Skip to main content

Users And Authentication

Users & Authentication

The Users and Authentication section manages who can access ArkBox and what they are allowed to do.

Pages In This Section

PagePurpose
UsersManage individual user accounts.
GroupsOrganize users into collections.
RolesDefine permission sets.
LDAPConnect ArkBox to an external directory service.

Users

Users

The Users page lists all user accounts in ArkBox.

The table can show username, full name, email address, mobile number, account type, and account status.

Administrators can search users, create users, edit user details, manage user status, delete users when appropriate, export CSV data, refresh the table, and perform actions on multiple selected users.

Create A User

  1. Open Admin.
  2. Open Users and Authentication.
  3. Select Users.
  4. Select Create User.
  5. Enter the required user details.
  6. Assign the correct role or group if the form requires it.
    • The Arkbox Users group is assigned by default for all new users.
    • Additional groups can be selected if required.
    • Selecting a group automatically applies its predefined roles.
  7. Save the user.
  8. Confirm the user appears in the table.

Edit A User

Administrators can update existing user information.

When editing a user, administrators can:

  • Update user details.
  • Change group assignments.
  • Activate or deactivate the user.
  • Set a new password if required.

Changes are applied after saving the user.

User Status

Users can have either of the following statuses:

  • Active
  • Inactive

Administrators can activate or deactivate users from the Users page.

Selecting Multiple Users

Use the checkboxes beside user records to select one or more users.

After selecting users, available actions may include:

  • Activate
  • Deactivate
  • Delete
  • Cancel selection

Available actions depend on the selected users.

Note: If LDAP users are included in the selection, deletion may be unavailable until the LDAP users are removed from the selection.

Groups

Groups organise users into logical collections so access can be managed more easily. Use groups for departments, project teams, role-based work groups, or LDAP-synced collections.

FieldMeaning
Group NameThe name of the group.
UsersNumber of users in the group.
RolesRoles assigned to the group.
PermissionsPermission count available through the group roles.
DescriptionNotes about the group's purpose.
SystemIndicates whether the group is system-generated.

Create A Group

  1. Open Groups.
  2. Select Add Group.
  3. Enter a clear group name.
  4. Add a description when helpful.
  5. Assign users and roles if available.
    • At least one role must be selected before the group can be created.
    • Users can be assigned to the group during creation.
  6. Save the group.

Edit A Group

Existing groups can be updated to manage user membership and role assignments.

  1. Open Groups.
  2. Select the group to manage.
  3. Update the required information.
  4. Save the changes.

Note: For system-generated groups, only the user list can be modified. Other group information is read-only. For non-system-generated groups, the group name cannot be changed after creation. Other available group settings can be updated.

Roles

Roles

Roles define what actions users can perform. Examples include Admin, Viewer, Project Manager, Project Officer, and HR Manager.

Administrators can create roles, assign permissions, review role usage, and manage user-created roles. System-generated roles are available for reference but cannot be modified or deleted.

FieldMeaning
Role NameName of the role.
DescriptionBrief explanation of the role's purpose.
PermissionsNumber of permissions assigned to the role.
UsersNumber of users currently assigned to the role.
SystemIndicates whether the role is system-generated.

Create A Role

  1. Open Roles.
  2. Select Add Role.
  3. Enter the role name.
  4. Add a description if needed.
  5. Select the permissions that match the user's responsibilities.
    • At least one permission must be selected before the role can be created.
  6. Save the role.
  7. Assign the role to users or groups.

Edit A Role

  1. Open Roles.
  2. Select the edit option for the role.
  3. Update the required information or permissions.
  4. Save the changes.

Note: System-generated roles are read-only and cannot be modified.

Delete A Role

  1. Open Roles.
  2. Select the delete option for the role.
  3. Confirm the deletion.

Note: Only user-created roles can be edited or deleted.

LDAP

LDAP connects ArkBox to an external directory service for centralized authentication.

FieldPurpose
Enable LDAP IntegrationTurns LDAP authentication on or off.
Domain NameDirectory domain used for authentication.
Server FQDN / IPLDAP server hostname or IP address.
ModeConnection mode used by the server (LDAP or LDAPS).
Detected PortPort used for the LDAP connection.
Base DNDirectory search base used to locate users and groups.
Bind DNAccount used to connect and query the directory.
PasswordPassword for the Bind DN account.

Configure LDAP

  1. Open LDAP.
  2. Enable LDAP integration.
  3. Enter the domain and server details.
  4. Enter the Base DN and Bind DN information.
  5. Enter the bind account password.
  6. Select Test Configuration.
  7. Verify the connection is successful.
  8. Select Save Changes.
  9. Use Fetch Users & Groups when directory users and groups need to be synchronized.

A successful configuration displays a connection success message indicating that the LDAP server and Base DN were validated successfully.

Sync Log Retention

LDAP synchronization logs can be retained and archived for a configurable period.

FieldPurpose
Retention (Days)Number of days to keep synchronization logs before compression.
Archive (Days)Number of days to keep archived log files before deletion.

To update log retention settings:

  1. Enter the retention period.
  2. Enter the archive period.
  3. Select Save Log Settings.

Good Practices

  • Create groups around teams or responsibilities, not individual exceptions.
  • Assign roles through groups where possible.
  • Keep role names simple and meaningful.
  • Disable or remove accounts when users no longer need access.
  • Test LDAP before saving changes.