Accounts

Contents[Hide]

1. Overview

This article shows you how to add a new user account or an existing group account, and how to manage these accounts. Only administrators have permission to add and manage accounts.

2. Account types

  • Local user - A local user's credentials are stored and managed by Dundas BI.
  • Windows user - A Windows domain user can log on via Windows Authentication.
  • Windows group - A Windows group account lets any member of the Windows group log on.
  • External user - An external user can log on via federated authentication.
  • External group - An external group account lets any member of the external group log on via federated authentication.

3. Add a new account

To add a new user account in Dundas BI, first access the administration area from the main menu.

Expand the Account Service category along the left and click Accounts. On the Accounts screen, click Add New.

Go to the Accounts screen to add an account
Go to the Accounts screen to add an account

Tip
If you want to add many accounts at once, see the section below about importing account information from a CSV file.

Fill in the general details for the account, such as:

  • Account Type - Choose between a Local user, Windows user, or Windows group account. If federated authentication is enabled, you can also choose External user or External group.
  • Name - The name of the account (case insensitive).
  • Seat Type - Choose between the following license seat types:
    • Standard user - Can create views such as dashboards, reports, scorecards, and slideshows.
    • Power user - Can create data connectors, hierarchies, time dimensions, metric sets, and views.
    • Developer - Can do everything a power user can do, plus create data cubes and cube perspectives.
  • Seat Mode - Indicate whether this account has a reserved license seat or floating seat. This option is available only for user accounts. Windows and external group accounts assign a floating seat to any virtual user they create.

New account for a Local user
New account for a Local user

Expand the Options section for additional details for the account.

Expand Options for additional settings
Expand Options for additional settings

These include:

  • Culture - The default culture for this account. Must be a valid IETF language tag, such as en or en-US. This information is included in the configuration of Windows and external accounts, and can only be modified here for local accounts.
  • Time Zone - The time zone for the account.
  • Explicit Password Expiry Date - If set, takes effect instead of the Days Before Passwords Expire configuration setting. (The Password Never Expires option below takes precedence over the others.)
  • Allowed IP Addresses - An IP address or range that the user must log on from unless they log onto the server locally. (Available in Dundas BI 8 and higher.)
  • Active Project - The active project for the user account.
  • API Account - Indicates this account is used only for API calls and consumes no seats, with no access to the UI or data retrieval calls.

Tip
Uncheck Track Log On History when creating service or anonymous logon accounts to keep the log clean.

Click Application privileges to allow or deny access to specific functionality or UI elements.

Click the Save button at the bottom of the dialog to create the account and update the accounts list. Once the account is created, you can edit it to perform additional actions like assigning the account to groups.

3.1. Windows user and group accounts

When Account Type is set to Windows user or Windows group, you need to specify the Windows domain in the Name field, in the format <domain>\<username>.

New account for a Windows user
New account for a Windows user

The advantage of using Windows groups is that you don't have to create a separate user account manually for each and every user. When a user belonging to the Windows group logs on to Dundas BI (via Windows authentication) for the first time, a virtual user account is created automatically within Dundas BI. 

3.2. External user and group accounts

Account Type can be set to External user or External group when federated authentication is enabled. These accounts represent users that use an external application to authenticate to log on to Dundas BI.

When creating an external account, the Federated Authentication Providers setting is available after expanding the Options section. If you have multiple authentication providers and the account should only work with certain ones, uncheck Any Federation Provider and select the applicable providers in the list.

Editing enabled providers for an external user
Editing enabled providers for an external user

Like for Windows groups, you don't have to create a separate user account manually if you add an external group account. When a user belonging to the external group logs on to Dundas BI (via federated authentication), a virtual user account is created automatically within Dundas BI. 

Note
Dundas BI cannot refresh the group membership without the explicit authentication by the user. This may result in outdated user information being cached in Dundas BI, especially when it comes to scheduled notifications. You can adjust the refresh rate of this cache using the Federated Group Membership Cache Lifetime configuration setting.

4. View the list of accounts

Expand the Account Service category in the Administration area and click Accounts to see a list of the accounts in the system.

By default, disabled accounts and virtual user accounts are not listed - virtual user accounts are those associated with an external group or Windows group account. If you want to see disabled or virtual accounts, click to toggle that option in the toolbar. 

View the list of accounts
View the list of accounts

4.1. Edit an account

Click to select an account from the list and click Edit in the toolbar to open the Account Details dialog, which allows you to view or modify details for that account. Read-only information includes:

  • Account ID
  • Account Type
  • Created Time
  • Last Log On Time
  • Last Log On IP Address
  • Log On Count

You will also be able to:

  • Set the account's default view (the home screen or a dashboard that appears when the user logs on).
  • View and manage the account's active logon sessions and logon history.
  • Set the account's custom attributes.
  • View the effective custom attributes, those inherited by the account.
  • Add the account as a member of an existing Dundas BI user group.
  • Access the account's recycle bin and restore files (in Dundas BI version 11 or higher).
  • Manage the notifications created by the user.
  • Manage the files and folders in the user's personal project (i.e., My Project).
  • Promote a virtual user account to a regular user account.

Account details
Account details

4.2. Impersonate an account

When editing an account as described above in Dundas BI version 11 or higher, scroll to the bottom of the Account Details dialog to click to Impersonate the user. This allows you to confirm the access and experience set up for that user.

Impersonate a user account
Impersonate a user account

Tip
Besides using impersonation, administrators can also access the account's personal project, recycle bin, and other items from the Account Details dialog, and they can Transfer Check Out on a file from another user.

Take note of the warning that appears, including that changes you make as the other user will persist, and click to continue. Your current session will be suspended, and you will be brought to the home screen as the other user.

Impersonating another user
Impersonating another user

A message will now appear as a watermark at all times to remind you that you are impersonating another user. Once finished performing actions as the other user, log out from the main menu on the left to return to your original session as an administrator.

Impersonating sessions will appear with a distinct icon on the Active Logons and Logon History pages. Hover over the icon to see additional details.

Impersonated user session icons
Impersonated user session icons

4.3. Search for an account by ID

Every account has an ID (a GUID value) associated with it. If you only know the ID of a specific account, you can quickly search for the corresponding account in the Accounts screen by pasting the ID in the Search box.

Search for an account by ID
Search for an account by ID

5. Add another administrator

It is recommended to add each user that needs administrative privileges to the System Administrators group rather than sharing the credentials of a single account between multiple people. Any user can be made an administrator regardless of their seat type.

To add another Dundas BI administrator, first create the user account if not already added. Next, edit the account and click Member of to add it as a member of System Administrators. You can also edit the System Administrators group instead and click Members to add the account.

6. Upload accounts to add in bulk

In version 23.3 and higher, you can upload a CSV file containing account information in a compatible format to add multiple accounts at once.

Tip
Some other options to consider include federated authentication, adding accounts through the API, or creating a custom accounts provider extension.

When viewing the the Accounts page in Administration, drag the file from your desktop or another app onto the page. The columns that will be imported correspond to the ones included when you click Download to obtain existing account information as a CSV file, plus an optional Password column. All columns are optional except Account Name, as indicated in this list of typical columns:

  • Account Name(Required) The name entered when the user logs in, or referring to a Windows or external account name. If an account with this name already exists, it will not be imported and a warning will be displayed.
  • Account Type – One of the values of the AccountType enumeration corresponding to a type that can be created through the UI (e.g., LocalUser).
  • Display Name – The name displayed for a user to other users.
  • Password – The password for a user to enter to log in. If not specified for a user, a password will be auto-generated and the user will need to reset their password to log in.
  • Email – An email address to associate with a user.
  • Seat Type – One of the values of the LicenseSeatKind enumeration. The default value is StandardUser.
  • Is Seat Reserved – Corresponds to the Seat Mode setting for a user: TRUE if the seat is reserved, or FALSE for a floating seat. The default value is FALSE.
  • Tenant ID – Omit when not using multi-tenancy, to add accounts outside of any tenant, or (if you are a tenant administrator) to add accounts to your own tenant.
  • Culture – If provided, use the same format as the Culture setting when adding an account in the UI.
  • Direct Group IDs – If provided, the account will be added to each of the specified user-created or tenant administrator groups. If you are a tenant administrator, this applies only to groups within your own tenant.

Important
Be sure to specify Is Seat Reserved as TRUE if necessary depending on whether your license provides floating or reserved seats. For example, developer seats are generally always reserved.

If successful, the list of accounts will update to include the new accounts.

A dialog will appear if there are any warnings or errors. To view the full details about any warnings or errors, see the application logs.

7. See also

Dundas Data Visualization, Inc.
400-15 Gervais Drive
Toronto, ON, Canada
M3C 1Y8

North America: 1.800.463.1492
International: 1.416.467.5100

Dundas Support Hours:
Phone: 9am-6pm, ET, Mon-Fri
Email: 7am-6pm, ET, Mon-Fri