The Application User Maintenance frame allows you to create and manage the user accounts for the individuals who use the M5 System as a part of their job function within the fleet organization. It is important that system administrators take the time to carefully define user capabilities and assign them accordingly.
Proper management and configuration of Application User IDs means controlling user access to the parts of the system they need to perform their jobs while preventing access to parts of the system that are not within the scope of their position. Through the Application User Maintenance frame, you can accomplish this by properly defining their roles and security rights.
The majority of the application user’s capabilities are role-based. You can create and configure application user roles and edit privileges on the Role Maintenance frame. However, there are some additional items that you can customize at the user level once you create the Application User id.
Application User - The user name that the assigned user uses to sign in to the M5 System. This field has a limit of 60 alphanumeric characters.
M5 is a web application that runs in a browser, select the checkbox to allow the user web access to the system.
Note: When SAML Authentication is in use, the following values are ignored and should not be set on this frame:
Password - Password criteria depends on system flag settings. See the System Flags section for details.
Password Expire (days) - If passwords will expire, enter the number of days for which they are valid.
User can change password - Select the checkbox to allow the user to change their own password.
Force password change next login - Select the checkbox to force the user to change their password the next time they sign in.
To allow mobile access through a handheld device for MobileFocus, select the checkbox and enter a password.
Select the level of Adhoc access for the user:
None – No access.
Run Reports – The user is allowed to only run reports, not create them.
Create Reports – The user is allowed to create and run reports.
Report Admin – The user is allowed to create and run reports as well as have certain administrative rights on the Adhoc Query frame.
Adhoc Starting Folder - Allows each user to have a distinct starting point in the Adhoc report directory. The value specified will be appended to the value of the M5 Param for ADHOC_REPORT_PATH. The path must exist in order to specify this value on this frame.
Account Expiration Date - You can set an expiration date for the user account in this field. You can manually enter an expiration date or select from the Calendar icon.
User Role - Enter a valid role from Role Maintenance that corresponds to the users position or double-click in the field to select one from the List of Values (LoV).
Idle Timeout Minutes - The system will sign out the user after the number of entered idle minutes.
Pooled - Select the checkbox to pool a Crystal Enterprise User.
Crystal Enterprise User - Enter the Crystal Reports User ID, if applicable. Refer to the Report User Pool if pooling crystal users.
Crystal Enterprise User Password - Enter the user password.
Crystal Enterprise Output Path - Enter the output path for the user when they run Crystal Reports.
Stylesheet Directory - You can assign a custom stylesheet directory for the user.
HomePage - You can assign a custom home page for the user.
Logon Failures - Read-only field. Displays the amount of failed sign in attempts for the user.
Last Logon - Read-only field. Displays the date and time of the last sign in for the user.
Starting PMM Location Hierarchy - If using PMMs and the user has access, enter the beginning location hierarchy.
Name - This is a required field. Enter a name to identify the application user.
Unique ID - This is a required field. Each application user must have a Unique ID.
Employee No - Associates an application user with an employee from Employee Main. Certain functionality in M5 will look to see if there is an employee id associated with the application user as a way of defaulting the employee id in certain frames, such as Part Issue Request. The Name field automatically populates and is read-only.
Division - Enter if the application user is associated with a certain division within the organization.
Phone - Enter a contact number for the application user, if applicable.
E-mail - Application user email address. If entered, M5 automatically send emails to this address if this person runs any batch processes.
Department - Application user's department. Must be a valid department in M5. For use with the Screen Designer Unit control option on Work Request Query to search departments or department groups. Depending on the setting, the search functionality will look for the value entered.
Department Group - Application user's department group. Must be a valid department group in M5. For use with the Screen Designer Unit control option on Work Request Query to search departments or department groups. Depending on the setting, the search functionality will look for the value entered.
Override Locale - Allows the user to override the user's locale that is normally set by their browser setting or query string.
This section only displays if System Flag 5504 is set to Y. This functionality pertains to Commercial Work Order security and allows you to limit application users to only see data related to their assigned vendors from this i-frame. When the user enters or otherwise enters a vendor number that is not assigned to them on Commercial Work Order, they will receive an error if the entered vendor record is not assigned to them.
See Application User Copy and Application Password Change for additional details.
5060 - Minimum Password Length? - The user defines what should be the minimum password length for Application User access.
5061 - Password Generation Mask - This flag determines how the password is to be generated. L = lowercase, U = uppercase, 9 = any number and @ = special character. So if the user value = ULL, that is saying somewhere in the password (based on length defined in 5060), there must be at least one uppercase letter and 2 lowercase letters. This flag applies to both Application Users and Database Users.
***Only the following special characters can be used # S + = _ to allow consistency across databases, Crystal and M5.
5069 - Enforce Password length and mask. - If set to "Y" passwords entered into M5 must meet the minimum length set by mod flag 5060 and diversity of characters defined by mod flag 5061. This flag applies to both Application Users and Database Users.
5070 - Number of entries maintained in password change history? - This defines how many entries are maintained in the password change history table for the user. The user cannot reuse the same password if it is found in this history. Setting this to 0 disabled the password history function.
5504 - Enforce Application User Vendor on Commercial Work Order? (Y/N) - The default is N to preserve the current functionality. When set to Y, and when the application user is assigned to vendor(s) on Application User Maintenance Vendor List iframe, they will be restricted to only see work from that vendor(s) on the Commercial Work Order screen.
For more on Application User Maintenance functionality, see System Administration Application User Training.
Last Updated: 06/29/2021
NOTE: To view a list of System Flags and Role Privileges that may impact this screen, hover over the screen title in M5 to display the bubble help/tooltip. At the bottom of the bubble help/tool tip, there is a Settings hyperlink. Click that hyperlink to display the list of flags and privileges.
Additional training and technical documents on this subject may be available in the Resource Files area.