Classic View: System Administration > User Security > Users > User Account
Search Terms: User Account Information
In order for a person to be assigned tool rights, be allowed to join user groups, be assigned calendar rights, and other features enabled via the User folder, they must first be added as a user (have a user account created for them). This article will walk you through this process as well as cover the following:
Users are highly advised to create user accounts for students and staff en masse via the User Account Batch Wizard.
If you cannot access Tool Rights, Calendar Rights and/or User Groups you are not assigned a user security role. To gain access, please contact your system administrator as they are responsible for assigning security roles to Campus users.
Creating New Users (User Accounts)
Before a user account can be created, the user must first exist as a person (click here for more information on adding a person to Campus). Once a person exists in Campus, they can then have a user account created.
To create a user account, use the Add User Account tool.
To generate student and staff accounts en masse, please refer to the User Account Batch Wizard.
Modifying User Accounts
PATH: System Administration > User Security > User > User Account
Search Term: User Account Information
Individual user account information can be viewed and modified on the User Account tab.
For more information about user account passwords, see the Managing User Account Passwords article.
User Account Tab Fields and Buttons
Field | Use and Definition |
---|---|
Password | To reset the user's password, select the Reset Password hyperlink. For more information on establishing, resetting, and managing passwords within Campus, see the Managing User Account Passwords article. |
Login As User | The Login As User button allows a user log in as another user for the purpose of troubleshooting, testing and/or verifying properly assigned user rights. The Login As User button only appears for users who have equivalent or greater tool rights than the user they want to log in as and is only available with the Student Information System or Student Information System - Login as User security roles. For more information about this feature, see the Login as User Feature article section. Users are only allowed to login as another user once per Campus session. Users with a Student Information System Product Security role are allowed to log in as a user with a Student Information System - Login as User Product Security Role but once they have logged in as that user, they cannot use that user account to then log into another Campus user account via the Login as User button on the User Account tab. Users with a Student Information System - Login As User role are prohibited from logging in as another user with the Student Information System - Login As User role. This behavior was put in place to ensure users do not jump from one user account to another. The Administrator selecting this button MUST have calendar rights for the school listed on the other user's (person being logged into) District Assignment page. |
User Rights Summary | To access a comprehensive view of all tool rights the user has been granted within Campus (including tool rights granted via User Groups), click the User Rights Summary button. A window will appear, asking you to generate the summary in HTML or CSV format. Select a format and click the Generate Report button. The User Rights Summary Report will appear in a separate window (see image below). You can expand tools to view additional tool rights and sub-rights. You can also hover the mouse cursor over a tool to see exactly how the user was granted rights to the tool (granted by tool rights or granted by a group). You will only see tools for which the user has been granted access within Campus. |
Reset Account Settings | Selecting the Reset Account Settings button will clear all trusted devices tied to the person's account, requiring the user to reestablish each device as a trusted device when logging into Campus. For districts using two factor authentication, selecting this button will reset the user's two factor authentication configuration, requiring them to establish a new trusted device and log in using an Authentication app. See the Login Security Settings article for information about two facto authentication. This button will also reset the user's account recovery email address, requiring them to enter a new recovery email address the first time they log into Campus after this button has been selected. This button will only appear for user accounts which have an Account Security Email address established in Campus and/or the Parent Portal. A person's Account Security Email is used to recover a forgotten username or reset a Campus password when the Forgot your password? or Forgot your username? options are selected on the Campus login screen. The Account Security Email is set in the Account Settings tool (found in both Campus and the Parent Portal). |
Username | The user name the individual uses to log in to the Campus system. |
Password | The password the individual uses to log into the Campus system. See the Managing User Account Passwords article for more information. |
Force Change | If flagged, this checkbox indicates the user will be required to update his/her password at the next login. |
All Calendars | This checkbox was removed in Release Pack .1813. Calendar Rights for a user are entirely controlled and assigned via the Calendar Rights tab. To assign a user All Calendar rights, on the Calendar Rights tab, set the School to 'All School' and the Calendar to 'All Calendars'. See the Assigning Calendar Rights section below for more information. |
Expires Date | If a date is entered in this field, the user's account will expire on 11:59 PM of this date. This tool is often used to automate account management for temporary staff. |
Homepage | This field indicates which interface the user name and password allow access to:
|
Disabled | If flagged, this checkbox indicates the user will not be able to access his/her account, even if the proper credentials are entered. |
Exclude from Multi-Factor Authentication | This preference allows you exclude individual user accounts from requiring Time-based Two Factor Authentication (when enabled). This option should only be used when absolutely necessary and only applied to the least amount of accounts necessary. |
Time-based Two-Factor Authentication w/Enhanced Security | As an increased layer of protection for Infinite Campus accounts, all non-Campus Portal user accounts can be enabled with device-based two-factor authentication functionality. When enabled, users are provided a unique QR code and Text Code which requires them authenticate their account using a device and an authenticator application (such as Google Authenticator, Authy, LastPass, etc). If you experience any issues authenticating, know that your device must be in-sync with the actual time in order to authenticate. Compare the time showing on your device to the actual time (https://www.time.gov). If time on your device is out of sync, you can correct this in your device's Date & Time settings. In your device settings, you will likely have the option to enable your device to automatically sync the date and time. Alternatively, if you use Google Authenticator for Android, you can also try the Time Sync (https://support.google.com/accounts/answer/2653433) feature. To enable this feature:
Device-based two-factor authentication is now enabled for this user account. Once enabled, the next time the user attempts to log into Infinite Campus they will see a screen displaying a unique QR Code and Text Code. Using a device (such as cell phone), the user must download an authenticator app (such as Google Authenticator, Authy, LastPass, etc) and use the app the scan the QR Code or enter the Text Code. This will register the device and tie it to their Campus account. Once they have scanned the QR Code or entered the Text Code in the authenticator app, the app will display a code. Enter the code from the authenticator app into the field on the Campus login screen, mark the Recognize this device in the future checkbox, and click Continue (see image below). The user will be logged into Campus. Based on the frequency of when they need to authenticate (30 minutes, Day, Week, Month), the user will need to access their authenticator app on their registered device and enter the code displayed in the authenticator app into field on the Infinite Campus login screen. Users should mark the Recognize this device in the future checkbox and click Continue. If the code they entered is correct, they will be logged into Campus. |
PIV Card Authentication | The Enable PIV Authentication field enables or disables the ability for the user to register and use a PIV card to log into Infinite Campus. Note: This field is only available if the Enable PIV Authentication field in Login Security Settings is set to Yes. For a walkthrough of the PIV Authentication registration process, see the following articles:
|
Modified by | This indicates the last person to modify the user's account and the date and time in which the change occurred. |
Created Date | This indicates when the user account was created. This date is populated by any method used to create the user account (e.g., student/staff automation, imported new user, Quartz job, etc). This field is also available within Ad Hoc Reporting. |
Authentication Type | This field determines how the user is required to authenticate and log into Campus. Users are forced to either log in using:
The default value in this field is set via the Authentication Type Droplist Default preference found in System Preferences. This field is only available if SAML SSO authentication and/or LDAP is enabled for your district. Please note that when setting a User Account to "Allow Only SAML Authentication", Cafeteria Serve only authenticates with a local Campus or LDAP account and the Schedule Wizard will authenticate with a SSO enabled account but requires a re-login to open a saved trial. For more information about SAML SSO functionality, see the SAML Management article. For more information about LDAP, see the LDAP Authentication article. The value set in this field determines the method the user users to log into Campus (click image below). |
Product Security Role Assignments | Product Security Roles determine whether a user may assign Tool Rights to other Campus Application users. Product Security Roles are assigned to users on each person's User Account tab. |
Understanding Security Role Assignments
Product Security Roles determine whether a user may assign Tool Rights to other Campus Application users. Product Security Roles are assigned to users on each person's User Account tab. For a detailed explanation of each role, see the following articles.
Assigning Calendar Rights
As of Release Pack .1813, users can no longer assign All Calendar rights via the User Account tab. Calendar rights are now entirely assigned and managed via the Calendar Rights tab per user and/or user group. This change streamlines calendar rights to a single place and ensures tool rights and calendar rights work together properly when allowing users access to tools and what data they are allowed to see or access via these tools.
To grant calendar access which mirrors the access granted via the previous All Calendars checkbox (access to view and modify all data within all calendars in the district), provide the user with Calendar Rights where School is set to 'All Schools', Calendar is set to 'All Calendars', Year is set to 'All Years', and the Modify Rights checkbox is marked (see image below).
See the Calendar Rights tab article for more information.
Calendar Rights Information in Ad hoc Reporting
Calendar Rights information is available in the Query Wizard for Census/Staff Data Types in the Person > Campus Usage > User Account/Summary > Calendar Rights.
Ad hoc Reporting Calendar Rights Fields
Information reports data from the UserSchoolYear Rights, UserGroupSchoolYearRights and UserGroup tables with the following fields:
- userID
- personID
- groupID - data does not return for UserSchoolYearRights records
- groupName - data does not return for UserSchoolYearRights records
- School - when schoolID is not null, the name of the school reports; when schoolID is null, All Schools reports.
- Calendar - when calendarID is not null, the name of the calendar reports; when calendar is null, All Calendars reports.
- ModifyRights - when marked on the User Account tool, reports Yes; when not marked, reports No.
- ReadOnly - when ModifyRights is marked, reports No; when not marked, reports Yes.
- CloseMonthRights - when marked on the User Account tool, reports Yes; when not marked, reports No.
- Owner Rights - when marked on the User Account tool, reports Yes; when not marked, reports No.
Identifying a Person's Campus Portal Username
You can look up a person's Campus Portal username by going to Census > Person > Demographics > Person Identifiers > Portal Username. This may help when troubleshooting issues such as assisting a person who forgot their username .
Related Tools
Tool | Description |
---|---|
Account Security Preferences | This tool allows you to control various functionality such as resetting of passwords, restricting the ability for Product Security Users to log in as other people, auditing of users, and the automatic creation/disabling of student and staff accounts. |
User Account Batch Wizard | This tool allows you to batch create student and staff user accounts using the census email address or a username patterns, enable student and staff user accounts, disable student and staff user accounts, or force a password reset for student and staff user accounts. |
User Account Automation Log | This tool allows you to view detailed information about user account username modifications, user account creation failures, and accounts automatically disabled via preferences set in the Account Security Preferences tool. |
User Group Report | This tool provides high-level and detailed information about which user groups exist, all tool rights and calendar rights assigned to each user group, and which user groups are assigned to which Staff Account Automation rules. |
Product Security Role Report | The Product Security Role Report provides a list of all users who have been granted specific Product Security Roles. |