Privilege Tab
The Privilege tab contains security and privilege information for a user. The Privilege tab displays when using the Modify User wizard and the New User Registration wizard. This tab contains the following user information fields.
| • | BLUEcloud Staff ID |
| • | Claims Returned |
| • | Override |
| • | PIN |
| • | PIN Creation Date |
| • | PIN Expiration Date |
| • | SirsiDynix Symphony does not allow PINs consisting of only asterisk characters. |
| • | Privilege Expires |
| • | Status |
| • | User's PIN is |
| • | Web Auth ID |
This field may contain a BLUEcloud identification key (an email address or user name) that associates a BLUEcloud Central user with a SirsiDynix Symphony user.
The purpose of the BLUEcloud Staff ID field is to allow authentication between BLUEcloud products and SirsiDynix Symphony via BLUEcloud Central; if the Email/User Name value entered by the BLUEcloud Central user matches the value in this field, the user is allowed access to the SirsiDynix Symphony database.
Important: The BLUEcloud Staff ID field is case sensitive in the SirsiDynix Symphony database; the value in the Email/User Name field in the BLUEcloud Central user account and the value in the BLUEcloud Staff ID field in the corresponding SirsiDynix Symphony user record must be exactly identical, including any uppercase and lowercase characters.
This field contains the number of times a user has claimed to return items. This field is automatically updated when an operator puts a claims returned date in the charge record.
An override must be entered to manually change the editable fields on the Privilege tab. The Override field allows you to enter the override code. If you do not know the override code, see your SirsiDynix System Administrator.
The PIN (Personal Identification Number) is a personal code optionally assigned to every user in the system. If both the user ID and PIN are entered correctly, you can access confidential information about your circulation status. The primary purpose of the PIN is to provide an extra level of security when permitting patrons to place their own holds and to view their charges, holds, bills, and requests.
Default PIN behavior
By default, SirsiDynix Symphony generates random, 1 to 10 digit PINs during User registration. These PINs can be changed to uppercase letters or to a combination of letters and numbers. Letters in PINs are automatically saved as uppercase. Under the default setting Symphony automatically uppercases the letters in PINs during login, so that PINs are effectively case insensitive.
Policy PIN behavior
If the Policy PINs feature is enabled, an administrator may define specific PIN requirements for various groups of users in the User PIN Policy wizard. The User PIN policy that determines the requirements for a particular user's PIN is based on the combination of the User Access and Library policies associated with the user's record; based on this criteria, SirsiDynix Symphony chooses the appropriate User PIN policy from a map of User PIN policies (for more information on the User PIN map policy, see User PIN Map Wizard). All new PINs, whether generated automatically or defined manually, must meet the PIN requirements that correspond to the User PIN policy the user is affected by.
With the Policy PINs feature enabled, PINs are case sensitive. This changes the behavior of the PIN during login. Any patron who has a PIN that was created prior to the configuration change will have to manually uppercase the letters in the PIN during login.
If SirsiDynix Symphony has secured a user's PIN per the requirements of the applicable User PIN policy, the PIN displays as five asterisk characters (*****) in the interface. If you type a new PIN in this field for a user and the applicable user PIN policy has been configured to secure user PINs, SirsiDynix Symphony secures the PIN and replaces it in the interface with five asterisk characters when you save the user record.
Note: SirsiDynix Symphony does not save any changes to the PIN if the five asterisk placeholder is modified (for example, "****a") instead of replaced completely. To change the PIN, you need to delete the five asterisks and type in the new PIN.
Note: SirsiDynix Symphony does not allow PINs consisting of only asterisk characters.
This field contains the date when the user's current PIN was created, either through the public access catalog or by staff.
This field contains the date when the user's current PIN expires, based on the associated User PIN Policy.
Preferred ID
This field may contain an identification key from the centralized authentication server. SirsiDynix Symphony uses this ID to verify that the user is authorized to use library services.
SirsiDynix Symphony stores this value encrypted in the database. This value cannot contain fewer than 8 characters or more than 254 characters and cannot contain any of the following characters:
| • | Backslash [\] |
| • | Colon [:] |
| • | Comma [,] |
| • | Double quote ["] |
| • | Left angle bracket [<] |
| • | Left parenthesis [(] |
| • | Right angle bracket [>] |
| • | Right parenthesis [)] |
| • | Semicolon [;] |
| • | Space [ ] |
Important: The preferred ID is not supported on ISAM systems.
This field contains a date after which the user may no longer have circulation privileges. This field is automatically entered based on the user’s profile. When modifying a user, entering a different date in this field changes the length of this user’s privilege. After entering a new date in the Privilege Expires field, enter the override code in the associated Override field.
Note: In the Modify User wizard, if you attempt to modify the privilege expiration date, but have the Profile Modified/Auto Extend Privilege property enabled, the privilege limit date in the user profile will always overwrite the custom privilege date. The wizard will display a confirmation message explicitly stating the new date.
In the New User Registration wizard, if you change the user profile and change the privilege expiration date using an override, the custom privilege date will be used rather than the privilege limit date defined in the user profile.
This field contains the user’s circulation status, such as BARRED, BLOCKED, DELINQUENT, or OK.
| • | BARRED means users cannot checkout items. A user cannot be automatically barred or unbarred. This status must be set or removed by a workstation operator with special privileges. |
| • | BLOCKED designates users with unpaid bills and accrued fines that reach a certain amount or they have a certain number of overdue items as defined in the policy file. A special override operator is required to check out items to a blocked user. |
| • | DELINQUENT designates users with unpaid bills or overdue items. Delinquent users can still check out items and have all the other privileges of OK users, but the workstation operator will be warned that the user is delinquent. |
| • | OK means users have full library privileges as defined in the policy file. |
In addition to these delivered user statuses, you may also have custom user statuses as defined in the User Standing policies. When custom User Standing policies are present, the custom user statuses that will display will include the following.
| • | Custom User Standing policies with a delinquency type of BARRED. As with the delivered BARRED status, they must be set or removed by a workstation operator with special privileges. |
| • | Custom User Standing policies with an Auto-replace setting of Never. |
| • | Custom User Standing policies with an Auto-replace setting of Raise Only whose delinquency type is equal to or more restrictive than that of the user’s current user status. |
Note: If the user status is BARRED or a custom user status with a delinquency type of BARRED, you can change the user status to the correct circulation status by selecting Reinstate User in the Status list. The Reinstate User selection displays in the Status list only when the user’s status is currently BARRED or a custom user status with a delinquency type of BARRED.
The BLOCKED, DELINQUENT, and OK statuses are maintained by the system. If you change a user’s status from BARRED or a custom user status with a delinquency type of BARRED to OK using the Reinstate User selection, the system may instead set the status to BLOCKED or DELINQUENT if the user has unpaid fines or overdue items.
This field lists the status of the user's current PIN, namely ACTIVE, EXPIRED, LOCKED, and WARNING:
| • | ACTIVE means the PIN is not expired or locked, and is not about to expire. |
| • | EXPIRED means the PIN must be updated by the patron or a staff member. |
| • | LOCKED means the PIN is not valid for patron log in; PIN must be updated by staff. |
| • | WARNING means the PIN is about to expire, based upon the "Number of days before PIN expires to warn user" value in the associated User PIN Policy. |
Note: A system administrator can manually set the status of a user's PIN using API, which will trump that user's PIN expiration date.
This field may contain a Web authentication key from the centralized authentication server. This ID works behind the scenes to verify that the user is authorized to use library services.
The purpose of the Web Auth ID field is to allow user authentication to Lightweight Directory Access Protocol (LDAP) compliant servers. User records containing data in the Web Auth ID field can be authenticated against a LDAP server.
It is possible to configure the User Search helper to allow searching by the Web Auth ID field. See the User Search Fields global configuration policy for more information.
Note: If you are interested in using the LDAP User Authentication feature contact your SirsiDynix Client Sales consultant for pricing and scheduling information.