Managing KaseyaOne users
Security and navigation
NAVIGATION Header > Admin Settings > User Management
NAVIGATION Home > Admin Settings > User Management
SECURITY Master role
This article explains how to use the Admin Settings > User Management view to manage all of your KaseyaOne users and their accounts. Only users with the Master role can perform the following tasks:
- Add, edit, activate, deactivate, and delete individual users.
- Resend the invitation email. Refer to Resend the invitation email.
- Reset user password and two-factor authentication. Refer to Reset a user's password or 2FA.
- Import users in bulk. Refer to Import users in bulk.
User roles
A role is assigned when a user account is created or edited and determines a user's access and permitted actions in KaseyaOne. Each user must be assigned to one role.
Users in all roles have access to the modules and the Kaseya University courses when a Master user adds or edits their user accounts.
IMPORTANT The Kaseya University course selection drop-down menu has been removed. All users will now automatically have full access to all available courses without the need for manual assignments.
The following roles are available:
| Role | Description | Notes |
|---|---|---|
| Master | A user with this role has access to all areas of KaseyaOne, including Cooper Intelligence Engine functionality, the Organization Dashboard page, the Admin Settings page, and the Kaseya Professional Services page. These users can add and edit all users, assign user roles, and create Unified Login integrations. These users can manage billing information, request subscriptions and licenses, view invoice history, and view all company support tickets. These users can navigate to Kaseya Store, Kaseya University, Kaseya Community, and Kaseya Merch Store from KaseyaOne. |
See Root Master role below. |
| Root Master | The first user invited to the portal is called the Root Master user. | This user's role cannot be changed nor can their account be deleted unless another user is promoted to Root Master user. Promoting a user to Root Master can be done only by Kaseya support. |
| Billing | A user with this role has access to some areas of KaseyaOne, including Cooper Intelligence Engine functionality, the Organization Dashboard page, and the Kaseya Professional Services page. These users can edit their own user information. These users can manage billing information, request subscriptions and licenses, view invoice history, and view billing support tickets. These users can navigate to Kaseya Store, Kaseya University, Kaseya Community, and Kaseya Merch Store from KaseyaOne. |
A user with this role cannot add or edit users. |
| User | A user with this role has access to some areas of KaseyaOne, including Cooper Intelligence Engine functionality and the Kaseya Professional Services page. These users can edit their own user information. These users can view support tickets they submitted or were CCd on. These users can navigate to Kaseya University, Kaseya Community, and Kaseya Merch Store from KaseyaOne. |
A user with this role cannot add or edit users or access subscriptions and billing information. |
|
Co-Managed User |
A user with this role has limited access to KaseyaOne, does not see My Account Team information, and can see only the My Modules section on the home page. These users can edit their own user information. These users have read-only visibility of the Support page. These users can navigate to Kaseya University from KaseyaOne. |
A user with this role cannot add or edit users or access subscriptions and billing information. |
User status
User status is shown in the Admin Settings > User Management view in KaseyaOne.
| Status | Description | Action |
|---|---|---|
| Invited | An invitation email has been sent to a new user's email address. | The new user must click the link in the email to verify their email address and set a password for their account. |
| Active | The user account is active or has been has been activated. |
After the user signs up for and enrolls with 2FA, their account status changes to Active. After a Master user reactivates a deactivated user, their account status changes to Active. Users must reset their password and 2FA after being reactivated by the Master user |
| Deactivated | The user account has been deactivated (disabled) OR the user has lost access to KaseyaOne. A user can be automatically deactivated if third-party SSO is set up for the module with Enable Mapping Rules switched on, and they are not part of the groups that are mapped. |
Deactivated users are logged out of any active KaseyaOne sessions and they no longer have access to KaseyaOne nor the ability to Log In with KaseyaOne to access their modules. Deactivated users retain all their KaseyaOne settings, including group membership. Deactivated users can be re-activated. |
| LockedOut | The user account has been locked, perhaps due to a forgotten password or too many login attempts. |
The user must wait approximately 10 minutes before trying to log in to their account again. Refer to Unlock a locked-out user for instructions for Master users to unlock a user. NOTE Your organization's password policy defines the length of time users will be locked out. Refer to Apply a password policy. |
How to...
Add an individual user
To add an individual user to KaseyaOne, do the following:
- Navigate to Admin Settings > User Management.
- Click Add User and select New User from the drop-down menu.
- In the New User form that opens, complete the following fields:
| Field Name | Description |
|---|---|
|
First Name |
The maximum length is 48 characters, consisting of international letters, numbers, spaces, dashes and apostrophes. |
|
Last Name |
|
|
|
Enter a valid email address. The maximum length is 100 characters. |
|
Username |
This field is automatically populated with the value entered in the Email field but can be edited. The maximum length is 50 characters. The value cannot contain the following characters: #/?\. NOTE The username cannot be changed after the user account is saved. |
|
Role |
Click the drop-down control and select one of the following roles to assign to the user: Master, Billing, User, or Co-Managed User. For a description of these roles, refer to User roles. |
|
Access Groups |
Click the drop-down control and select one or more active or inactive access groups to assign to the user — inactive access groups have an Inactive Group icon next to them as shown in the following image. After you activate a deactivated group, all users assigned to that group will have access to all modules assigned to the group. Deselect All Module Access if you do not want the user to have access to all modules. |
- Click Add.
- The new user will be created and an invitation email will be sent to the user's email address.
- The user's account status will change to Invited and their 2FA status will change to Not Enrolled.
- After a user signs up for and enrolls with 2FA, their status will change to Active and their 2FA Reset option will be available.
Import users in bulk
The most efficient and time saving way to create multiple user accounts in KaseyaOne is by uploading a CSV file. Do the following:
- Navigate to the Admin Settings > User Management view and click Add User.
- Select Bulk Invite CSV and in the Bulk Invite Users window that opens, click the download our template and instructions link.
A ZIP file called users will be downloaded to your default Downloads folder.
- Unzip the users file. Open the README file for information on CSV format and validation.
- Open the users spreadsheet and add the users you want to import. Complete the following fields — all fields are required:
Field Name Description Username
The maximum length is 50 characters. The field cannot contain the following characters: hash (#), forward slash (/), question mark (?), back slash (\).
NOTE The Username cannot be changed after the user account was saved.
Email
Enter a well-formed email address. The maximum length is 100 characters.
Role
Enter the name of one of the following roles: Master, Billing, User, or Co-Managed User. For a description of these roles, refer to User roles.
Groups Type in the name of one or more access groups to assign to users. The group name is case sensitive and must match exactly the group name in KaseyaOne. First Name The maximum length is 48 characters, and can consist of international letters, numbers, spaces, dashes, and apostrophes. Last Name The maximum length is 48 characters, and can consist of international letters, numbers, spaces, dashes, and apostrophes. - Save the CSV file and drag it to the Bulk Invite Users window or click Browse to select it. Once the file is uploaded, the user import will begin automatically.
- After the CSV file has been successfully uploaded, review the results and click Done.
The new users will be created and an invitation email will be sent to their email address.
The user's account status will change to Invited and their 2FA status will change to Not Enrolled.
After a user signs up for and enrolls with 2FA, their status will change to Active and the Reset option will be available in the 2FA and Password columns.
Import users from a module
NOTE This feature is available for certain IT Complete modules only.
To import users from a module, do the following:
- Navigate to Admin Settings > User Management, click Add User, and then click Import from Module.
- On the Import Users page:
- Select the module from which to import users. If the module has multiple instances, then expand the module option and select a module instance.
- If none of your modules are connected to KaseyaOne, then you will receive the following message: Supporting modules are not connected to KaseyaOne.
- Click Next.
- Select the users you want to import and then click Next.
- Configure the settings and user access. You must specify the KaseyaOne role, group that users will be assigned after they are imported to KaseyaOne. You can do this in bulk for the whole list of users or individually for each user.
NOTE To save time, bulk assign the settings to all users first and then alter them for individual users as needed.
- In the Assign to All section, bulk assign the same settings and user access to all users being imported:
- KaseyaOne Role. Select the role that imported users will be assigned in KaseyaOne.
- Group. Select the access group(s) that imported users will be assigned in KaseyaOne.
- (Optional) In the Assign Individual Users section, assign user settings and user access individually to each user:
- KaseyaOne Role. Select the role that the user will be assigned in KaseyaOne.
- Group. Select the access group(s) that the user will be assigned in KaseyaOne.
- Click Next.
- In the Assign to All section, bulk assign the same settings and user access to all users being imported:
- Review and confirm your assignments on the next page and then click Import. The import will take some time to complete.
- When the import finishes, review the results of the import.
- The results show the following:
The number of records successfully imported
The number of records skipped due to errors (for example, the user already exists in KaseyaOne)
The number of records that failed with errors
- Click Copy to copy the import log if you want to examine it more closely.
- Click Done when finished reviewing the import results.
After the import:
- The new users will be created in KaseyaOne and an invitation email will be sent to their email addresses.
- Newly invited users must activate their accounts within 14 days of receiving the invitation email; otherwise the activation link will expire. If the activation link expires, users must contact their KaseyaOne Master user to request that the account invitation email be resent.
- The results show the following:
Deactivate a user
You can deactivate a user in KaseyaOne rather than deleting them altogether. Deactivated users can be re-activated at a later date but deleted users cannot be re-activated.
Only a Master user can deactivate users in KaseyaOne and you cannot deactivate yourself.
NOTE The Root user cannot be deactivated.
To deactivate a user with an Active status in KaseyaOne, do the following:
- Navigate to the Admin Settings > User Management view.
- Locate the user you want to deactivate and click Deactivate User next to the user.
- Click Deactivate when prompted for confirmation to deactivate the user.
You will receive a message that the user was deactivated and Deactivated will appear in the user's Status field.
Deactivated users are logged out of any active KaseyaOne sessions and they no longer have access to KaseyaOne nor the ability to Log In with KaseyaOne to access their modules. They will retain all their KaseyaOne settings, including group membership.
Activate a user
Only a Master user can activate users with a status of Deactivated in KaseyaOne and you cannot activate yourself.
NOTE The Root user cannot be activated.
To activate a user with a Deactivated status in KaseyaOne, do the following:
- Navigate to Admin Settings > User Management.
- Locate the user you want to activate and click Activate User next to the user.
- Click Activate when prompted for confirmation to activate the user.
You will receive a message that the user was activated and Active will appear in the user's Status field.
After you activate a user, that user must set their password and their 2FA.
Search for users
Search for users you have added to KaseyaOne in the following ways:
- Click any of the following column headings (which have a column sorter icon
) to sort the column in ascending or descending order: First Name, Last Name, Username, Status, and 2FA. - Use the search bar to search the list by keyword, or filter it by Role or Status.
Edit a user
To edit a user in KaseyaOne, do the following:
- Navigate to Admin Settings > User Management.
- Locate the user record you want to modify and then click Edit (the pencil icon) next to the user.
- Make your changes in the Edit User window that opens. You can edit all fields except for the Username.
- Click Save.
NOTE If you change the Email address, it will not be updated until the user clicks on the confirmation link sent to the new Email address.
Resend the invitation email
If a user has not responded to an invitation to enroll in KaseyaOne, you can resend the invitation:
- Navigate to Admin Settings > User Management.
- In the Invite column, click Resend.
The invitation email will be sent to the user's email address.
Reset a user's password or 2FA
If a user forgets their password, disables their user account by exceeding the configured number of failed login attempts, or the device that generates their 2FA token is lost, it may be necessary to reset the user's password or 2FA. Complete the following steps to do so:
- Navigate to Admin Settings > User Management.
- Click the Reset link in the 2FA or the Password column.
- In the Reset Password or the Reset 2FA window, click Reset.
You will receive a message that the password or 2FA was successfully reset.
If you reset 2FA for a user, then the 2FA status for that user will change to Not Enrolled and the next time the user logs into KaseyaOne, they will have to configure 2FA again. Refer to Setting up the primary user account (Root Master).
If you reset the password for a user, then that user will be prompted to generate a new password.
The password reset link will expire after 24 hours.
To learn about applying a password policy as a user with the Master role, refer to Apply a password policy.
Unlock a locked-out user
Refer to LockedOut in User status to learn about locked-out users.
To unlock a user with the LockedOut status, complete the following steps as a Master user:
- Navigate to Admin Settings > User Management.
- Locate the user record and click the Unlock User icon
.
The user will immediately regain access to log in to their KaseyaOne user account.
Delete a user
To delete a user from KaseyaOne, do the following:
- Navigate to Admin Settings > User Management.
- Locate the user record you want to delete and then click Delete (the trash can icon) next to the user.
- Click Delete when prompted for confirmation to delete the user. You will receive a message that the user was successfully deleted.
