Welcome to User Administration for CA Customers
Last Updated: April 06, 2012
Table of Contents
Registering for User Administrator access
Users and Permissions
Searching, Organizing and Exporting Data
Removing or Revoking User Administrator Access
User Administration is optional functionality that is available to CA enterprise customers. It provides the ability for customer User Administrators to manage user access to their site IDs via CA Support Online. A User Administrator takes on the responsibility of approving, updating and revoking access for users at a specified site ID.
- Key Point: CA Support does not process access requests for sites with a User Administrator.
CA encourages multiple User Administrators per site ID so that there is always a representative to make user access decisions on behalf of your company.
Key features of User Administration are:
- Registration Requests queue to instantly see pending access related requests.
- Email notifications of new access requests Users and Permissions area to view all users with access to your site ID. This is your workspace to change access levels, revoke user access, and revoke User Administrator access to your site(s).
- Audit Reporting area that displays recorded User Administrator transactions.
- Ability to export site user and audit information to Excel.
Registering for User Administration Access
Enterprise users will now see a tab in My Account called User Administration.
This screen is for requesting access to be a User Administrator for one or more sites where you are a member. All sites that you can currently access will be listed along with an indicator to show whether you already have active or pending User Administrator access.
Check the box for one or more sites where you require User Administration access. Enter required supporting information in the text box. A supporting information example would be a statement that your management requires you to administer the site.
Click to submit your request.
- Note: The first User Administrator at a site ID will be granted the access by CA Support. Subsequent requests for User Administrator access to the site will be granted by the site ID's User Administrator.
My Account - Email Notification
Do you want to receive email notifications for site access requests? By default, as a User Administrator, you will receive email notifications of new access requests. You can choose to receive or not receive email notifications for each site for which you have User Administration access.
Go to My Account - Personal Profile
User Administration Menu
The User Administration menu will appear in the left navigation if you have User Administrator access for any site ID. The following screen shows the menu expanded.
If you have access to multiple sites, be sure your top menu is set to a site for which you have User Administrator access.
If you are not currently set to a site for which you have User Administrator access, and you click User Administration in the left menu, you will see this error message:
Just switch to a site ID for which you have User Administrator access and User Administration will open in the default Registration Requests screen with the menu expanded.
User Administration Screens
User Administration consists of 3 main screens - Registration Requests, Users and Permissions, and Audit Reporting.
This screen contains all unprocessed registration requests for the selected site ID. Once users' requests are approved, their names will appear on the Users and Permissions screen. Those requests that are rejected will no longer be accessible, but will be recorded in the Audit Reports area.
This is your main work area in User Administration where you will find and process:
- New users registering for CA Support Online and your site ID for the first time.
- Users with access to other sites that are requesting additional site access to your site.
- Other enterprise users at your site ID who are requesting User Administration access.
To process a registration request, click on the View/Edit icon for the user.
You are in the registration detail record where you can choose to accept, hold or reject the request. There is also a comments field where you can enter optional text that will be sent with the email to the requestor.
Review the request, select the desired status in the dropdown menu, optionally add comments which will be included in the no-reply email, then click Save.
Accept - This accepts the access request for your site and will trigger a no-reply email to the user with your optional comments. The request will no longer be displayed in the Registration Requests. If you accepted a site access request, the user will now display in the Users and Permissions screen. If you accepted a request to become a User Administrator, the user will be displayed in the Users and Permissions screen with a User Administrator indicator. A record of the acceptance will be entered into the audit report.
Hold - This is used when you plan to process the request, but are not ready to complete it. The request will remain in the Registration Requests screen with the Hold status. The Hold status will also be visible to any other User Administrators for your site so they will know another User Administrator is handling the request.
Reject - This rejects the users request and will send a rejection email to the requestor along with any comments you enter into the record. You will get a confirmation pop-up box to verify you want to reject the request. If you click OK, the request will drop from the Registration Requests screen and the transaction will be recorded in the audit report.
Note: The rejection is not reversible and if in error, a new request would need to be submitted
Users and Permissions
This page lists the users who have access to your site. If you are a User Administrator for multiple sites, please use the site ID drop-down menu in the top navigation menu to view users for another site. A special link may appear if your site is set up as the child of a parent site. (See Parent/Child site section)
The Users and Permissions screen is where you can view, modify access level, remove User Administrator access for another user, and revoke access to the selected site.
Click the View/Edit icon next to the user to be reviewed or modified. This will bring up a detail page with two tabs, Update Site Access and Revoke Site Access.
Update Site Access
This Update Site Access tab on the contact details page allows you to remove a user's UA access to the selected site and to change the user's access level that determines what functions the user can do on the site. The access level applies across all sites that the user can access. Lowering a user's access level requires that the User Administrator have authority over all sites that the user can access.
Access levels - There are now 6 access levels with 3 new variations of the Enterprise User. Enterprise Users can now be restricted from downloading enterprise products, solutions or both.
Please note: As stated above, a CA Support Online user can only have one role per login (email address) so if a user has multiple site access, the assigned role will apply across all sites.
- Enterprise - Enterprise Users can open and view cases for entitled products for all sites all sites they can access. They can download products and solutions and have access to all knowledge base documents and documentation.
- Enterprise - No Product Downloads - This role has the same functions as the Enterprise User except there is no ability to download enterprise products. This user can download entitled published solutions.
- Enterprise - No Solution Downloads - The role has the same functions as the Enterprise User except there is no ability to download entitled published solutions. Entitled products can be downloaded, but the user cannot download patches / solutions.
- Enterprise - No Downloads - This role has the same functions as the Enterprise User except there is no ability to download entitled enterprise products or solutions. The user has access to case management, knowledge base documents and documentation.
- Indirect User - Indirect Users are Enterprise users that have the ability to view cases, but cannot open them. The indirect user role is normally used for users at sites where a CA Partner is delivering support to the customer. Indirect Users have access to all entitled downloads, knowledge base documents and documentation.
- Read-Only User - Read-Only Users are Enterprise users, but do not have case management. They cannot open or view cases. These users cannot download entitled products, but can download patches/published solutions. Read-Only users can view all enterprise documentation and knowledge for all products.
- Key Point: Because a user's access level applies across all sites that the user can access, the user who has multiple site access must have the highest access level that is required by any of their sites.
Lowering a user's access level can only be done by a User Administrator who has authority for all sites that the user can access. If that user requires enterprise access at a site not under the jurisdiction of the User Administrator, the access level cannot be lowered.
Raising the access level can be done by any User Administrator if required for the site. This will raise the user's level for all sites.
Revoke Site Access
The Revoke Site Access tab in the user's detail screen is used to revoke the user's access to the currently selected site.
Upon confirmation, the user will be removed from the selected site ID. If you are a User Administrator for multiple sites and check the box, the user will be removed from all of your sites. The user will not be removed from any remaining sites they may have access to.
- Key point: Once confirmed, revoking access is not reversible. The user must re-enroll or make a new request for additional site access to the site.
If the User Administrator has permissions for multiple sites, a checkbox will display to allow revoking access to the user across all of the User Administrator's sites.
If the user belongs to sites not under the authority of the User Administrator, access to those sites will not be revoked.
- Revoking a user's site access cannot be reversed. The user would need to create a new account or, if a member of another site(s), would need to again request additional site access to the site that was revoked.
Revocation of a user will be recorded in the Audit Reporting section of all affected sites.
Parent/Child site setup is infrequently used, but is a configuration that allows all users of a designated parent site have access to the child sites. Users at a child site do not have access to the parent site.
The User Administrator has a view of all users with direct access to the selected site in the Users and Permissions screen. User Administrators can approve, modify and revoke those users directly assigned to their site.
A User Administrator of a child site cannot modify the users of the parent site.
If you are the User Administrator for a child site, a separate link will display in the Users and Permissions screen enabling you to view the users who have access to the parent site, and therefore have access to your site. In the example below, our demonstration site has been configured as the child of a parent site. The new link below will display users at the parent site in a read-only view.
Users of a parent site can request User Administrator access to the child site. If approved, that user will begin appearing in the regular Users and Permissions screen for the child site.
Audit Reporting displays all transactions made by the User Administrator(s) at each site.
- Key Point: Audit Reporting does not include historical data. Transaction logging starts when the first site User Administrator begins processing requests or updating/revoking site users.
Searching, Organizing and Exporting Data
All User Administration screens have features allowing you to search on data for any column and to customize your view by moving and sizing the columns.
Compare this screen with the previous screen to see that the Last Name, Activity Description and Audit Date columns have been moved to the left. You can also see the search filter displayed.
Both the Users and Permissions screen and the Audit Reporting screens have the ability to export your data to Excel.
Removing or Revoking User Administrator Access
User Administrators can revoke the access of another User Administrator at their site. User Administrators cannot remove their own access.
Revoking another User Administrator's access
- Click the View/Edit icon next to the user whose UA access will be removed. This will bring up a detail page with two tabs, Update Site Access and Revoke Site Access.
- On the Update Site Access tab, uncheck the User Administrator checkbox and click the Update button. You will see a message that the update was successful.
Note: If User Administator Access is unintentionally removed, the user must re-register for User Administrator access.
Removing Your User Administrator Access
To remove your own User Administrator access, if there is another UA at your site, request that they remove your access using the function described above.
If you are the only User Administrator at your site and there will be a replacement, it is recommended that you first approve the replacement User Administrator, then request that person to revoke your access.
If there will not be a replacement User Administrator and you are the only UA at the site, please open a support issue either online by selecting "Support Online" as the product or by contacting CA Customer Care.