This section describes the process of system configuration and functions which the system

management provides.

This part describes the process of creating a user.

This part describes how to manually unlock a locked user, how to create a temporary user
and how to kick out an online user as the system administrator.

The system management provides the following other functions:

Managing user access

Set the restrictions on users

Change the date and time format

Managing a task

Managing log query

This section describes how to create a region, an organization, and an employee.

Relationship between concept

One-to-many relationship between region and organization

One-to-many relationship between organization and employee

One organization maps one region while one region may map multiple
organizations.

An employee must belong to an organization while an organization may have

multiple employees.

One-to-many relationship between employee and user

A user can map either an employee or a partner.

An employee can map multiple users.

This figure describe the procedure of creating a region, an organization, and an employee.

This is a typical configuration instance.

Jiangsu is a Province of China.

You can configure the region code according your planning, you cant use the same
region code for the difference region.

Typical instance:

Nanjing is a city of Jiangsu.

When you do the practice, you can configure this part according your country.

This is a typical configuration instance.

ABC Telecom Company is an operator in Nanjing.

You can configure the region code according your real information.

This is a typical configuration instance.

Besides the OM department, telecom company should have:

IT department

Finance department

Please configure this part according your real department information.

This is a typical configuration instance.

Li Hang is a staff of ABC Telecom Company, OM Department.

You can configure the staff number according your company rule, if your company
hasnt the rule of staff number, please use unique number for difference staff.

If you can query the staff information under the department, that means your
configuration of region, organization and staff are successful.

This section describes how to create a user as the sysadmin user.

The system supports three types of users: Default user, Temp user, and Common user.

NOTE:

A temporary user can log in to the system for one time and use the password
directly for login.

This is the user planning.

Please Create the user smapb by following step2.

User type:

Common user

Temp user

User source:

Employee

Partner

Type of IP address

None

Blacklist

Whitelist

This section describes how to specify a role, a user group, region rights, and interface
rights for a user as the system administrator.

A role is a set of menu and button rights, common rights, and interface rights of the
system. The user with an assigned role has the menu rights and function rights of the role.

Roles are classified into two types:

Default role.

Common role.

NOTE:

The default roles cannot be deleted while common roles can be customized.

You can assign a role to a user using the following methods:

Assigning a role to a user directly

Assigning a role to a user group and adding users to the group

NOTE:

Only the default users sysadmin and AccountAdmin have the rights of default
roles. Default roles must not be assigned to customized users.

User

A user with an assigned role has the menu rights and matching function rights of
the role.
The user sysadmin is a supper user who has all the menu rights and matching
function rights of the system.

You can create the following users as the sysadmin user:

System administrator: The user has the rights of system management menus
(including the submenus) and matching function rights.
Product management administrator: The user has the rights of product
management menus (including the submenus) and matching function rights.

Service administrator: The user has the rights of the following menus
(including the submenus) and matching function rights of Resource
management, Charging management and Service management.
Service handling operator: The user has the rights of individual service
management menus (including the submenus) and matching function rights.

This is a typical configuration instance.

smapa and smapb belong to Nanjing Region.

We can use two ways to assign the role to the user

smapa: assigning rolex to smapa directly.

smapb: assigning rolex to user group and adding the smapb to the user group

Set the interface parameters as follows:

Method name = web

Display order = 1

Permission ID = access

Response Duration (ms) = 10

Retain default values for other parameters.

Set the role parameters as follows:

Role name = rolex

Role type = Common role

User type:

All

Default user

Common user

Temp user

Add User Group steps:

User Group Information

Role Information

Authorized Node

Authorized Region

Modify user information steps:

User Information

User Group Information

Role Information

Authorized Node

Authorized Region

Notes:

You need change the initial password when you log in for the first time.

Operation for smapb:

Enter the user name and initial password.

The system prompts you to change the initial password.

Change the initial password and click OK.

The system displays the home page.

Click Console.

Choose Operator from the navigation tree.

This section describes how to configure access policies and how to set the restrictions on
users who log in to the system on Web pages as the system administrator.

Blacklist

Users are not allowed to log in to the system by using IP addresses in blacklists, but
they can log in to the system by using IP addresses in other lists.

Whitelist

Users can log in to the system by using only the IP addresses in whitelists.

You can set whitelists or blacklists, or do not set any one.

Policy Type:

Web Service Security

Web Security

Flow Control

Name List Type

None

Blacklist

Whitelist

Prerequisites

Before we configure the Control Web Access, we need first configure the access
policy.
For example: the access policy named limit login has been configured.

This section describes

How to change the date and time format as the system administrator.

How to create a scheduled task that runs at the preset time as the system
administrator.
How to manually unlock a locked user, how to create a temporary user and how to
kick out online users as the system administrator.

How to query operation logs, run logs, security logs, or user logs as the system
administrator.

Data Format:

yyyy-MM-dd

MM-dd-yyyy

Time Format:

HH:mm:ss

HHmmss

Date and Time Format:

yyyyMMddHHmmss

Yyyy-MM-dd HH:mm:ss

MM-dd-yyyy HH:mm:ss

Scheduled tasks are configured to delete logs, recycle mobile numbers, and synchronize
data.

Task type:

You can select from the dropdown box.

Execution mode:

One-time

Daily

Weekly

Monthly

After a scheduled task runs, the system notifies users in either of the following ways:

SM (Short Message)

Email

Task status:

All

Ready

Failed

Running

Suspened

This section describes how to how to manually unlock a locked user, how to create a
temporary user and how to kick out online users as the system administrator.

This section describes how to manually unlock a locked user as the system administrator.
A user wants to log in to the system. If the number of times that the user enters wrong
passwords exceeds the threshold, the user is locked and the IP address is recorded in a
blacklist within a certain duration.
You can unlock the user using the following methods:

Automatic unlocking

Manual unlocking

The locked user will be unlocked automatically after a certain duration.

Choose Operator > Unlock to unlock the user.

Typical Instance

The smapa user is locked because the number of times that the user enters wrong
passwords exceeds the threshold. To unlock the user, conduct the following steps.

Typical Instance

You log in to the system as the smapa user at multiple IP addresses. The online user
at only one IP address user is allowed because of insufficient system resources.
To kick out online users smapa.

This section describes how to query operation logs, run logs, security logs, or user logs as
the system administrator.

Operation log

Run log

For example, a run log is generated when business logics fail to run.

Security log

For example, an operation log is generated when an operator adds a

scheduled task or product.

For example, security logs record login success or failure, rights verification
success or failure, and more than three times login attempts.

User log

For example, a user log is generated when a user registers a subscriber.

Log Level:

Emergency

Alert

Critical

Error

Warning

Notice

Information

Debug

Operation Log Level

3-Error

6-Information

7-Debug