Support Account Settings

From time to time, you may want to have a support representative log on to your tenant for troubleshooting, configuration assistance, or other activities.

To control access to your tenant, the system includes several levels of support, which you lock or unlock as needed, for example:

  • Support-Level1 — Reserved for Integration Consultants
  • Support-Level2 — The medium level of support
  • Support-Level3 — The highest level of support

Depending on your needs, you unlock a specific level and the appropriate support representative logs on to your tenant, enters a reason ticket number for the access, and addresses the issue. When the issue is resolved, you can lock the support level.

In some cases, customer support requests require assistance from Engineering. Because of this, the following Engineering support levels are also available:

  • Engineering Support User 2 — The same as Support-Level1 in addition to read-only access to Setup pages with View option
  • Engineering Support User 3 — The highest level of support with full access

If you do not want any outside access, you can lock all levels.

To lock and unlock a support level

  1. From the Main Menu, navigate to Application Setup > System Configuration > Support Account Settings.
  2. From the Support Account Settings page, select a support level and click Edit .
  3. On the Editing page, select Locked or Unlocked from the Status box.
  4. Click Save.

Sometimes the best way to resolve an issue is for the user to allow Support Personnel to access the user's environment. With the user's permission, Support Personnel (Support-Level as well as local administrators with the Super Access Function Access Profile) can use a proxy access to get first-hand experience of the user's issue and provide a resolution. Complete the following steps:

Note:
  • The ability for your tenant to use proxy access functionality is activated by Tenant Administration and a Support-Level account must be unlocked.
  • Proxy access can only be used for WFM.
  • The local administrator who can use proxy access must have the Super-Access Function Access Profile.
  • There are no different levels of access in proxy access.

Complete the following steps:

If your environment is configured to allow this functionality, complete the following steps:

  1. From the Main Menu, select Administration > Application Setup.
  2. From the Application Setup page, expand System Configuration and select System Settings.
  3. Select the Security tab.
  4. Set the site.security.impersonation.allowed setting to true.
  5. Click Save.

Set the Impersonation access control point (ACP) for employees who can grant access to their environment. This ACP is set automatically for administrators with Super Access.

  1. From the Main Menu, select Administration > Application Setup.
  2. Expand Access Profiles and select Function Access Profiles.
  3. On the Function Access Profiles page, select the profile of the user who needs to grant proxy access and click Edit.
  4. Note: To identify an employee's Function Access Profile, select Maintenance > People Information from the Main Menu. Select an employee and expand Access Profiles in the Employee section.
  5. On the Edit Function Access Profile page, expand Employee and set Impersonation to "Allowed."
  6. Click Save.

The employee can now grant access to Support or a local system administrator by doing the following:

  1. Log on to the system.
  2. At the top of the Main Menu, click Settings > Edit Profile.
  3. Expand CustomerSupport Access and select one of the following options:

  4. My System Administrator

    • No access
    • Allow for one day
    • Allow for three days

  5. Global Support

    • No access
    • Allow for one day
    • Allow for three days
  6. Click Save.

Depending on who the user granted access, the system administrator or Support personnel can now access the user's environment. The user must log off and the Support person or administrator does the following:

  1. Log on to the system with your logon credentials — Support-Level user or administrator with Super Access.
  2. Enter the reason for your access in the Reason field.
  3. Your home page The page that is presented to the user upon login, which contains the tiles that let the user access or navigate to common tasks. opens and the names of the people who granted you proxy access are now listed in the Edit Profile area at the top of the Main Menu,
  4. Select the name of the person to access. The name of that person displays immediately below your name at the top of the Main Menu, for example:
  5. Sean Ivan
    Acting as Tina Edwards
  6. At this point, you are looking at environment of the end user and can work to resolve the issue.
  7. When finished, log off. Any changes you made to the user's environment remain effective when user logs on.

The following Audit Reports track all access made by the impersonator, for example:

Action Audit Report Audit Type Listed in Report
Lock/unlock Support-Level accounts Configuration Audit Report System Settings
Grant access People Audit Report Impersonation
Initiate proxy access Security Audit Report Impersonation
Actions performed while using proxy access Applicable report for proxy access Proxy Access person's name as User name