Security: User IDs and User Roles
When you log on to your site, you accomplish several things:
These are all functions of the TroopWebHost security system.
Every member of your troop should be assigned a unique User ID and Password. This will happen automatically when you add a member record, whether by uploading from another system or by entering it from the New Scout Registration page.
Each User ID is linked to that member's account. This allows the system to display information specific to that person in the My Stuff menu.
Each User ID is also linked to specific User Roles. These roles determine what functions this user will see on his or her menu. Scouts will be initially assigned the "Scout" user role, and adults will be given the "Adult" user role.
If you are your troop's Site Administrator, you are responsible for assigning additional roles to each member. Be generous! The more members that can do a particular function, the more likely it is to get done.
User Roles
You determine how much each user can do on your site by authorizing them for one or more roles. Your system was created with a standard set of roles, which we will discuss on this page. Your site administrators have the ability to modify or delete these roles and add new roles using the Configure User Roles page.
Every scout should be assigned the Scout role. This gives them access to all of the information they will need to participate in troop activities.
Every adult should be assigned the Adult role. This provides similar access to the Scout role, plus the ability to view their scout's information.
Members will be automatically assigned to either the Scout or Adult role when you upload their membership records from another system or enter your roster through New Scout Registration.
The Site Administrator assigns user roles. Make sure you designate at least two site administrators so you have a backup!
The Adult Leader role should be assigned to all committee members and scoutmasters.
The Historian role allows a scout to take attendance, update the troop calendar, and upload photos and videos.
The Forum Moderator role allows a user to update and delete postings made on the Scout Forum.
The Event Planner can add, update, and remove events from the troop calendar.
The Membership role allows a user to enter new members and update existing member records.
The Rank Advancement role allows a user to sign off on requirements for ranks, merit badges, and awards. It also provides access to functions to manage your recognition ceremonies and to transfer advancement data to the BSA's Internet Advancement 2.0 site.
The Treasurer can create troop accounts, enter monetary transactions, generate financial reports, create budgets, and reconcile bank statements.
The Financial Review role allows a user to view all of the accounting information but not enter or update that information.
The Librarian can check in and check out library materials, and maintain the library inventory.
The Troop Equipment role allows the user to check in and check out troop equipment, and maintain the troop equipment inventory.
The Web Page Editor can edit the Home page and other custom pages..
The Guest role has the ability to view the calendar, but not sign up for events. Note that Guest users must still have a membership record; you may want to set up a dummy membership record for the Guest user acount with no more information than a name of "Guest, Guest". If you give the Guest user a user ID of "guest" it will not be subject to the normal restriction that prevents more than one user from being logged on with the same user ID at the same time.
Be generous with security! Make sure that at least two members of the troop are assigned to each role - especially the Site Administrator role. If you only have one site administrator and that person leaves the troop unexpectedly, your troop will be left with no one to manage the site's security.
You can view the menu items available to each User Role by going to Administration → Security Reports → Menu Security Report. You will see a report like the one shown below. For each menu item, it shows the user roles that are authorized for that menu item.
If the Access Level is Public, it means that any visitor to your site can view this page without logging on.
If the Access Level is All Members, it means that every user can view this page once they log on.
If the Access Level is Limited, it means that only those users who have been assigned one or more of the listed User Roles can view this page.
Adding or Updating a User
Users are added automatically whenever you add a scout or adult to your database, with the exception of merit badge counselors who are not members of your troop.
User IDs and passwords are generated automatically when you add a member using any of the following functions:
When users are created automatically, they are only given the most basic access permissions. Scouts are assigned the Scout user role and adults are assigned the Adult user role.
To modify an existing user, or to add a new user go to the Administration menu and select Users & Passwords. This will display a page like the one shown below:
This displays all of the User IDs currently set up for your troop. For each ID it shows the last time they accessed the site, and the number of pages they've accessed in the last 28 days. Click View Recent Access to see all of the pages accessed by this user over the last 28 days.
From here you may update a user you see on the list, or press Add a New Item to add a new user, either of which will bring you to the page shown below.
The User Login must be unique within your troop. Two users may not have the same User ID.
The Password must be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, and at least one numeric character or a special character.
The Membership Record is the member of the troop to whom this User ID belongs. Before you add a User ID you must first add this person as a member of your troop.
Click on the checkbox next to each User Role you wish to assign to this member.
Do not assign both the Adult and Scout user roles to the same user.
Be generous when assigning roles to users. The more members who can do a particular function, the more likely it is to get done.
Send Troop Members Their User IDs and Passwords
Once you are ready for other members of your troop to access the website, use this function to let them know how to log on.
Go to the Administration menu and select Send User IDs and Passwords. You should see the screen shown below.
The Subject will be the subject line of your e-mail.
Whatever you write in the Message box will be added to a system generated message that includes the User ID or Password, along with a link to a page that shows how to use the site. An example is shown below.
Click on the checkbox of each user to whom you wish to send this message. If you want to send it to the entire troop, click on the check box at the top of the grid.
Please note that everyone you send this message to will be required to change their password the next time they log on.
Press the Send button at the bottom of the page to send the message.
This is what the message will look like:
Automatically Send User ID and Password To New Users
The system can automatically generate an email to new users that will contain their user ID and temporary password, along with a link to this site.
This feature is turned off for new sites to prevent messages from going out before you are ready for the members to start using the site. Once you've loaded your roster and are ready for everyone to log on, you should use the Send User IDs and Passwords function to send an initial message to everyone with their site credentials.
But after the initial set-up is done, you can go to Administration → Automatically Send New User IDs to automate this process, as shown below. After you enable this feature, any members who are added after that point will receive the automated message with their user ID and password.
To enable this feature, put a checkmark in the box Automatically Send ID & Password To New Users?
The Email FROM Name is the name - not the email address - that will be displayed as the FROM name on the email that gets generated. You can change that to whatever you would like.
Similarly, you can change the Subject Line or Email Message to fit your unit's requirements.
Be sure to click Save to save your changes!
Deleting A User
When a scout or an adult leaves the troop you should delete their User ID to prevent them from continuing to access the troop web site.
To delete a user go to the Administration menu and select Users & Passwords.
Find the user you wish to delete in the summary grid, as shown below, and press the Delete button to begin deleting that user.
The system will display the page shown below to confirm that this is the record you wish to delete.
Press the Delete button on this page to permanently delete this User ID.
View User Permissions
You can view the roles assigned to an individual user from the User IDs and Passwords page, but sometimes it is helpful to see all of the users and the roles they've been assigned in one place.
There are two ways to access this information:
Go to Administration → View User Permissions to view all users and their assigned roles, as shown below.
Notice that you can sort this list by clicking on the column headings.
You can also print this list or open it in Excel using the buttons at the bottom of the grid.
The User Permissions Report contains this same information, as shown below.
To produce this report, go to Administration → Security Reports → User Permissions Report.
Security - Frequently Asked Questions
I tried to log on several times. I finally remembered my password and it still won't let me log on. Why not?
The site will temporarily lock out your IP address after a certain number of unsuccessful logins. This prevents hackers from writing a program to find a valid User ID and Password by trying lots of combinations.
Please wait a couple of hours and try again.
A number of us were trying to use the site during our weekly meeting, but now no one can log on. What happened?
If you were all using the wi-fi network at your meeting place, you were all sharing the same external IP address.
So if some of your members had trouble entering their passwords correctly, this could cause everyone on that wi-fi network to be locked out, as described above. Fortunately, those members who succeeded in logging on will still continue to be able to use the site.
We recommend that you caution your troop members not to attempt a second log on if their first attempt fails. Instead, they should wait until everyone else has logged on successfully before trying again.
Will the site automatically log me off if I'm not active for a period of time?
No. For your convenience, you will stay logged on until you close your browser or log off.
If you check the "Remember me at this computer" box when you log on, it will keep you logged on even after you restart your computer.
For this reason, you should always log off when accessing your web site from a shared or public computer.
Can I create a guest account that has very limited access?
Yes. You can create a User ID that is only given the role of "Guest". This User ID should not be linked to a Membership record.
A guest user will be able to view the calendar and photo gallery. They will not be able to send e-mail or sign up for events.
The default security settings for scouts and adults allow them to access some functions that we do not want them to have. Can this be changed?
Yes. You can change the security for any user role using the Configure User Roles function.
To modify the security settings for the Scout user role:
To modify the security settings for the Adult user role: