====== Password management ====== :!: To create new accesses in the user administration or to change existing ones, you need supervisor rights in Pcc. With password management, Pcc offers you the option of granting individual users different access rights to individual functions. You can access this via **//System/Password management//** to access the main menu for this function. {{de:einstellungen:passwortverwaltung:2018-07-02_08h53_30.jpg|}} When creating passwords, we differentiate between **//individual accesses//** (1) and **//access groups//** (2). Old accesses are [[en:einstellungen:passwortverwaltung:passwortverwaltung#zugaenge_aendern_loeschen|deactivated]] and remain in the list (3). This is the only way to allocate movements in the past. You also have the option of defining basic settings (e.g. automatic logout after a certain time, etc.) (4). :!: Please note that the password query must be switched on due to the cash register guidelines. ====== Create individual access/password ====== An individual access is created if you want to give a person individual rights. TIP If you have several employees who should have the same authorisations, work with [[en:einstellungen:passwortverwaltung:passwortverwaltung#zugangsgruppe_anlegen|Access groups]]. Use the button **//New//** button and select the desired option (single access or new entry as a copy of the selected one). {{de:einstellungen:passwortverwaltung:2018-07-02_09h00_02.jpg|}} In the following dialogue, the required settings are made to define the access rights for the employees. {{de:einstellungen:passwortverwaltung:2018-07-02_09h01_35.jpg|}} =====Authorisation===== - Define a password for each employee after entering their name and abbreviation. The newly created user can enter their own password the first time they log in. To do this, activate the function **//Must change password//** (5). - Specify the account areas to which the corresponding user should have access. The authorised account areas are listed separated by a semicolon (semicolon). {{en:einstellungen:passwortverwaltung:pwkontenbereiche.png|}}\\ So that you do not have to store the archives individually, you can work with e.g. SALES;SALES/*;CLUB. This would give the employee authorisation for the Sales and all sales archives account areas as well as the Club account area. If you do not enter an account area, the employee has access to all account areas. - Now assign the individual access rights. Please note that you also have different setting options for the different categories. For example, there is the following selection for persons: \\ {{en:einstellungen:passwortverwaltung:pwpositionauswahl.png|}}\\ :!: If an access belongs to a group and should also have its authorisations, it is sufficient to leave the individual categories set to "according to group". You can find a description of the restrictions for the individual settings below in the chapter [[en:einstellungen:passwortverwaltung:passwortverwaltung#einstellung_der_zugangsrechte|Setting access rights]] - Passwords can also be assigned for a limited period of time. Define the time frame in which the access should be active. - If an employee leaves the company, deactivate their password here. You should not delete the password under any circumstances, as otherwise all bookings made by the departing employee will be set to N.N. According to the cash register guidelines, it must remain visible who made the entry. =====Special===== PC CADDIE's password management allows you to customise individual passwords. There are a number of special functions and blocks (e.g. for individual fields etc.) which can be stored under Special. These additional restrictions allow you to block individual specific fields for editing (an example of this could be the membership field in the person mask). You can find out more about this in the chapter [[en:einstellungen:passwortverwaltung:passwortverwaltung#besonderes_einschraenkungen|Specials/Restrictions]]. {{de:einstellungen:passwortverwaltung:2018-07-02_09h04_58.jpg|}} The [[en:online:infodesktop:infodesktop|]] can only be activated by the supervisor. =====Groups===== Define the group(s) to which the selected access should belong. The advantage here is clearly the standardisation of rights and the time savings compared to the individual system. {{de:einstellungen:passwortverwaltung:2018-07-02_09h16_52.jpg|}} You can find out more about this topic in the chapter [[en:einstellungen:passwortverwaltung:passwortverwaltung#zugangsgruppe_anlegen|Creating an access group]]. =====CRM\DMS===== {{de:einstellungen:passwortverwaltung:2018-07-02_09h06_41.jpg|}} - If a task is created for a specific group, you can specify here which of these group entries should also be displayed for this individual employee. - If the employee opens a new CRM\DMS entry, this entry should be created or made visible for the corresponding person or group by default. - The Windows rights settings allow Pcc to access Windows with different authorisations than the logged-in user. This can be an advantage if, for example, form letters need to be created that are located in a folder to which the logged-in user does not have access via the Explorer. =====Details===== {{de:einstellungen:passwortverwaltung:2018-07-02_09h11_46.jpg|}} - This information is primarily informative. However, they become important if, for example, you have licenced mail dispatch via PC CADDIE. You can configure the template so that the data entered here automatically appears in the mail. To do this, the commands for the name, for the e-mail address and for the direct extension. - If available, assign the corresponding timetable area to the access [[en:timetable:bereichebearbeiten:bereichebearbeiten|timetable area]] to the access. This is particularly important if you want to enter CRM appointments in your timetable. If you work with PC CADDIE time recording, also tick the corresponding box. - An absence message can be stored for each access and a deputy can be defined. This information is visible in the CRM system and in the timetable. You need this option if you are going on holiday or will be absent for a longer period of time. This will ensure that no CRM/DMS tickets are transferred to you and remain pending until your return. If you become a deputy during your absence, you can enter this person here as a deputy. Your open entries will then be visible to your deputy and can be processed. - If you are working with waiter locks, you can see here which code the key of the corresponding operator lock has. [[en:einstellungen:programmeinstellungen:kassebedienerschluessel|operator lock]] has. ===== Create access group ===== The same principles apply to the creation of access groups as for individual access. If you want to assign rights to an individual access that do not correspond to the default settings of the access group (if one employee in a group should have more rights than all others, for example), change this directly in the individual access. These settings take precedence over the group rights. =====Authorisation===== The settings here are identical to those for [[en:einstellungen:passwortverwaltung:passwortverwaltung#einzelzugang_passwort_anlegen|individual access]] and apply to everyone assigned to the respective group. {{de:einstellungen:passwortverwaltung:2018-07-02_09h20_19.jpg|}} The functions of the individual settings are described below in the Access rights settings menu. =====Special===== The restrictions under special are created in the same way as those in the [[en:einstellungen:passwortverwaltung:passwortverwaltung#spezial|Special]] tab of the individual access, except that they apply to the entire group and not to one person. {{de:einstellungen:passwortverwaltung:2018-07-02_09h24_05.jpg|}} ======Setting the access rights====== How do I set the individual access rights? We have described basic information on the individual categories in the following table. For authorisations/blocks that only relate to individual functions or input fields in PC CADDIE, please contact our support team. Important: If an access is parameterised with "no", this "no" always has priority! Regardless of whether it is stored in the settings for the person or in those for a group, no is just no. So if individual persons (e.g. at reception) are to be given more rights than others, the corresponding setting (e.g. for sales) in the group (reception) must be set to "neutral" and the rights of the individual employees are given/denied directly to the corresponding person. The most frequently used special commands for additional rights or denials are listed under the description of the settings. These must be selected in the respective access in the //Special// tab. =====Supervisor===== |no |No access to the //password management// in the **System menu** | |according to group/neutral |No supervisor rights, unless it is set to "yes" in the assigned group | |Yes |In the **System menu** Access to password management. Has all authorisations. | =====Persons===== |no |Can be in **Persons menu** menu and therefore has no rights to view personal data | |according to group/neutral |Group setting counts. | |everything |May do everything in/with the persons | |restricted |In the **Persons menu** menu, access to //Send SMS, the CRM todo and daily list, the duplicate check and to the// and to the //automatic assignment of playing rights// is blocked. In the **person mask** the tabs //2. address, bank, info and memo// are deactivated. The feature 02 //Membership// cannot be edited. The date of birth and the date of joining and leaving are hidden. The buttons //Copy, ASG/DGV card, Select no., Letter salutation// are greyed out, the button //Online// button is greyed out, the release of the cross-linking function //Event, Checkout, Timetable// are dependent on the corresponding settings. | |only create new |In the **Persons menu** menu is the access to //Send SMS, the CRM todo and daily list, the duplicate check and to the// and to the //automatic assignment of playing rights// is blocked. In the **person mask** the tabs //2. address, bank, info and memo// tabs are disabled; the date of birth and the entry and exit dates are hidden. The buttons //Change, Delete and Copy// are greyed out, the button //Online// button is greyed out; the release of the cross-linking function //Event, Checkout, Timetable// are dependent on the corresponding settings. | |Create new, names only |In the **Persons menu** menu, only access to //scorecards (print) and e-mail// is available. In the **person mask** are the tabs //Address, 2nd address, Bank, Info and Memo// tabs are deactivated; the date of birth and the entry and exit dates are hidden. The buttons //Change, Delete and Copy// are deactivated; the button //Online// button is hidden; the release of the cross-linking function //Event, Checkout, Timetable// are dependent on the corresponding settings. | |look |In the **Persons menu** menu, you only have access to Check association card, Appointment window (open only), Telephone & fax message, E-mail (Supermailer not available) and FTP export. In the **person mask** the tabs //Address, 2nd address, Bank, Info and Memo// are deactivated; the date of birth and the entry and exit date are hidden. The buttons //New, Change, Delete, Copy// are deactivated; the buttons //Print, Word/Export and Online// buttons are hidden. | ====Special restriction==== ^ Command in the tab //Special eintragen://^Was causes this^What must be set| ^ PEED_NOCODE|Member number should be unchangeable|t.b.a.| ^ PEED_GEBD3|still be able to see the date of birth|restricted| ^ PEED_ALL3|All 5 personal tabs should also be visible to users with restricted rights (otherwise only the first two tabs are visible). | restricted | ^ PEED_GEDIT3|This makes guests editable, even if the rights for the logged-in user are restricted to "Create new only". | Create new only | ^ PEED_NOMERK03|Feature 2 (membership) can be viewed but cannot be edited. This setting can be extended to features 3 and 4 accordingly.|restricted| ^ PEED_HIDEMERK03|Feature 2 (membership) is completely hidden, even for print functions. This setting can be extended to features 3 and 4. There is no guarantee that someone will not still be able to access the data.|independent| ^ PEED_SECUINFO7|Additional blocking of the corresponding line in the tab **//Info tab//** tab (of additional fields e.g. caddie box etc.) possible (field 7 in the example).|independent| ^ PEED_INFO07|To be entered for certain users or locations so that the corresponding info can be edited for these users or workstations.|independent| ^ PEED_NOGROUPEDIT| so that additional information cannot be edited.| ^ SECU_IMMER_GEBD|The line with dates of birth, entry and exit can be edited despite restricted rights for persons.|t.b.a.| ^ PEDR_SECUALL|Print list. Personal rights are also sufficient, but nothing underneath such as "Create new"|t.b.a.| ^ INFO_ALL|The info window (with current information from the intranet, birthdays, etc.) is also displayed for employees who do not have full access to person management.|For personal rights below "All"| =====CRM===== |No |In the **Persons menu** there is access to the //Appointment window//but it cannot be edited. The alarm window opens for information, but can only be closed. The options //Todo list// and //daily list// options are locked. In the **Settings menu** under //Programme settings// access to //CRM settings// is blocked. In the CRM window in the **person mask** only the button //options// button is locked. All other functions are visible and can be edited/printed | |according to group / neutral |**Group setting counts.** | |Yes |Access to all functions in the CRM system except the //basic settings//these are locked. In the **Settings menu** under //Programme settings// access to //CRM settings// is blocked. | |Restricted |In the **People menu** there is access to the //Appointment window//but it cannot be edited. The alarm window opens and can be edited. The options //Todo list// and //daily list// are locked. In the **Settings menu** under //Programme settings// access to //CRM settings// is blocked. In the CRM window in the **person mask** only the button //options// button is locked. All other functions are visible and can be edited/printed __What is the difference to no__ ???| =====Handicaps===== |no |No access to the master data sheets. In the **Handicaps menu** only the print for //Player of the year// and //CR table// and the function //Calculate all master sheets// activated. If the release for //Persons// is set to ALL, the print //HCP master sheet// and //handicap list// will be released. If the release at //Tournament// is set to YES, the print //Handicap changes// and the function //Tournament completion// function are also enabled. In the **person mask** you can activate the //intranet synchronisation// and the HCP can be changed. | |according to group / neutral |**Group setting counts.**| |Yes |May do anything with the HCPs in accordance with association regulations. | |restricted |Access to the master data sheets, but existing entries cannot be edited and the button //cancellation// button is greyed out. If the release for //Persons// is set to YES, the **Handicaps menu** all functions except //Delete master data sheet entries// are enabled. | ^ Command in the tab //Special eintragen://^Was causes this^What must be set| ^ EDS_SECUALL|All employees, regardless of PW rights, can print and enter EDS.|t.b.a.| =====Turnover===== |No |In the **Turnover menu** menu, only the user statement can be printed. In the **person mask** the buttons //Sales account// and //discount// are hidden and the cross links //checkout// is blocked. No access to any other account area. The checkout and all options in the **menu Items** menu are blocked. | |According to group / neutral |**The setting in the respective group is decisive.** | |All |In the **Sales and Items menus** menus, all functions are enabled. In the **person mask** the cross links //cash register// is blocked and there is no access to the cash register. If under //Accounts// nothing is entered, access to the other account areas is possible.| |Restricted |In the **Turnover menu** menu, access to the functions //Automatic contribution allocation//, //Year-end closing (with all sub-functions)//, //cash register//, //daily closing// and //Old closing detailed//, //Card payment and credit// blocked. In the **person mask** the cross links //cash register// is blocked. In the **Article menu** the function //Item with stock 0// is locked. //Button// Discount in the payment window: this access is given by default - this can still be varied with special parameters (see table below). If under //Accounts// access to the other account areas is granted.| |View |In the **Turnover menu** menu, the functions //Automatic contribution allocation//, //Subscription list//, //Voucher list//, //Read disc//, //Budget//, //payment interface// and //cancellation of the direct debit//, //accounting export//, //annual accounts// (with all sub-functions), //contribution types and articles//, //cash register//, //daily closing//, //Old accounts detailed//, //List of price changes//, //Post open customers to account//, //cash register log//, //cash book// and //card payment and credit// blocked. In the **Article menu** menu, all functions except the printing of //labels// and the //small item sheet (in this menu you can/may switch to e.g. item list)// locked.| Settings that relate to the articles: {{tablelayout?rowsHeaderSource=Auto}} ^ Command in the tab //Special tab:// ^ What does this do? ^ What must be set ^ ^ ARED_EDITLOCK | Editing of articles is generally blocked. Therefore, use this command for specific persons or areas | t.b.a. | ^ ARED_VIEW3 | the article can be viewed but not edited | view only | ^ ARED_NOTNEW | New creation of articles not possible | Yes | ^ ARED_NOTNEWFG | No new articles can be created and no new colour/size combinations for additional sub-articles can be added to existing articles | t.b.a. | ^ ARED_NONEGVAL | No negative stock change possible in the edit mask | t.b.a. | ^ ARED_DELNOTEFORCE | Stock changes can only be made with delivery note | t.b.a. | Settings that relate to the cash register: ^ Command in the tab //Special eintragen://^Was tab causes this ^What must be set| ^ KASS_STORNO3 | Despite restricted rights, the ARTICLE can still be cancelled in the cash register |only look| ^ KASS_RGSTORNO3 | Despite limited rights, the INVOICE can still be cancelled in the cash register |look only| ^ KASS_RABATT3 | Discounts can be given despite limited rights |look only| ^ KASS_RABATT1 | Discount button in the payment window only appears with full access |Yes | ^ KASS_ABSCHLUSSALL | Daily closing may be carried out by all operators|t.b.a.| ^ KASS_AUTOLOCK:300 | The cash register is automatically locked after the defined time; in this example, the password request window appears after 5 minutes, :300 (seconds) = 5 minutes |t.b.a.| ^ KASS_NONEG | Prohibits negative entries in the cash register |look only | Settings that relate to the contribution account: ^ Command in the tab //Special eintragen://^Was tab causes this ^What must be set| ^ BEED_NOTNEW | No contributions can be created in a contribution area |t.b.a.| ^ UMSA_PRNTSECU2 | In order to be able to print sales statistics, you must have at least the "RESTRICTED" right for SALES. Persons who have only set "view" in the password management for UMSATZ will receive an error message => No authorisation |t.b.a.| =====Cards===== |no |In the **Settings menu** under //Card system// only the vending machine control window can be opened but not edited. In the **person mask** the buttons //card// and //Lock// buttons are hidden. | |according to group / neutral |**Group setting counts.** | |Yes |In the **Settings menu** under //Card system// the vending machine control window can be opened but not edited, access to //Print card list// and //Print utilisation list//. In the **person mask** is the button //card// is visible but locked, the button //Lock// button is enabled and also grants access to the card history. Other special authorisations are controlled by parameters, see table below. | |Restricted |Card types marked with (*) are not displayed in the selection|| =====Tournaments===== |no |In the **Competitions menu** menu, access to all betting game functions is blocked. The //Course & Event module// can be opened and edited, the //leaderboard// and the print //simple start time list// is enabled. In the **person mask** the cross links //event// blocked| |according to group / neutral |**Group setting counts.** | |Yes |Free access to all betting game functions.| |restricted |In the **Betting games menu** menu, access to //Enter players/classify start list//, //Export tournament//, //Import tournament//, //Annual course statistics//, //Result messages// (under multiple tournaments and golf weeks) and //Participants for several tournaments// blocked. In the **tournament main screen** are the buttons //Change// and //Delete// buttons are greyed out. New tournaments can be created and existing tournament data can be copied in. Access to //players// and to the //entry fee//function is blocked. Results can be entered and the tournament can be finalised. Access to all print functions. Access to the settings in the buttons //Internet// and //Online// buttons is available. In the person mask you can access the multi-tournament nomination and print there (theoretically also the list of participants for several tournaments), but you cannot enter the player for tournaments. | ^ Command in the tab //Special eintragen://^Was tab causes this ^What must be set| ^ SPED_EDITDETAILS | Open the blue i for tournaments: If there is no access authorisation for opening the info via the "i" in the tournament, you can set this in the password management for the person via "Details" of the person that can open the i | In many cases, sales are restricted | ^ EVNT_SELECTFILT_GRP:DAG |Enable password only for certain tournaments, e.g. if a captain is only allowed to edit certain competitions (tournaments) with his password. You can find an explanation of how to do this here: {{ de:einstellungen:passwortverwaltung:anleitung_passwortverwaltung_turnierhelfer.pdf |}} |independent| ^ EVNT_SELECT_CLUB:0491234|For golf associations, it is possible to configure PC CADDIE so that the golf clubs that dial in can only select their own tournaments for editing - the golf club user IDs must simply be assigned the four-digit national club number.|independent| ^ EVNT_SELECTFILT_ACTIVE |Must be entered so that the password management for this special setting is active at all |Independent| ^ EVNT_SELECTFILT_DAYSFROM:30 |The number of days can be entered here to specify how far back processing is possible. In this case it is 30 days. |independent| ^ EVNT_SELECTFILT_DAYSTO:90 |The number of days can be entered here to indicate how far forward processing is possible. In this case it is 90 days. |independent| =====clubs===== |no |In the **Settings menu** under //Clubs+Courses// access is only available for //printing scorecards//, //importing club addresses// and //swapping clubs in the personal data// released. | |according to group / neutral |**Group setting counts.** | |Yes |In the **Settings menu** under //Clubs+Places// you have access to all functions. | =====Parameters===== |no |In the **Settings menu** under //Programme settings// you can access the options //Lockers and caddie boxes//, //Green fee booking//, //FTP transfer//, //Swiss-Golf-Network//, //Cash register quick selection//, //Edit print templates// and //Configuring the PC CADDIE interface// are available. In addition, the option //Additional information// Swap or delete assignment and //Assign identifier to person group// and the button //Print// button can be accessed.| |according to group / neutral |**Group setting counts.** | |Yes |In the **Settings menu** menu, access to the //password management// is blocked. Under //Programme settings// access to ALL functions is available. | |yes, with password assignment |In the **Settings menu** menu, all functions and sub-functions can be accessed. | ^ Command in the tab //Special eintragen://^Was tab causes this ^If what is set| ^ UPDA_SECUXTRAOK|By default, updates can only be loaded by persons with parameter authorisation. This parameter allows this for individual users| Parameter no | =====Timetable===== |no |In the **Timetable menu** the access is only to //hotel room//, //Area overview//, //to the new course and event module//, //print simple start time list//, //transfer players to cash register// and //employee overview// given. In the **person mask** the Timetable cross-links are blocked. In the| |according to group / neutral |**Group setting counts.** | |Yes |In the **Timetable menu** menu, access to //Reminder, automatic actions//, //Statistics//, //Set timetable rules//, //Timetable colour settings//, //Time Recording Administration// and //TT Self Service// locked. The functions //Edit areas// and //Edit timetable views// functions open, but cannot be edited. In the **Timetable** all functions except printing the //classic statistics// are enabled. These special authorisations are controlled by parameters, among other things (see table below). | |restricted |In the **Timetable menu** menu, the authorisations are analogous to NO. In the **Timetable** no start times can be booked, copied or moved. Via the button //Print// only the //booking list for this area// and the //bookings for one person// can be printed. In the **booking window** are the buttons //Book//, //Distribute// and //Post// hidden. **Question about the New button and the subsequent posting is with SK** | ^ command in the //Special eintragen://^Was tab causes this ^What must be set| ^ TIME_AREAS:ABCD|TT booking only possible in a specific area. ABCD must be replaced by the abbreviation of the TT area. You can also allow for several areas, then separate them with a comma|t.b.a.| =====Cash register===== |no |In the **Sales menu** menu, access to the cash register is blocked. The //operator billing// and the //payment terminal cash cut// can be made. In the **timetable** green fees can be collected. | |according to group / neutral |**Group setting counts.** | |Yes |If the release for //Turnover// is set to NO, the **Sales menu** menu, access to //Settle cash register// only for the //operator billing// and the //payment terminal cash cut// given. The functions //cash register log// and //cash book// are locked. In the **cash register** access to all functions including //Post deposits/payments// is available. The execution of //article or invoice cancellations// and access to the //articles// is blocked. No access to the //discount function// and to the button //Archive// button (under Repeat). The blocked accesses are set via VARIATIONS (see the various tables). | ^ Command in the tab //General tab eintragen://^Was tab causes this ^What must be set| ^ KABU_ACCESSINDIVIDUAL| Access cashbook individually configured, initially forbidden for all |and then for those in the password management in the Special tab who are allowed to do so: KABU_ACCESSACTIVE | Note: ^ |Place this command in the receipt layout so that the name of the registered person from the password management is also printed in a receipt or invoice | ====== Change/delete accesses ====== You should not delete a user in the password management but rather block access. Otherwise it will no longer be possible to trace who did what and when. Only the personal ID is saved in the database and not the real name. If a new user wants to be created with the same abbreviations that are already linked to an existing - albeit deactivated - account, you will receive a corresponding message from PC CADDIE. If an account has ever been deleted that had the same abbreviations as the new account, the new one will be stored in all places where the old person was previously linked. In particular, [[en:crm_erp:crmdms:crmdms]] users should never __not delete any__ delete users. The blocked users are labelled with a preceding "Z" or X in the password user administration. In addition, all open tickets of the person leaving can be transferred to another person. {{de:einstellungen:passwortverwaltung:2018-07-02_09h35_20.jpg|}} If you still have questions, please contact our support team.