User Management
Any user in your organization with "Staff" access can reach the Database Admin site and manage your users. To access this page, at the bottom left of any page go to the user directory and choose "Database Admin."
Once on the Django administration page, find the "Users" link (at the time of writing this is at the very bottom of the page). Clicking this link will display a list of all users in the system and allow you to add, change, or remove them.
Creating Users
Initial Super User
A clean installation of Xylok has no default users and the command line must be used. This command liner user creation process also allows a system to be rescued if all user accounts have been locked out.
To create a new super user, log in to the command line of the host system, run the command below, and follow the prompts:
/opt/xylok/create-superuser.sh
The email is only ever used by Xylok to send password recovery emails--use a fake email address if not needed.
Additional Users
From the user admin page, click the "Add User" button in the top right.
Resetting Passwords
For on-premises systems the email password reset feature will not work. Instead, a staff user can reset a user's password manually. If all staff members have locked themselves out, the password can be reset using the command line.
This method allows you to set a password which could violate your normal password rules.
To reset a password, find the user in the Django administration page and click them. Change the password in the password input, scroll to the bottom, and click Save.
Disabling Users
For users who only need occasional access to the system, a staff user can enable/disable them as needed (this may be useful for the Xylok LLC users).
To toggle status, go into the user's page in the Django administration and toggle the user's "Active" status:
Permissions
Xylok user permissions can be managed by system administrators via the Database Admin. To access it, click the user menu and choose "Database Admin".
From there, choose "Users" or "Groups" in the main in list of items. Clicking a user will allow you to control several permissions for a user:
- Active: If enabled, allows the user to log in to Xylok.
- Staff Status: If enabled, allows the user to view this Database Admin site.
- Superuser Status: If enabled, gives the user all permissions within Xylok (including adding users, changing passwords, etc)
- Groups: Allows permissions to be managed at a group level, if you have a larger organization.
- User Permissions: Allow the user to perform specific actions within Xylok. Hold down the Control key while clicking items in this list to select multiple. In general, we would recommend the following basic permissions for most users:
- All the "Clients" permissions
- All the "Results" permissions
After choosing the permissions you want for the user, click the Save button at the bottom of the page
Client Permissions
Access to Xylok Clients can be restricted to certain User Groups. Once Groups have been created via the Database Admin page, go to the Client Details within Xylok. From there, go to "Options" -> "Client Settings". There will be directions to enter a list of the User Groups that will be able to access this Client in Xylok:
Xylok Users
Older Xylok installations may have some built-in users that come from Xylok, LLC. These accounts were used internally to the Xylok Scanner. They are disabled by default to lower any security risk they might pose. The current list of these users is:
- traherom
- batchman
- pridgeon
These users may be removed if not needed.