There are two ways to set up how users log on to CMSi. You can use the CMSi user name and password in the standard way or you can use your Windows Identity if there is an available Active Directory. The latter route is the preferred route as it makes logging on faster and simpler for users - they don't have to remember their CMSi user name and password and enter these - they just click the CMSi icon and CMSi opens. 

To use the Windows Identity log in method, you need to edit a line in the cmsi-mdi.exe.config file in the main CMSi folder. Look in the section <CMSI_MDI.My.MySettings> and for the following key setting it to true. 

      <setting name="UseWindowsIdentity" serializeAs="String">
        <value>True</value>
      </setting>
 

Your CMSi users still need to be in the CMSi user table but the key thing is that the UserName field must be the same as the Windows log on name. The CMSi logon will then match the Windows user logging on with the CMSi user and load their settings. The password will not be used therefore the Reset Password button could be hidden. 

CMSi User Password Management

If you are using the default CMSi user name and password log in method, administrators will need to manage the password style and reset passwords from time to time if users forget their password. 

Resetting Passwords

This is very simple as their is a Reset Password button on the top of the user form. An administrator can click this and that user's password will be reset to the same as their user name. If you tick the option that they must reset the password, they will be prompted to do so when next logging on.

Making users inactive

If, on the user form, you untick the Active checkbox, that CMSi user will no longer be able to log on. 

Controlling password length and characters that can be used

In the System Settings form, you can control permissable password length and what characters can be used. Here, there is a setting called PasswordValidationRegex. You will see it is in the format of

[0-9a-zA-Z]{4,}

What this means is that any character that is a number 0 - 9, any lower case letter that is a to z or Upper case letter A to Z are allowed in the password - nothing else. The second part of the regex says the password must be a minimum of 4 characters. 

Hence you can control what is allowed. It is easy to change the minimum or maximum number of characters but you can also add various symbols into the allowed list. Hence if your regex reads:

[0-9a-zA-Z.]{4,}

you will see that a full stop symbol has been added into the list of allowed characters.