Administering User Accounts

Each individual using Aptify needs to have his/her own user account. Based on security privileges, each user has permission to access particular applications, and to view and perform certain activities on particular services within the Aptify system. These permissions are set at either the user level or the group level.

User logins in Aptify are defined as Users records. These records not only determine the actual login used in order to access the system, but they also define specific characteristics about the user, such as whether the user has system administrator permissions and to what groups the user is assigned.

By default, the sa (System Administrator) user is already set up in Aptify when installed. All other user logins must be created manually.

This section contains information on the following topics:

• Creating User Accounts
• Adding User Accounts to a Security Key
• Editing User Accounts
• Removing User Accounts
• Tracking a User's Last Login Date
• Modifying User Login Preferences
• Understanding Aptify User Account Processes

Creating User Accounts

The ability to create users requires administrative permission in Aptify. This permission can be granted when the user record is created. By default, the sa user is the only user granted administrative permissions when Aptify is installed.

Follow these steps to create a new user:

1. Log in to Aptify using a user account that has system administrator privileges.
   
   If you are logging in as a system administrator account, and you intend to create untrusted (Username/Password-based) users, your account must have permission to the Security Key that encrypts user passwords (which is the Generic Entity Encryption Key by default). See Adding User Accounts to a Security Key for more information and instructions. 
2. Expand the Users Administration application in the Navigation Bar.

3. Right-click the Users service and select New Users Record to open the Aptify User Administration wizard.

   The Aptify User Administration wizard is not supported in the Aptify web interface.

    

4. Step 1: Select a login method for the new user and click Next. Depending on whether Windows Integrated Security or SQL Server Security is selected, the individual's login is trusted or untrusted.
   • If the Windows Integrated Security option is selected (the method recommended by Aptify) Aptify accepts login credentials that have already been authenticated by the Windows Domain, and the user is not prompted to provide a user name and password during a login. This method is easier to administer because the user does not need to remember a separate password for Aptify. The use of Windows Integrated Security is referred to as a trusted connection.
   • If the SQL Server Security option is selected, the system prompts the user for a user name and password each time Aptify is launched. The use of SQL Server Security is referred to as an untrusted connection.
     
     
     
     
5. Step 2: Specify the Windows account or user name and password for the new user, depending on the login security method you selected.
   1. If you selected Windows Integrated Security in the previous step, the wizard prompts you to enter the user's Windows Domain and Account. The Domain and Account lists are populated with existing domains and accounts from the network to which that user's Windows account belongs.
   2. Select a Windows domain from the Domain drop-down menu and then select or enter a user account that exists on that domain in the Account field.  
      
      
      
      
   3. If you selected SQL Security, the wizard prompts for the login and password to be used by the user.
   4. Enter the new user's name in the User Name field, and enter the password twice, once in the Password field and once in the Repeat Password field. 
      
      
   5. Note that when specifying a Password, if the password does not meet the Windows policy requirements, an error message will appear prompting you to re-enter a new password. The Session Exceptions log contains more information about why the password change failed.
   6. If your organization is using untrusted user accounts, your users can change their own passwords after logging into Aptify. See Changing Your Password for details. 
6. Click Next to continue.
7. Step 3: Select the Client Access License for the user by selecting the check box next to the appropriate License Access type.
   • Only one Client Access License can be selected per user.
   • The available Client Access License types include EndUser, Administrator, and Developer. See Licensing Aptify Products for more information.  
     
     
     
     
8. Click Next to continue.
9. Step 4: Select the Module for which this user should be licensed by selecting the check box next to the appropriate License Access type.
   • If assigning one or more module licenses, the user must be assigned a CRM license. For example, a user cannot be assigned an Education license without also being assigned a CRM license. A typical user will have one of the following module license assignments:
     • No Module Licenses (for framework-only installations)
     • CRM only (to access the standard CRM applications)
     • CRM plus one or more add-on modules 
   • See Licensing Aptify Products for more information.  
     
10. Step 5: In the Permit column, select the check box for each of the databases to which you want grant access to the user.
    • You only need to grant a user access to the APTIFY database.
    • Aptify automatically assigns the user an EndUser role for the specified database(s). 
      
      

11. Select the System Administrator option for accounts that require administrative access to the databases and the SQL server.
    
    When this check box is selected, Aptify automatically assigns the user a DB Owner role on the SQL server.

    If the System Administrator option is selected, the user is granted the dbowner role to the database in SQL server. This option should only be selected for administrative users who require this ability. Operations that require dbowner privileges include any action that adds a new table, database object, or login to the SQL Server, such as creating a new user, new entity, or a new stored procedure. Other actions may require sysadmin permission to the entire server. For accounts that require that level of access, you need to check the sysadmin role for that SQL Login directly within SQL Server Management Studio.

12. If you want a system administrator account to able to create new users, select the Can Create Users option. 
13. Confirm that the Active User option is selected and click Next to continue.
    • Inactive users cannot access the Aptify system.
    • If you want to create an account now but do not want the user to have access to the system at this time, you can clear the Active option to mark the user as inactive. Then, at a later date when you want to activate the account, you can open this user's record again and select the Active User option. 
14. Step 6: Enter the user's full name in the Name field. 
    
    
     
15. If desired, enter a Description for this user account in the field provided.
16. If desired, select an existing user account from the Copy an existing user's profile (optional) drop-down list.
    • When you select another user account from this drop-down list, the system copies the existing user's desktop and display options to the new user's profile. This includes:
    1. • The existing user's profile settings.
       • The existing user's displayed Applications.
       • The existing user's displayed Services.
       • The existing user's Data Control Bar button layout.
       • A copy of each of the existing user's Views and View Folders.
       • A copy of the existing user's Shortcut Bar (including Shortcuts and Shortcut Groups).
       • A copy of the existing user's personal dashboards (that is, dashboards with a User Usage Scope that are linked to the existing user).
       • A copy of the existing user's personal form templates (that is, form templates with a User Usage Scope that are linked to the existing user).
    • Aptify includes nine role-based profiles, which provide an Aptify interface that has been specifically designed for members of different departments at an organization. Using the role-based profile as a starting point for a particular type of Aptify user, an administrator can leverage the profiles provided by Aptify to create new profiles specific to an organization. An individual user can then later modify the profile as needed to personalize the Aptify user experience. See the Using Role-based Profiles for more details.

    • Aptify also includes the CRMUser profile which is a sample profile that originated with Aptify 4.0. This profile is not role specific like the role-based profiles included in, but contains a predefined set of views for several important services, including Persons, Companies, and Orders. The CRMUser profile can also be used as a starting point for an administrator to set up profiles for each department or functional group within an organization.

      Some items may be unavailable to the new user if you copy from a profile that has a greater permission level than the new user.

17. Click Next to continue.
18. Step 7: Select the Object Repository Context for the user from the drop-down list. This list includes all existing Object Contexts, as well as a <DEFAULT> option.
    • Selecting <DEFAULT> links the user to the context the administrator has defined as the default in the system. If this default is ever changed, the user will automatically link to the new default context the next time they log in.
    • If any other option is selected from this list, any change in the default Object Context does not affect the user.
    • See Administering Object Contexts for more information on Object Contexts and the Object Repository.
      
      
      
19. Select the Culture for the user from the drop-down list. This list includes all existing Cultures, as well as a <DEFAULT> option.
    • Selecting <DEFAULT> links the user to the default culture. An administrator can specify the default culture in the Default Value field for the Users entity's CultureID Fields record. In the standard Aptify installation, the default value for CultureID is 1 (which corresponds to the English Cultures record). Note that if you selected <DEFAULT> for a user and then subsequently change the default value for CultureID, the existing user's culture will not update to the new default.
    • See Using Localization Administration for more information on Cultures and Localization. 
20. Click Next to continue.
21. Step 8: In the Include column, select the check box for each Group to which you want to add the new user. 
    
    
     
22. If you selected one or more Groups, specify one of the groups as the Primary Group in the field provided. Click Next to continue.
    • The system uses the Primary Group to identify the group to use when selecting a Group-scoped Form Template or Dashboard for this user. 
23. Step 9: Create Entity Relations records as necessary.

    • This step allows you to associate the user with any number of other entity records. Only an administrator can create, edit, or delete this connection between the user record and another entity record. For example, a user's login information can be connected to his/her Employees record. When this relationship exists, Aptify automatically populates the Employees field on certain forms using the Employees record that is linked to the current user who opened the form.

      Aptify recommends that each user be linked to an Employees record and a Persons record as certain features in Aptify will not work properly without these relationships.

      
      
      
      

    • Follow these steps to create a new User Entity Relations record:
      1. Select the New icon to open a new record. 
         
         
      2. Specify the entity for the related record in the EntityID field. For example, to link to an Employees record, you would specify the Employees entity in this field.
      3. Specify the related record in the Entity Record ID field. For example, this would be a specific Employees record.
      4. Enter a Description for the relationship, if desired.
      5. Click OK to save the new record.
      6. Repeat these steps to add relations to other records as necessary. You can click OK and New to save the record and open a new record in one step.
24. Click Finish to complete the creation of the user login.
    • Users are automatically assigned an available License Key based on the license selections made in Steps 3 and 4 of the wizard. See Licensing Aptify Products for more information. 
25. If this user needs access to credit card numbers (for example, if this user account is for an order entry clerk who will create orders and payments that use a credit card Payment Type), add the user to the Security Key that encrypts credit card numbers in the system (that is, the key that encrypts the CCAccountNumber field in the Payment Information entity).
    • See Adding User Accounts to a Security Key for information on how to add a user to a Security Key.
    • See the Granting Access for Credit Card Number Encryption for more information on how credit card numbers are treated in Aptify. 
26. Depending on your geographic location, you may need to modify the Regional Options for the user's desktop computer and the default language for the user's SQL Server login, so the system displays dates, times, numbers, and currencies in the appropriate format for that user.
    • See Configuring Language Setting for SQL Server Users for more information.

Adding User Accounts to a Security Key

A system administrative user must have access to the Security Key that encrypts passwords in order to create untrusted users or to modify the password for existing untrusted users. Note that untrusted users do not need access to this key in order to successfully log in to the system. Only the administrator who creates the user or edits the user's password requires access to the key.
Likewise, a user must have access to the Security Key that encrypts credit card numbers to save orders or payments with a credit card payment type.

By default, Aptify uses the Generic Entity Encryption Key to encrypt the passwords for untrusted users (which corresponds to the Password field in the Users entity) and credit card numbers (which corresponds to the CCAccountNumber field in the Payment Information entity). Note that you can change this key, as necessary. See Managing Field Level Encryption for details.

Follow these steps to add additional users to a security key, as necessary:

1. Log in to Aptify as an administrative user who has access to the Security Key used to encrypt a field.
   • In the baseline Aptify installation, this is the Generic Entity Encryption Key. By default, the sa user and members of the Users, Accounting, and Administrators group have access to this key. 
2. Create or open a view of the Security Keys service.
   
   The Security Keys service is found under the Aptify Framework Administration application.
    
3. Open the record for the key that is used to encrypt the field (which is the Generic Entity Encryption Key for fields that are encrypted in Aptify by default).
4. Click the User Permissions tab.
   
   
    
5. Add a User Permissions record for each user who needs access to the field encrypted by this key.
6. If you want to grant access to all of the users in a particular group, click the Group Permissions tab and add that group as necessary.
7. Save and close the Security Keys record.

Editing User Accounts

Under some circumstances, you may want to edit an existing user's configuration settings. Possible changes include:

• Changing password (untrusted SQL server users only)
  • Note that untrusted SQL server users can also change their own passwords within Aptify. See Changing Your Password for details.
• Marking user as Active or Inactive
• Changing user's database permissions or SQL roles
• Modifying user's profile
• Modifying user's Object Repository Context
• Modifying user's Culture
• Modifying user's Groups membership
• Adding, editing, or removing User Entity Relations records

Follow these steps to edit an existing user:

1. Log in to Aptify using a user account that has system administrator privileges.

   The Aptify User Administration wizard is not supported in the Aptify web interface.

2. Expand the Users Administration application in the Navigation Bar, if necessary.
3. Open or create a view of the Users service.
4. Double-click the Users record you want to edit to open the User Administration wizard.
   • For trusted users, the User Administration wizard opens at Step 3 (Select Client Access License Type). You cannot modify Step 1 (select Login method) or Step 2 (selected Domain user) for an existing trusted user.
   • For untrusted users, the User Administration wizard opens at Step 2 so you can change the user's password (if necessary). You cannot modify Step 1 (select Login method) or the user name in Step 2 for an existing untrusted user. 
5. If editing an untrusted user, enter a new password, if desired. Click Next to continue.
   • If you are logged in as a user who does not have access to the Generic Entity security key, the Password and Repeat Password fields will be blank. You can make changes to the user's configuration, but you must have access to the Generic Entity Encryption Key to change the user's password. See Adding User Accounts to a Security Key for instructions. 
     
     
      
6. Modify the settings found on Step 5 of the wizard as necessary. See Creating User Accounts for more information on these options. Click Next to continue.
   • Modify the user's database access and SQL server system administrator status, as necessary.
   • You can also make a user inactive by clearing the Active check box. (Likewise, you can enable an inactive user by selecting the Active check box).
7. Modify the user account details found on Step 6 of the wizard as necessary. If you want to specify a different profile for this user, select the new profile from the Copy an existing user's profile (optional) drop-down menu.
   • When you select a new profile, the Override Existing Profile option comes into focus. This field is a notification that the user's existing Applications, Services, and Views will be removed and replaced with the selected profile's Applications, Services, or Views.
     
      
8. Click Next to continue.
9. Change the user's Object Repository Context or Culture as necessary. See the information on Step 7 of wizard in Creating User Accounts or more information on these options. Click Next to continue.
10. Add or remove the user from one or more Groups, and change the user's Primary Group, as necessary. See the information on Step 8 of the wizard in Creating User Accounts for more information on these options. Click Next to continue.

11. Add, edit, or remove the user's User Entity Relations records. 

    Aptify recommends that each user be linked to an Employees record and a Persons record as certain features in Aptify will not work properly without these relationships.

    
    The example below shows how to add the Persons entity to an existing user.

    1. Select the New icon to open a new record.
    2. In the EntityID field, enter Persons.
    3. In the Entity Record ID field, specify the Persons record.
    4. Enter a Description for the relationship, if desired.
    5. Click OK to save the new record.  
       
       
       
       The Persons entity relationship is added for this user.
       
       
       
       
    6. These steps can be repeated these steps to add relations to other records as necessary. You can click OK and New to save the record and open a new record in one step. 
12. Click Finish to save your changes to the user and close the wizard.

Removing User Accounts

This topic describes how to disable and delete users and contains the following sub-topics:

• Disabling User Accounts
• Deleting User Accounts

Aptify recommends that you disable users rather than delete them. When you disable a user, the account is no longer active, but the historical information related to that account remains valid within the system. When deleting a user, an organization also needs to delete all records that are linked to that user (alternatively, an organization could relink these records to another user, such as a test user account). In either case, the record history associated with the user may no longer be valid or easy to identify.

Disabling User Accounts

In general, when an employee leaves your organization, you should disable the user account and terminate the user's license assignment to prevent the employee from accessing Aptify using the client application. This approach retains the User's record and the links to that record within the system for record-keeping and review purposes.

Follow these steps to disable a user account to prevent the user from accessing Aptify using either the client application or another database tool, such as Microsoft SQL Query Analyzer:

1. Log into Aptify using a user account that has system administrator privileges.

   The Aptify User Administration wizard is not supported in the Aptify web interface.

2. Expand the Users Administration application in the Navigation Bar, if necessary.
3. Open or create a view of the Users service.
4. Double-click the Users record you want to edit to open the User Administration wizard.
5. Proceed to Step 5 of the wizard, if necessary.
6. Remove the check mark from the Permit column for your Aptify database.
   
   • This removes the user's permissions to the database and effectively disables the user at the database level.
   • Note that a user still exists as a SQL server login and retains a Public SQL role for the APTIFY database.
7. Clear the Active User check box.
   
   • This prevents the user from accessing Aptify using the client application.  
     
8. Click Next to continue and proceed to Step 8 of the wizard.
9. Remove the user from all of the Aptify Groups (by removing the check marks in the include column).
10. Clear the Primary Group link box.  
     
11. Click Next to continue and complete the wizard without making an additional change.
12. Open the User License Assignment record for the disabled user.
    
    • The User License Assignment service is located in the Aptify Framework Administration application by default. 
13. Confirm that an End Date has been populated automatically (with the current date and time). This removes the user's association with the license key and allows it to be assigned to another user.
14. Close the User License Assignment record.

Reverse the above steps if you want to reactivate an inactive user. Note that when reactivating a user, select the EndUser SQL role for the APTIFY database from the drop-down menu (as shown in figure below).

Deleting User Accounts

Under some circumstances, you may want to delete the Users record completely. In this case, you also will need to address any record dependencies that the user has in the system before you can delete the record. For example, you need to delete or edit the user's User License Assignment, Application User Entities, Application Users, and Group Members records.

Follow these steps to delete a user account:

1. Log into Aptify using a user account that has system administrator privileges.
2. Expand the Users Administration application in the Navigation Bar, if necessary.
3. Open or create a view of the Users service.

4. Open the User Administration wizard for the user you want to delete and remove the user from all of his or her Groups (as described below).

   The Aptify User Administration wizard is not supported in the Aptify web interface.

    

   1. Double-click the Users record you want to delete to open the User Administration wizard and proceed to Step 8 of the wizard.
   2. Remove the user from all of the Aptify Groups (by removing the check marks in the include column). See the figure below for an example.
      
   3. Clear the Primary Group link box.
   4. Click Next to continue.
   5. Complete the wizard and click Finish to save your changes to the user's group assignments.
5. In the Users view, select the user you want to delete and press the Delete key.
6. Click Yes to confirm the delete operation.
   
   • If the user has never logged in to Aptify, the system deletes the record. Proceed to step 11.
   • If the user has previously used the system, the Record Dependency message appears. Proceed to step 7.
7. If the Record Dependency message appears, click OK to view the dependenc 
8. Write down the names of the entities that have records linked to this user.
   
   • Typical entities that have records linked to users include:
     • Application User Entities
     • Application Users
     • Dashboard Area User Values (see note below)
     • Dashboard Part User Values (see note below)
     • Dashboards
     • Form Templates
     • User License Assignment

     • User Values

       The Dashboard Area User Values and Dashboard Part User Values services are not associated with an Application by default. You need to add these services to one or more applications to delete the linked records. See Adding Services to Aptify Applications for details.

9. Delete the records that are linked to the user. Alternatively, you can relink a record to a different user if you do not want to delete it.
   
   • To easily locate the relevant records in a service, create a targeted view of each service that contains dependent records using the User record's UserID as a filter.
   • If the record you want to delete has its own dependencies (for example, a Dashboard may have multiple Dashboard Areas linked to it), note that you need to delete those dependencies before you can delete the record.
10. Return to the Users view and delete the Users record.
    
    • If you deleted or relinked all of the user's dependent records, the system should now successfully delete the user.
11. If you want to delete the user's SQL Server Login, connect to the SQL server using Microsoft SQL Server Management Studio and delete the user's login.
    
    • Refer to Microsoft's on-line Help for information on how to use SQL Server Management Studio. The following steps summarize the procedure for deleting a SQL server login:
      
      1. Connect to the SQL server via Management Studio using an account that has system administrator privileges (such as sa).
      2. In the tree, expand the heading for your SQL server and select the Security > Logins menu item.
      3. Select the user login that you want to delete and press the Delete key.
      4. Click OK to delete the login.

The system removes all database privileges to the Aptify databases when deleting a user. However, the system does not delete the user's SQL Server Login account since other systems may also be using this account. Therefore, if you want to delete the user's SQL Server Login, you need to use SQL Server Management Studio to delete it.

Tracking a User's Last Login Date

There may be situations where an administrator wants to view the last time certain users logged into Aptify. Examples may include troubleshooting login issues or auditing account usage for active users. Aptify provides the ability to track this type of login information through the Users entity's LastLogin field. This field stores the date and time of a user's last login and when added to a view of the Users service (or SQL query), it can be used to track the last time in which a user logged into the system. Below is a sample view.

Modifying User Login Preferences

By default, when a user launches the Aptify client application, a login dialog appears that prompts the user to enter the server name and login information (as shown in figure below).

An administrator can configure the appearance and behavior of this dialog and other configuration settings on a global basis or on a client-by-client basis, as necessary.

To modify the configuration attributes for all users, an administrator can edit the Startup.exe.config or Aptify Shell.exe.config file in the Object Repository (which file to modify depends on the attribute being updated). This file is then downloaded to each client when they connect to the database server for the first time.

To modify the configuration attributes locally on a client-by-client basis, an administrator can edit the Attributes.xml file.

For example, an administrator can modify the Startup.exe.config file to match the organization's login method prior to deployment (for example, to require a trusted user connection to a specific server). Then, the administrator can update the Startup.exe.config file in the Object Repository so that the modified login behavior is automatically distributed to all client computers (after the client's first successful login to Aptify).

After creating a modified login for the organization, an administrator can modify his/her local copy of Attributes.xml as needed to connect to different servers or connect as an untrusted administrative user. The values specified in the Attributes.xml take precedence over any corresponding value in the Startup.exe.config file.

This topic contains the following sub-topics:

• Modifying the Login Configuration Attributes Globally
• Modifying the Login Configuration Attributes Locally
• About the User Login Configuration Attributes

Modifying the Login Configuration Attributes Globally

An administrator can change the appearance of the Aptify Login dialog and other system areas for all users by modifying the attributes in the Startup.exe.config file or in Aptify Shell.exe.config and updating the file in the Aptify Object Repository. (To change the configuration attributes for a specific user, modify the Attributes.xml file instead; see Modifying the Login Configuration Attributes Locally for details.)

Follow these steps to modify the configuration attributes in Startup.exe.config or Aptify Shell.exe.config:

1. Log in to Aptify using the default login dialog if you have not previously logged in as this user.
   
   • When a user connects to Aptify from a client computer for the first time, the client downloads new copies of all of the relevant Object Repository Objects, including Startup.exe.config and Aptify Shell.exe.config. 
2. Locate the Startup.exe.config or Aptify Shell.exe.config file on your client computer (typically located in C:\Program Files\Aptify 5.0).
3. Right-click the file and select Properties from the pop-up menu to open the Windows Properties dialog for this file.
4. If necessary, clear the Read-only option.
   
   • The config files may be read-only by default. 
5. Click OK to close the file's Properties dialog.
6. Open Startup.exe.config or Aptify Shell.exe.config using a text editor, such as Notepad.
   
   • The figure below displays the default contents of the Startup.exe.config file's appsettings section that controls the dialog's appearance and the client's login behavior.
   • This file also contains configuration settings for Exception Management. See Configuring the Exception Manager for more details.
   • This file also contains configuration settings for Attribute Management.
     
     
      
7. Edit the property or value of any existing properties.
   

   • For example, if you want to specify the Aptify server, enter the server name between the two quotation marks, as illustrated below. 

     <add key="Aptify.Framework.LoginServices.AptifyLogin.Server" value="server_name"/>
      

   • Or, if you want to specify a suggested server (so that the user has the opportunity to overwrite it), replace Server with SuggestedServer and enter the server name as the value:

     <add key="Aptify.Framework.LoginServices.AptifyLogin.SuggestedServer" value="server_name"/>
      

   • With the exception of the RemoteServer properties (such as Aptify.Framework.LoginServices.AptifyConnectionState.RecentServer01), do not configure any of the AptifyConnectionState properties in Startup.exe.config. These values are set automatically by the Aptify Connection State dialog on a client-by-client basis in Attributes.xml. 
8. Add new properties, as necessary.
   
   • See About the User Login Configuration Attributes for a list of commonly used properties. With the exception of LoginCaption (which is Aptify.Framework.LoginServices.AptifyLogin.LoginCaption), all of the properties listed in that topic are included in Startup.exe.config or Aptify Shell.exe.config by default.
   • Add one line for each new property in the configuration file's appsettings section.

   • Use the following format to specify new properties: 

     <add key="Aptify.Framework.LoginServices.class_name.property_name" value="property_value"/>
      

   • Refer to the Aptify Software Development Kit (SDK) for information on the LoginServices classes and properties. 
9. Save the file and close it.
10. 10.Update the file in the Aptify Object Repository. See Updating Object Repository Objects for details.

Modifying the Login Configuration Attributes Locally

An administrator or user can change the appearance of the Aptify Login dialog and other configuration settings for a particular computer by modifying the properties in that computer's Attributes.xml file. (To change the configuration attributes for all users, modify the Startup.exe.config or Aptify Shell.exe.config file instead; see Modifying the Login Configuration Attributes Globally for details.)

Follow these steps to modify the properties in Attributes.xml:

1. Locate the Attributes.xml file on your client computer (typically located in C:\Program Files\Aptify 5.0).
2. Open Attributes.xml using a text editor, such as Notepad.
   
   • The following figure displays the default contents of this file.  
     
      
3. Add new properties, as necessary.
   
   • See About the User Login Configuration Attributes for a list of commonly used properties.
   • Add one line for each new property.
   • You can find the property's complete name in either Startup.exe.config or Aptify Shell.exe.config. To simplify data entry, you can simply copy the item from one of these config files and paste it directly into Attributes.xml. Then, change add key to item name for each entry you copy.

   • For example, to add a SuggestedServer property, enter: 

     <item name="Aptify.Framework.LoginServices.AptifyLogin.SuggestedServer" value="Server_Name"/>
      

   • If you configure a property in Attributes.xml that also exists in Startup.exe.config or Aptify Shell.exe.config, the value specified in Attributes.xml takes precedence.

   • In some cases, if an attribute is specified in Startup.exe.config, you may need to overwrite that same attribute in Attributes.xml to provide new functionality. For example, if you want to use the SuggestedTrusted property in Attributes.xml but Startup.exe.config already sets the Trusted property to true, you need to specify the following two properties in Attributes.xml to successfully overwrite the functionality in Startup.exe.config (simply specifying SuggestedTrusted in Attributes.xml is not sufficient to override the Trusted property in Startup.exe.config): 

     <item name="Aptify.Framework.LoginServices.AptifyLogin.Trusted" value="false" />

     <item name="Aptify.Framework.LoginServices.AptifyLogin.SuggestedTrusted" value="true" />
      

4. Edit the property or value of any existing properties that you added previously.
   
   • Do not manually edit any of the default ConnectionState items. These attributes are reserved for future use. 
5. Save the file and close it.

About the User Login Configuration Attributes

Aptify supports several configuration properties that an administrator can configure in the Startup.exe.config file (to apply to all users), the Aptify Shell.exe.config file (to apply to all users), or in the Attributes.xml file (to apply to a specific client). See Modifying the Login Configuration Attributes Globally and Modifying the Login Configuration Attributes Locally for information on how to set these properties within these files.

The following list contains the most commonly used properties that an administrator may want to configure, including Login preferences and system display settings. Also, refer to the Aptify Software Development Kit (SDK) for a complete list of the AptifyLogin properties.

• Server: This property specifies the server to which the user is connecting. If blank, the Server field appears on the login dialog and the user must enter a server name or select one from the Aptify Server List dialog (if configured). This is the default behavior. If a server name is specified for this property, the Server field does not appear in the dialog (but the server's name is specified in the Login caption, as shown in the example below). Note that the login dialog will not appear if you specify a Server value and user account values in one of the configuration files. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  
  
• SuggestedServer: This property is similar to the Server property, except that when a SuggestedServer is specified, the Server field appears on the login dialog with the suggested server name filled in. With this setting, a user can leave this field at its default setting to connect to the suggested server, but it also gives the user an opportunity to specify a different server if necessary. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
• RecentServer: This property specifies a server name that will appear in the Aptify Server List dialog (see example below). The Server List dialog can support up to five servers, which correspond to the RecentServer01 to RecentServer05 configuration properties. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  
  
• EntitiesDatabase: This specifies the database that contains the entity definitions. By default, this value is set to Aptify, and a corresponding field does not appear on the login dialog (in other words, a user cannot change the Entities Database value from within the dialog). Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
• SuggestedEntitiesDatabase: This property is similar to the EntitiesDatabase property, except that when a SuggestedEntitiesDatabase is specified, the Entities Db field appears on the login dialog with the suggested database name filled in. With this setting, a user can leave this field at its default setting, but it also gives the user an opportunity to specify a different database if necessary. See the example below. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  
  
• UsersDatabase: This specifies the database that stores record data. By default, this value is set to Aptify, and a corresponding field does not appear on the login dialog (in other words, a user cannot change the Users Database value from within the dialog). Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
• SuggestedUsersDatabase: This property is similar to the UsersDatabase property, except that when a SuggestedUsersDatabase is specified, the Users Db field appears on the login dialog with the suggested database name filled in. With this setting, a user can leave this field at its default setting, but it also gives the user an opportunity to specify a different database if necessary. See the example above. Configure this attribute in Startup.exe.config when specifying globally (as opposed to Aptify Shell.exe.config).
• Trusted: By default, this property is set to False, and the SQL Server login option (that is, the Specify a User Name and Password option) is the default selection in the login dialog in the Database Login Information section. When this property is set to True, the system assumes that the user is trusted so the Database Login Information section of the dialog does not display (as shown in the example below). Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  • Note that when a server is specified (using the Server property) and Trusted is set to True, the login dialog does not appear, and a user is logged in automatically when the Aptify Desktop client is launched.
    
    
• SuggestedTrusted: You can use this property with a value of True to display the Database Login Information section of the dialog but default to the Use Windows Integrated Security option. This provides the user with the opportunity to log in as an untrusted SQL Server user, if necessary. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
• SQLLogin: You can use this property in conjunction with a Trusted or SuggestedTrusted property set to False to specify an untrusted SQL server login account. If you specify this account's corresponding password using the Password property, then the Database Login Information section of the dialog does not display (as shown the example above). If you do not specify a Password, the specify SQL login name appears in the User Name field and the user can modify this login name as necessary. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  • Note that when a server is specified (using the Server property), Trusted is set to False, SQLLogin is set to an untrusted user, and Password is set to that user's password, then the login dialog does not appear, and a user is logged in automatically when the Aptify client is launched.
• SuggestedSQLLogin: This property is similar to the SQLLogin property, except that when this property is used along with a specified Password, the Database Login Information section of the dialog appears. With this setting, a user can leave the User Name field at its default setting, but it also gives the user an opportunity to specify a different user account if necessary. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
• Password: You can use this property in conjunction with the SQLLogin property to specify an untrusted SQL server login account. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).

• SuggestedPassword: You can use this property in conjunction with the SuggestedSQLLogin property to specify a default untrusted SQL server login account while still displaying the DatabaseLogin Information section of the dialog. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).

  The Password and SuggestedPassword properties save a user's password to a file as plain text. Aptify recommends that you not specify these properties in a configuration file.

• LoginCaption: This property determines what text appears in the login dialog's caption area. By default, the caption reads Aptify. (This is the value that appears if you do not include this property in the configuration file.) If you want to provide your own caption, add this property to the configuration file and specify the desired text as the property's value. In the example below, the LoginCaption property has a value of My Organization: CRM Solution. Configure this attribute in Startup.exe.config when specifying globally (as opposed to in Aptify Shell.exe.config).
  • Note that the caption does not support all characters. For example, you cannot use a single quote (') in the LoginCaption.
    
    
• EnhancedUI: Aptify includes an enhanced user interface that includes visual features such as a gradient fill on forms. However, these features require that Aptify use more system resources than earlier versions of Aptify. Therefore, users who have slower hardware may see improved productivity by disabling the Enhanced UI feature. This property uses True/False values to determine whether or not the Enhanced UI feature is enabled. Configure this attribute in Aptify Shell.exe.config when specifying globally (as opposed to in Startup.exe.config). Note that you can also add this attribute to a local user's Attributes.xml file to turn off the functionality only for users with slower hardware.
• ColorScheme: Aptify includes support for the Office 2010 and Office 2007 color schemes: Blue, Silver, and Black. By default, Aptify uses whatever color scheme is currently configured for Office 2010, or Blue if Office 2010 is not installed. However, you can use this attribute to set Aptify to use a particular color scheme regardless of the Office 2010 settings. For this attribute, a value of 0 or 1 corresponds to the user's current Office 2010 theme. When set to 2, Aptify will always use the Blue scheme. When set to 3, Aptify will always use the Silver scheme. When set to 4, Aptify will always use the Black theme. Configure this attribute in Aptify Shell.exe.config when specifying globally (as opposed to inStartup.exe.config).
• BuiltInCultureID: Aptify includes extensive support for localizing the system for multiple cultures. However, many organizations do not require this functionality. For these organizations, Aptify provides a localization bypass for a specified Culture. By default, Users with a Culture ID of 1 (English in the standard Aptify system) bypass localization. With the bypass in place, Aptify uses the Culture String data's Base String only and does not load Local String information. To change the ID of the Culture, an administrator can add the entry shown below to Aptify Shell.exe.config (when this entry does not exist, then the bypass Culture is ID 1 (English)). Configure this attribute in Aptify Shell.exe.config when specifying globally (as opposed to in Startup.exe.config). See "Localization" in the Admin Guie for more information on localizing the Aptify interface.

      <add key="Aptify.Framework.BusinessLogic.CultureUtility.BuiltInCultureID" value="[CultureID]"/>
 

• DisplayOnlineHelpOnFieldHover: Aptify includes the ability to display information about a specific field simply by hovering over the desired field. By default, this functionality is turned off with a value of False. However, this functionality which works throughout the Aptify system can be enabled by changing the value to True. See Using the Help Button for more details.

   Aptify Shell.exe.config also includes attributes that control the appearance of the label caption for required fields. See Configuring the Appearance of Required Fields for details.

Understanding Aptify User Account Processes

The following is a high-level overview of how a user connects to Aptify and what happens when a user first logs into the system:

1. Administrator creates User: An administrator runs the User Administration wizard to add a new user to Aptify. See Creating User Accounts for details.
   
   • Creating users must be performed using the Aptify Desktop client. The Aptify User Administration wizard is not supported in the Aptify web interface.
   • Using the wizard, an administrator specifies the login type (trusted or untrusted), grants the user access to the database, adds the user to groups, and links the user to related system records (such as a link to a corresponding Employees record).
   • The wizard automatically assigns the user to an available license key. See Licensing Aptify Products for more information.
   • Upon completing the wizard, Aptify creates a SQL Server login for the new user with appropriate permission set based on the information specified. An administrator can review the user information at the SQL level using SQL Server Management Studio.
   • Depending on your geographic location, you may need to modify the Regional Options for the user's desktop computer and the default language for the user's SQL Server login, so the system displays dates, times, numbers, and currencies in the appropriate format for that user.
   • See Configuring Language Setting for SQL Server Users for more information. 
2. User logs into Aptify: The new user specifies login information and connects to Aptify. For the first time. Note that the user must have the necessary permissions on the local computer to successfully launch and use Aptify.
   
   • See About the Object Repository for information about the user permissions required to run Aptify.
   • If your organization is using untrusted user accounts, your users can change their own passwords after logging into Aptify. See Changing Your Password for details. 
3. User adds items to his or her Profile: Depending on the user's permissions (and the group permissions the user inherits), the user adds applications and services to his or her profile.
   
   • For each application that the user adds to the profile, the system creates an Application Users record. See About the Application Users Form for details.
   • For each service that appears under an application the user adds to the profile, the system creates an Application User Entities record. See About the Application User Entities Form for details. 
4. User customizes Aptify desktop: As the user starts to become familiar with Aptify, he/she creates views and adds shortcuts to the shortcut bar.
   
   • For each view that the user creates, the system creates a Views record. See Using the Views Service and About the Views Form for details.
   • For each view shortcut the user adds to the shortcut bar, the system creates a Shortcuts record. Also, the system creates a Shortcut Sections record for each Shortcut Group the user adds to the shortcut bar. See About User-Defined Shortcuts and Shortcut Groups for more information.
   • When a user changes the default layout of the Aptify client application and then closes the application, the system creates User Values records to store the user's individual layout preferences. For example, the system creates or updates a User Values record whenever a user specifies a default dashboard for an application. See About the User Values Form for more information on this service. 
5. User accesses data, depending on permissions: The user creates, edits, and reviews records in the system depending on his/her application and entity security permissions and Group membership. See Administering User Groups, Granting Permissions to Aptify Applications, and Granting Entity Permissions to Users for details.

About User-Defined Shortcuts and Shortcut Groups

Users have the ability to create shortcuts to profile items they use often in order to make their use of Aptify more efficient. This includes views, folders, shared folders, services, and applications. Users can also create shortcut groups, which are used to categorize the custom shortcuts as the user desires. For example, a user might create an Orders Shortcuts group to keep all the shortcuts related to the order entry process. See Using the Desktop Client Shortcut Bar for information on how to use the Shortcut Bar.

These shortcuts and shortcut groups are stored in Aptify as Shortcuts and Shortcut Sections records. These records are created automatically when a user defines a new shortcut or shortcut group, and they are updated when users make changes to those shortcuts or groups (such as modifying the name or description). Shortcut and Shortcut Sections records should not be created or modified manually and should be updated manually only by a system administrator and only when necessary. See About the Shortcuts Form and About the Shortcut Sections Form for more information.