Users



Overview

Overview

Users allows you to add new users, edit existing users, lock/disable users, and define user roles in order to complete necessary functions within MySchoolApps. You may also select Manager Users from the Administration Home page.

During initial configuration of the system for your District, Heartland School Solutions (HSS) will add one (1) initial District user designated as the administrative contact in the original service sign-up sheet.  This user will be assigned to the District Administrator Role to allow full administration of the District settings in the admin interface.  When this user is created, an email will be sent to the user's email address prompting activation and login to the account.  In order to maintain security, the user will be forced to change their password immediately upon account creation.  An HSS representative will contact you within two (2) days of this account creation in order to guide you through the remainder of the initial setup for your District.

Your user must be a member of the 'District Administrator' role in order to manage/view Users.  If you do not have the proper permissions, please consult a user in this role for further assistance.

From the MySchoolApps homepage, click on Manage Users or click Users at the top of the site window.



Add New User

Additional District users can be added at any time in the admin console and you may add as many users as you wish.  However, in keeping with security best practices, HSS recommends that you limit the number of users within your District with the District Administrator role.  In general, you should only add a user to this role if the user needs administrator capabilities on a day-to-day basis.

  1. In the Manage Users window, select Add New.

  2. Enter User Account information.  Then, click Add User.
    Username - The username must be at least 5 chars, no spaces, alpha/numeric/underscores, and periods only.
    Email Addresses - Using a District email address is very important since all alerts, password resets, and other automated emails are sent to this address. Email addresses for District users must be a District sanctioned email addresses. Do not use addresses such as yahoo.com, gmail. com, or any personal email address.
    Note: It's important to be sure your email address is up-to-date to ensure you receive any system alert emails, such as pending application alerts.

    Best Security Practice - Best Security Practice User roles allow the District to set certain levels of access to limit employee access to certain areas of the admin interface in the system. The application currently supports two (2) roles for District user accounts: District Administrator and District Employee. HSS recommends limiting access to the District Administrator role to only a few of your District users as most day-to-day functions can be performed by users in the District Employee role. In most situations, you should probably assign no more than two users to the District Administrator role. By following these best security practices, you allow for one primary admin and one backup admin in case of an emergency.

    Permissions - Please refer to the Permissions table below step #3 to understand which permissions apply to each role.

    District Name - The District name in which the user belongs (Not editable).
    Username - Enter a unique username (required).
    Job Title - Enter a job title for the user.
    Email Address - Enter the user's District email address. (Required)
    Role - Use the drop-down menu to select a role for the employee. (Required)
            District Administrator - Allows complete permissions over the application settings for the District, including the ability to disable the application for the entire District and add new users.
            District Employee - Allows the user limited permissions within the MSA application site.

  3. Once a user account is created, an email will be sent to the email address specified during creation.  The user must click on the link in the email in order to activate and change the temporary password assigned to the account.  Once this step is completed, the user's account is fully active and they can login at any time.

    Avoid Spam Filter Issues with Automated Emails - All automated emails sent from the system will use the sender noreply@myschoolapps.com. Admins and parents (applicants) should be aware of the sender and subject of the email in case it is accidentally marked as spam in their email client. In most situations where a user has not received the email, this is the actual cause of the delivery failure. Please be sure they check their spam or junk folders for the email and then mark it as OK going forward in order to resolve the issue.

Permission

District Administrator Role

District Employee Role

View/Edit Users

Change Own Password

Edit Global District Settings

View Global District Settings

View/Edit District Application Settings

Create Kiosks

Attach/Detach (Edit) Kiosks

View District Kiosk Settings

View/Edit Schools

Reports : Mark Applications For Re-download

Reports : Search/View Submitted Applications

Editing Global District Settings: Editing of Global District Settings such as TimeZone, Integration ID and District Name can only be performed by HSS personnel. These settings are obtained and configured during the initial setup and in most cases should never be edited. However, if a change is required please submit a support case to initiate the change request.


Editing Users

You can edit a user at any time to view/change the user's email address, role, status, or password.

  1. From the Users tab, locate the correct user and click Edit.

  2. Make any necessary changes to the user's account. Then, click Update.
    Brute Force Account Autolock - The application enforces "user account locking" security measures to help prevent dictionary (guessing) attacks on the user accounts. After 3 invalid login attempts the user will be forced to enter their login information and solve a reCAPTCHA. After 6 invalid login attempts, the user account will be locked automatically by the system. In order to unlock an account, a user with District Administrator role privileges must log in to the system and visit the Users Edit section for the locked user and reset them to active.

     

Job Title - Enter a job title for the user.
Email Address - Edit the user's District email address. (Required field)
Role - Use the drop-down menu to edit the role for the employee (if applicable). (Required field) *See role definitions under Add User.
Status - Indicates the status of a user's account. Use the drop-down menu to select a status.
        Active - The account is ready for use.
        Inactive - The account has been created; however, cannot be used until the email activation has been completed or the user no longer requires access.
        Locked - The account has been denied access to the site indefinitely unless an administrator releases the lock.
Password - Click Change Password to enter a new password in cases where the current password is not working.


Locking/Disabling Users

There may be times when a user account needs to be disabled from use.

  1. From the Users tab, locate the correct user and click Edit.

  2. In the Status option, use the drop-down menu and select Locked. Then, click Update.


Unlocking Users

There may be times when a user has locked themselves out of their account or needs their account re-enabled.

Brute Force Account AutoLock

The application enforces "user account locking" security measures to help prevent dictionary (guessing) attacks on the user accounts.  After 3 invalid login attempts the user will be forced to enter their login information and solve a reCAPTCHA.  After 6 invalid login attempts, the user account will be locked automatically by the system.  In order to unlock an account, a user with District Administrator role privileges must login to the system and visit the Users → Edit section for the locked user and reset them to active.

Security Note

Autolocking of accounts is not a foolproof method of user security.  Please ensure that all user accounts are using secure, complex passwords and user accounts are not shared between different employees.  Regardless of the security practices, there is no substitute for a strong secure password.

  1. From the Users tab, locate the correct user and click Edit.
    Locked User Accounts - Users whose accounts have been locked show a Locked status in red

     

  2. In the Status option, use the drop-down menu and select Active. Then, click Update.