to create controlled groups for example. #. **Institution admin**: Check this box if you want to make this user an administrator of this institution. This will allow him to manage all users in this institution for example. #. Click the *Update* button to save your changes. #. Click the *Remove user from this institution* button to disassociate this user from this institution. The user's account will not be deleted. The user will only not be associated with this institution anymore. .. index:: pair: Site administration; Suspend user .. _suspend_user: Suspend user ^^^^^^^^^^^^^^^^^^ Suspend a user if he does not follow the terms and conditions of the site and behaves inappropriately. Suspended users cannot log in, but all their content is still available. .. figure:: /images/site_admin/suspend.* :alt: Suspend a user Suspend a user #. Provide a reason for your suspension. This is particularly useful when you are not the only administrator and / or need to remember after some time why you suspended this user. #. Click the *Suspend user* button to disallow the user from logging in. .. figure:: /images/site_admin/suspension_notice.* :alt: Suspension notice Suspension notice on the user account settings page When a user has been suspended, the suspension message appears on the user's account settings page stating the reason and |new15| the date for the suspension and giving the administrators the possibility to unsuspend the user by clicking on the *Unsuspend user* button. .. figure:: /images/site_admin/suspension_reason.* :alt: Suspended user tries to log in Suspended user tries to log in and gets suspension message When the user tries to log in, he will see the suspension message and the reason. He can then contact an administrator via the "Contact us" form for further action. .. index:: pair: Site administration; Delete user .. _delete_user: Delete user ^^^^^^^^^^^^^^ Users can delete their own accounts in their :ref:`account settings ` if self-registration is allowed to by their institution. Administrators can also delete user accounts at any time. .. figure:: /images/site_admin/delete_user.* :alt: Delete a user account Delete a user account Click the *Delete user* button to delete this user account permanently. This action **cannot** be undone. As this is a permanent action, you see a confirmation pop-up window that you will have to acknowledge. .. warning:: When you delete a user account, **all personal data is wiped from the system**. This applies to everything that is in a user's *Content* and *Portfolio* area. This action cannot be undone. The user's contributions in groups, e.g. forum messages, uploaded files and pages created in a group, are still available, but are made anonymous by changing the name to "Deleted user" as author where an author is shown. .. note:: If an account was deleted by accident - either by a user or by an administrator - swift action may result in recovery of (most of) the data from a backup file. This requires access to the server's backups and the backend of Mahara. More information is available on the wiki under `Restoring a deleted user `_. .. index:: pair: Site administration; Suspended and expired users single: New in Mahara 1.5; View and reactivate expired users in bulk .. _suspended_users: Suspended and |new15| expired users ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *Site administration → Users → Suspended users* A list of all suspended and expired users is available in the sub-menu *Suspended users*. Here you can unsuspend / reactivate or delete them. .. figure:: /images/site_admin/suspended_users.* :alt: List of all suspended users List of all suspended or expired users #. |new15| Select whether you wish to see suspended or expired users. #. Select the user(s) for which you want to perform the same action. #. Click the *Unsuspend users* button to reinstate the accounts for all selected users. #. Click the *Delete users* button to delete all selected users in bulk. **This action cannot be undone and all personal information of these users will be deleted** (see :ref:`delete user `). #. |new15| Click the *Reactivate expired users* button if you want to allow these users access to their accounts again. .. index:: pair: Site administration; Site staff single: New in Mahara 1.5; Double-click action when moving users .. _staff_users: Site staff ~~~~~~~~~~~~~~~ *Site administration → Users → Site staff* On this page you can choose which users receive site staff rights. Potential staff members - any user on the site - are listed on the left while existing site staff members are listed on the right. .. figure:: /images/site_admin/site_staff.* :alt: Site staff users Give site staff rights #. From the list under **Potential staff**, select the users you wish to make site staff. You can also select multiple users at once using Ctrl and Shift click. #. If you have too many users on your site and you cannot see / find the users you want, you can search for them in the **Search** box. #. Add the potential staff members to the right-hand side - **Current staff** - by clicking on the *right-arrow* button |right-arrow|. #. If you want to remove an existing or accidentally added site staff member, you can remove the user from the list on the right-hand side by clicking on the user. #. Then click on the *left-arrow* button |left-arrow|, and the user is removed from the list. #. When you have chosen all members you wish to make site staff, click the *Submit* button. .. note:: |new15| You can also double-click a name and it will be moved to the other side. This goes for all functionalities that are similar to this one here. .. index:: pair: Site administration; Site admins .. _site_admins: Site admins ~~~~~~~~~~~~~ *Site administration → Users → Site admins* Site administrators have powerful rights. They can make far-reaching changes and also :ref:`log in as other users `. Be careful whom you give these rights. One site administrator is needed for each site. The total number of site administrators should be kept small. .. figure:: /images/site_admin/site_admins.* :alt: Site admins Give site admin rights #. From the list under **Potential admins**, select the users you wish to make site administrators. You can also select multiple users at once using Ctrl and Shift click. #. If you have too many users on your site and you cannot see / find the users you want, you can search for them in the **Search** box. #. Add the potential site admin to the right-hand side - **Current Admins** - by clicking on the *right-arrow* button |right-arrow|. #. If you want to remove an existing or accidentally added site admin, you can remove the user from the list on the right-hand side by clicking on the user. #. Then click on the *left-arrow* button |left-arrow|, and the user is removed from the list. #. When you have chosen all members you wish to make site admins, click the *Submit* button. .. note:: |new15| You can also double-click a name and it will be moved to the other side. This goes for all functionalities that are similar to this one here. .. index:: pair: Site administration; Admin notifications .. _admin_notifications: Admin notifications ~~~~~~~~~~~~~~~~~~~~~~~ *Site administration → Users → Admin notifications* The *Admin notifications* page lists all users with institution and site administrator access on your site. It shows their selected notification preferences for all admin notifications. There should be at least one administrator receiving each type of message generated. Admin notifications are: * Contact us * Objectionable content * Repeat virus upload * Virus flag release .. figure:: /images/site_admin/admin_notifications.* :alt: Admin notifications Overview of the admin notification types .. index:: pair: Site administration; Add user single: New in Mahara 1.5; Change default account settings upon user creation .. _add_user: Add user ~~~~~~~~~~~~ *Site administration → Users → Add user* You can add users to your site by creation accounts for them manually one by one. .. figure:: /images/site_admin/add_user.* :alt: Add a user Add a user manually #. Click the *Create new user from scratch* radio button if you want to create an empty account. Provide the first name, last name and email address for this user. #. Click the *Upload Leap2A file* radio button if you want to import a user from another Mahara instance or a system that supports the Leap2A standard. Such a user could have :ref:`exported ` his portfolio from another Mahara instance. #. **Username**: Give the new user a username. It may contain letters, numbers and most common symbols. It must be from 3 to 236 characters in length. Spaces are not allowed. #. **Password**: Choose a password for the account. The password must be at least six characters long. #. **Site staff**: Check this box if the new user should have site staff rights. #. **Site administrator**: Check this box if the new user should have site administrator rights. #. **Institution**: Choose the institution of which the user should be a member. #. **File quota**: Review the allocated file quota. You may change it here for this user. #. **Institution administrator**: Check this box if the new user should have institution administrator rights in the chosen institution. #. |new15| **General account options**: Expand this menu to see default account options that you may choose to change while creating this user. These are the :ref:`general account options ` a user can change on the :ref:`Settings ` page. #. Click the *Create user* account button. #. The user will receive an email with the account details. .. note:: You can only define the default account settings for a user account, but not force the user to keep them forever. You could only do that by customising the system on the code level. .. index:: pair: Site administration; Add users by CSV pair: Site administration; Update users by CSV single: New in Mahara 1.5; Update users by CSV single: New in Mahara 1.5; Change default account settings upon user creation single: New in Mahara 1.5; Update file quota in bulk .. _add_users_csv: Add and |new15| update users by CSV ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *Site administration → Users → Add users by CSV* You can use this function to upload new users in bulk via a CSV file (comma-separated file) and to update existing users. The first row of your CSV file should specify the format of your data. For example, it should look like this: ``username,password,email,firstname,lastname,studentid`` For **new** users, this row **must** include: * username * password * email * firstname * lastname .. note:: If you want to update existing users, you do not need to set a password, but the password column must exist. You can mix new and existing accounts in your CSV file. It must also include fields that are :ref:`mandatory ` for all users to fill out and :ref:`any fields locked for the institution ` you are uploading the users for. All other fields are optional. This is the full list of fields that you can add in addition in your CSV file upload. * **studentid** - Student ID is displayed in the profile * **preferredname** - Display name * **introduction** - Introduction is displayed in the profile * **officialwebsite** - Official web site * **personalwebsite** - Personal web site * **blogaddress** - URL to the blog * **address** - Street address * **town** - Town * **city** - City * **country** - Country * **homenumber** - Home phone number * **businessnumber** - Work phone number * **mobilenumber** - Mobile phone number * **faxnumber** - Fax number * **icqnumber** - ICQ nickname * **msnnumber** - MSN nickname * **aimscreenname** - AIM screen name * **yahoochat** - Yahoo Chat username * **skypeusername** - Skype ID * **jabberusername** - Jabber ID * **occupation** - Occupation is displayed in the profile * **industry** - Industry is displayed in the profile * **maildisabled** - Selection to disable the email address * **remoteuser** - Remote username for external authentication Your CSV file could look for example like the following: | ``username,email,firstname,lastname,studentid,preferredname,remoteuser, password`` | ``"percy","percy@pearle.net","Percy","Pearle","","","percy.pearle","mahara1"`` | ``"petra","petra@petterson.net","Petra","Petterson","","","petra.petterson","mahara1"`` | ``"polly","polly@potter.net","Polly","Potter","","","polly.potter","mahara1"`` | ``"admin","admin@mahara.school","Admin","User","","","","mahara1"`` | ``"jamesj","james@jetts.com","James","Jetts","","","","mahara1"`` When you have created your CSV file, you are ready to upload it. .. figure:: /images/site_admin/add_users_csv.* :alt: Add users by CSV file Add users by CSV file #. **Institution**: Choose the institution **and** the authentication method for the user accounts that you upload and / or change. You cannot change the authentication method later on in bulk, but only for each user individually. #. |new15| **File quota**: If you wish, you can set a different file quota for all accounts in the CSV file. #. **CVS file**: You must upload a CSV file by clicking on the *Browse* button and then selecting it from the files area on your computer. #. **Force password change**: If you select this option, users need to change their password before they can log in for the first time. #. **Email users about their account**: If you select this option, users will receive an email with their account information. This is in particular good for internal accounts. For user accounts that are managed for example by Moodle or through LDAP, you do not have to select this option because the users should already know their login information. #. |new15| **Update users**: Select this option if your CSV file contains changes for existing users. #. |new15| **General account options**: Expand this menu to see default account options that you may choose to change while creating or updating users. These are the :ref:`general account options ` a user can change on the :ref:`Settings ` page. #. Click the *Add users by CSV* button to upload and / or change users. .. note:: Depending on your server settings and / or the size of your installation, you may not be able to upload all user accounts at once. You may wish to upload them in bunches of 100 instead. .. index:: Authentication method pair: Site administration; Change authentication method in bulk single: New in Mahara 1.5; Change authentication method single: New in Mahara 1.5; Change remote username .. _change_authentication_method: |new15| Change the authentication method and remote username in bulk ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ After an admin has :ref:`successfully invited or added new members ` into an institution, he can change their authentication method. That can be useful if the authentication method differs from the one in the previous institution and the admin wants to link the new accounts to a remote username using: * LDAP directory * Moodle accounts via MNet * Single sign-on through an IdP provider .. note:: The change in the authentication method for **existing accounts** should be done **before** users try to log in with their new credentials to avoid the creation of a second account for that user. You can change the authentication method for multiple users at once to save you time manually updating each user. Changing the authentication method usually also entails changing the remote username (a.k.a. username for external authentication). Therefore, these two are dealt with together to describe the work flow better. .. figure:: /images/site_admin/user_search_remoteusername.* :alt: Find users in an institution to change their remote username Find users in an institution to change their remote username #. Go to *Site administration → Users → User search*. #. From the drop-down menu choose the institution in which the members are whose authentication method and remote username you want to change / add. #. Click the *Go* button to limit your results to these institution members. #. Change the *Results per page* if you wish to see more than 10 users per page. #. Select the users whose authentication method and remote username you want to change by either putting a check mark in the check boxes or clicking on *All* to select all users on that page. #. Click the *Get reports* button to proceed to the next step. You are taken to the *User reports* page. .. figure:: /images/site_admin/user_reports_remoteusername.* :alt: User reports page User reports page .. figure:: /images/site_admin/csv.* :alt: Update the CSV file Update the CSV file with remote username and password .. figure:: /images/site_admin/update_users_remoteusername.* :alt: Update user accounts in bulk Update user accounts in bulk #. Click on the *Download* link next to **Export users in CSV format** so that you can change their remote username in bulk. This is necessary if their internal Mahara username is not the same as the one they use to authenticate on your system that is linked to Mahara or if they already have a remote username that would be incorrect for your institution. #. Open the CSV file in your preferred spreadsheet software. In the column *remoteuser*, add or change the username that your users have when authenticating in your regular system that you have connected to Mahara. You may also change other fields, e.g. their name, email address etc. If you want to add a new user directly in this CSV file, you can do so as well. #. Go to *Site administration → Users → Add users by CSV*. #. **Institution**: Choose the correct institution **and** authentication method for which you want to update your users. This allows you to switch all users in the CSV file from one authentication method to another. #. **CSV file**: Choose the CSV file from your computer that you had updated. #. **Update users**: Put a check mark here because you want to update existing user accounts. #. **General account options**: You can make changes to the default account options for all the users, e.g. give them multiple journals by default, change their interface language etc. #. Click the *Add users by CSV* button to start the user update. This process may take a little while depending on how many users you are changing. #. You receive a report on the page upon the successful completion of the upgrade. If the upgrade fails, error messages help you to resolve the problem. No users are updated until all errors are resolved. .. note:: If you intend to update more than 100 users at the same time, you may run into problems and the server may reject your CSV file as the update process is a very memory intense one. If that is the case, you would have to split your CSV file into smaller ones with fewer users in them. You can check that the accounts had their remote usernames added: #. Go to *Site administration → Users → User search*. #. Select the institution in which the members are whom you want to check. #. Click the *Go* button to limit your user results to this institution. #. Select the users for whom you want to check the remote usernames. #. Click the *Get reports* button to proceed to the next step. You are taken to the *User reports* page. #. You see the remote username in the last column.