User (Window ID-108)
From iDempiere en
Window: User
Description: Maintain Users of the system
Help: The User Window allows you to maintain User of the system. Users can log into the system and have access to functionality via one or more roles. A user can also be a business partner contact.
Tab: User Contact
Description: Maintain User or Business Partner Contact
Help: The User Tab defines the log in for Users who have access to the system. For application access, users need to have a role assigned.
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_User.AD_Client_ID numeric(10) Table Direct |
| Image | Image or Icon | Images and Icon can be used to display supported graphic formats (gif, jpg, png).
You can either load the image (in the database) or point to a graphic via a URI (i.e. it can point to a resource, http address) |
AD_User.AD_Image_ID numeric(10) Image |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_User.AD_Org_ID numeric(10) Table Direct |
| Name | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | AD_User.Name character varying(60) String |
| Description | Optional short description of the record | A description is limited to 255 characters. | AD_User.Description character varying(255) String |
| Comments | Comments or additional information | The Comments field allows for free form entry of additional information. | AD_User.Comments character varying(2000) Text |
| Search Key | Search key for the record in the format required | 7 bit lower case alpha numeric - max length 8 - can be used for operating system names. | AD_User.Value character varying(40) String |
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
AD_User.IsActive character(1) Yes-No |
| Business Partner | Identifies a Business Partner | A Business Partner is anyone with whom you transact. This can include Vendor, Customer, Employee or Salesperson | AD_User.C_BPartner_ID numeric(10) Search |
| Partner Location | Identifies the (ship to) address for this Business Partner | The Partner address indicates the location of a Business Partner | AD_User.C_BPartner_Location_ID numeric(10) Table Direct |
| Ship Contact | Business Partner Shipment Contact | If the Ship Contact is selected, the contact is used for notification. | AD_User.IsShipTo character(1) Yes-No |
| Invoice Contact | Business Partner Invoice/Bill Contact | If the Invoice Contact is selected, the contact is used to send notifications about invoices to a customer or a vendor. | AD_User.IsBillTo character(1) Yes-No |
| EMail Address | Electronic Mail Address | The Email Address is the Electronic Mail ID for this User and should be fully qualified (e.g. joe.smith@company.com). The Email Address is used to access the self service application functionality from the web. | AD_User.EMail character varying(60) String |
| Password | Password of any length (case sensitive) | The Password for this User. Passwords are required to identify authorized users. For iDempiere Users, you can change the password via the Process "Reset Password". | AD_User.Password character varying(1024) String |
| Title | Name this entity is referred to as | The Title indicates the name that an entity is referred to as. | AD_User.Title character varying(40) String |
| Birthday | Birthday or Anniversary day | Birthday or Anniversary day | AD_User.Birthday timestamp without time zone Date |
| Full BP Access | The user/contact has full access to Business Partner information and resources | If selected, the user has full access to the Business Partner (BP) information (Business Documents like Orders, Invoices - Requests) or resources (Assets, Downloads). If you deselect it, the user has no access rights unless, you explicitly grant it in tab "BP Access" | AD_User.IsFullBPAccess character(1) Yes-No |
| Phone | Identifies a telephone number | The Phone field identifies a telephone number | AD_User.Phone character varying(40) String |
| 2nd Phone | Identifies an alternate telephone number. | The 2nd Phone field identifies an alternate telephone number. | AD_User.Phone2 character varying(40) String |
| Fax | Facsimile number | The Fax identifies a facsimile number for this Business Partner or Location | AD_User.Fax character varying(40) String |
| Notification Type | Type of Notifications | Emails or Notification sent out for Request Updates, etc. | AD_User.NotificationType character(1) List |
| Position | Job Position | AD_User.C_Job_ID numeric(10) Table Direct | |
| User PIN | AD_User.UserPIN character varying(20) String | ||
| EMail User ID | User Name (ID) in the Mail System | The user name in the mail system is usually the string before the @ of your email address. Required if the mail server requires authentification to send emails. | AD_User.EMailUser character varying(60) String |
| EMail User Password | Password of your email user id | Required if the mail server requires authentification to send emails. | AD_User.EMailUserPW character varying(255) String |
| Supervisor | Supervisor for this user/organization - used for escalation and approval | The Supervisor indicates who will be used for forwarding and escalating issues for this user - or for approvals. | AD_User.Supervisor_ID numeric(10) Search |
| LDAP User Name | User Name used for authorization via LDAP (directory) services | Optional LDAP system user name for the user. If not defined, the normal Name of the user is used. This allows to use the internal (LDAP) user id (e.g. jjanke) and the normal display name (e.g. Jorg Janke). The LDAP User Name can also be used without LDAP enables (see system window). This would allow to sign in as jjanke and use the display name of Jorg Janke. | AD_User.LDAPUser character varying(60) String |
| Support User | AD_User.IsSupportUser character(1) Yes-No | ||
| Trx Organization | Performing or initiating organization | The organization which performs or initiates this transaction (for another organization). The owning Organization may not be the transaction organization in a service bureau environment, with centralized services, and inter-organization transactions. | AD_User.AD_OrgTrx_ID numeric(10) Table |
| Auto expand menu | If ticked, the menu is automatically expanded | AD_User.IsMenuAutoExpand character(1) List | |
| Greeting | Greeting to print on correspondence | The Greeting identifies the greeting to print on correspondence. | AD_User.C_Greeting_ID numeric(10) Table Direct |
| EMail Verify | Date Email was verified | AD_User.EMailVerifyDate timestamp without time zone Date+Time | |
| Default mail template | AD_User.R_DefaultMailText_ID numeric(10) Table | ||
| Add Mail Text Automatically | The selected mail template will be automatically inserted when creating an email | AD_User.IsAddMailTextAutomatically character(1) Yes-No | |
| Last Contact | Date this individual was last contacted | The Last Contact indicates the date that this Business Partner Contact was last contacted. | AD_User.LastContact timestamp without time zone Date |
| Verification Info | Verification information of EMail Address | The field contains additional information how the EMail Address has been verified | AD_User.EMailVerify character varying(40) String |
| Last Result | Result of last contact | The Last Result identifies the result of the last contact made. | AD_User.LastResult character varying(255) String |
| Date Account Locked | AD_User.DateAccountLocked timestamp without time zone Date+Time | ||
| Locked | AD_User.IsLocked character(1) Yes-No | ||
| No Password Reset | AD_User.IsNoPasswordReset character(1) Yes-No | ||
| Expired | AD_User.IsExpired character(1) Yes-No | ||
| No Expire | AD_User.IsNoExpire character(1) Yes-No | ||
| Failed Login Count | AD_User.FailedLoginCount numeric(10) Integer | ||
| Date Last Login | AD_User.DateLastLogin timestamp without time zone Date+Time | ||
| Date Password Changed | AD_User.DatePasswordChanged timestamp without time zone Date+Time | ||
| Authentication Type | AD_User.AuthenticationType character varying(10) List |
Tab: User Roles
Description: User Roles
Help: The User Roles Tab define the Roles each user may have. The Roles will determine what windows, tasks, processes and workflows that a User has access to.
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_User_Roles.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_User_Roles.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_Roles.AD_User_ID numeric(10) Search |
| Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_User_Roles.AD_Role_ID numeric(10) Search |
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
AD_User_Roles.IsActive character(1) Yes-No |
Tab: User Substitute
Description: Substitute of the user
Help: A user who can act for this user.
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_User_Substitute.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_User_Substitute.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_Substitute.AD_User_ID numeric(10) Search |
| Name | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | AD_User_Substitute.Name character varying(60) String |
| Description | Optional short description of the record | A description is limited to 255 characters. | AD_User_Substitute.Description character varying(255) String |
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
AD_User_Substitute.IsActive character(1) Yes-No |
| Substitute | Entity which can be used in place of this entity | The Substitute identifies the entity to be used as a substitute for this entity. | AD_User_Substitute.Substitute_ID numeric(10) Search |
| Valid from | Valid from including this date (first day) | The Valid From date indicates the first day of a date range | AD_User_Substitute.ValidFrom timestamp without time zone Date |
| Valid to | Valid to including this date (last day) | The Valid To date indicates the last day of a date range | AD_User_Substitute.ValidTo timestamp without time zone Date |
Tab: Org Access
Description: Maintain User Org Access
Help: Add the tenant and organizations the user has access to. Entries here are ignored, if in the Role, User Org Access is not selected or the role has access to all roles.
Note that access information is cached and requires re-login or reset of cache.
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_User_OrgAccess.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_User_OrgAccess.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_OrgAccess.AD_User_ID numeric(10) Table Direct |
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
AD_User_OrgAccess.IsActive character(1) Yes-No |
| Read Only | Field is read only | The Read Only indicates that this field may only be Read. It may not be updated. | AD_User_OrgAccess.IsReadOnly character(1) Yes-No |
Tab: User Mail
Description: Mail sent to the user
Help: Archive of mails sent to users
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_UserMail.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_UserMail.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_UserMail.AD_User_ID numeric(10) Search |
| Mail Template | Text templates for mailings | The Mail Template indicates the mail template for return messages. Mail text can include variables. The priority of parsing is User/Contact, Business Partner and then the underlying business object (like Request, Dunning, Workflow object). So, @Name@ would resolve into the User name (if user is defined defined), then Business Partner name (if business partner is defined) and then the Name of the business object if it has a Name. |
AD_UserMail.R_MailText_ID numeric(10) Table Direct |
| Mail Message | Web Store Mail Message Template | AD_UserMail.W_MailMsg_ID numeric(10) Table Direct | |
| Created | Date this record was created | The Created field indicates the date that this record was created. | AD_UserMail.Created timestamp without time zone Date+Time |
| Message ID | EMail Message ID | SMTP Message ID for tracking purposes | AD_UserMail.MessageID character varying(120) String |
| EMail sent from | AD_UserMail.EMailFrom character varying(255) String | ||
| To | AD_UserMail.RecipientTo character varying(2000) String | ||
| Cc | AD_UserMail.RecipientCc character varying(2000) String | ||
| Bcc | AD_UserMail.RecipientBcc character varying(2000) String | ||
| Subject | Email Message Subject | Subject of the EMail | AD_UserMail.Subject character varying(255) String |
| Mail Text | Text used for Mail message | The Mail Text indicates the text used for mail messages. | AD_UserMail.MailText character varying(2000) Text |
| Delivery Confirmation | EMail Delivery confirmation | AD_UserMail.DeliveryConfirmation character varying(120) String | |
| Delivered | AD_UserMail.IsDelivered character(1) List |
Tab: Queries
Description: View and maintain saved queries
Help:
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_UserQuery.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_UserQuery.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_UserQuery.AD_User_ID numeric(10) Search |
| Name | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | AD_UserQuery.Name character varying(60) String |
| Description | Optional short description of the record | A description is limited to 255 characters. | AD_UserQuery.Description character varying(255) String |
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
AD_UserQuery.IsActive character(1) Yes-No |
| Default | Default value | The Default Checkbox indicates if this record will be used as a default value. | AD_UserQuery.IsDefault character(1) Yes-No |
| Table | Database Table information | The Database Table provides the information of the table definition | AD_UserQuery.AD_Table_ID numeric(10) Table Direct |
| Validation code | Validation Code | The Validation Code displays the date, time and message of the error.
You can add advanced SQL queries to your searches by filling this field with @SQL=[WHERE CLAUSE]. Do not include the WHERE statement and use Fully qualified SQL statements. F.e: @SQL=C_Order.isActive='Y' AND SalesRep_ID=@AD_User_ID@ will filter orders by active and where the sales representative is the current user. |
AD_UserQuery.Code character varying(4000) String |
Tab: LDAP Access
Description: User Access via LDAP
Help:
.png)
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | AD_LdapAccess.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | AD_LdapAccess.AD_Org_ID numeric(10) Table Direct |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_LdapAccess.AD_User_ID numeric(10) Table Direct |
| Ldap Processor | LDAP Server to authenticate and authorize external systems based on iDempiere | The LDAP Server allows third party software (e.g. Apache) to use the users defined in the system to authentificate and authorize them. There is only one server per iDempiere system. The "o" is the Tenant key and the optional "ou" is the Interest Area key. | AD_LdapAccess.AD_LdapProcessor_ID numeric(10) Table Direct |
| Interest Area | Interest Area or Topic | Interest Areas reflect interest in a topic by a contact. Interest areas can be used for marketing campaigns. | AD_LdapAccess.R_InterestArea_ID numeric(10) Table Direct |
| Created | Date this record was created | The Created field indicates the date that this record was created. | AD_LdapAccess.Created timestamp without time zone Date+Time |
| Error | An Error occurred in the execution | AD_LdapAccess.IsError character(1) Yes-No | |
| Summary | Textual summary of this request | The Summary allows free form text entry of a recap of this request. | AD_LdapAccess.Summary character varying(2000) Text |
| Description | Optional short description of the record | A description is limited to 255 characters. | AD_LdapAccess.Description character varying(255) String |
Tab: Document Status Access
Description:
Help:
File:User - Document Status Access - Window (iDempiere 1.0.0).png
| Name | Description | Help | Technical Data |
|---|---|---|---|
| Tenant | Tenant for this installation. | A Tenant is a company or a legal entity. You cannot share data between Tenants. | PA_DocumentStatusAccess.AD_Client_ID numeric(10) Table Direct |
| Organization | Organizational entity within tenant | An organization is a unit of your tenant or legal entity - examples are store, department. You can share data between organizations. | PA_DocumentStatusAccess.AD_Org_ID numeric(10) Search |
| User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | PA_DocumentStatusAccess.AD_User_ID numeric(10) Search |
| Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | PA_DocumentStatusAccess.AD_Role_ID numeric(10) Table Direct |
| Document Status | PA_DocumentStatusAccess.PA_DocumentStatus_ID numeric(10) Table Direct | ||
| Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
PA_DocumentStatusAccess.IsActive character(1) Yes-No |
.png){kind=link}