MODSYSCF - CUSTOMS OFFICE CONFIGURATION Ó UNCTAD - SITE (V1.15) 9.12 User Management Using this option, you can set up the users and passwords for the people who will use the system. They are first assigned to an office and then assigned to one of the groups that you have set up under ‘Security’, ‘Group profile management’. When the Group Profiles option is selected, the system asks the user to log onto the server, as this is where the user management files are maintained. The screen following successful login displays in table form the office, users, their passwords and the user group to which they are assigned. The default ASY users supplied with the system are not allocated to any group and  therefore  can  access  any  option.  It  is  impossible  to  set  up  such  Super Users through the interface, as the ‘Group’ field in the user record is mandatory. It is strongly recommended that the default ASY user logins be deleted from the system  after  the  initial  development  and  training  stage.  The  ASY  user  logins should not be on a production system. In  assigning  login  names  to  users,  the  ASYCUDA++  security  manager  must  enter  an  interim password. This password appears in the field on screen as a series of  ****. By accepting ‘OK’ the User access details are saved to the server. (In this case it is written directly to the Server files and Configuration transfer is not required.) User Password Controls The ASYCUDA++ security manager initially inputs user login names and passwords. However it is not   desirable   that   anyone   other   the   user   knows   the   password.   It   is   recommended   that   local administrative policy require that users change their passwords to ones only known to themselves. The ASYCUDA++ user modules all have the option for users to change their passwords to one of their own choosing under option  ‘Functions’, ‘Server’, ‘Change password’. If users forget their password, the ASYCUDA++ security manager can reset (re-enter) a password in the User management screen. Again, the user should be encouraged to change this password as soon as possible. Audit File Browser This option enables your technicians to obtain information about user connections including file transfers. The option requires ‘Login’ for a server connection. For  full  details  of  the  use  of  the  Audit  File  Browser  see  the  relevant  Technical Documentation.   See   also   the    'Status'   function   in    MODCBR   ‘Functions’, ‘Declarations’, ‘Local Menu’.   See  Section  3  of  this  Reference  Document  for more information.