Creating Customized Security Roles

If the default security roles of "Admin," "Employee" and "Supervisor" don't fit your company's needs, customized security roles can be created.

  1. From the main "Admin" tab, click on the "Roles" link located under the System Tools header.
  2. To create a new role, click on the [ADD] icon located below the Search field at the top of the screen. The "Permissions" screen opens.
  3. Enter a Name for this Security Role as you would like it to appear in the program.
  4. Put a check mark in the Require Password Change field if you would like to require the employee to change their password upon login.
  5. Put a check mark in the Observe Daylight Saving option if users will enter punches from an area that observes Daylight Saving.
  6. The Schedule Punch Lockout option allows you to restrict an employee from entering a punch into the system unless it is a scheduled punch time. If the employee attempts to punch before the "Shift Start" and "Before Start Grace," or after the "Shift End" and "After End Grace" specified on the schedule that they are assigned to, a message will appear stating that the user is not allowed to punch at this time. The allowed punch times are displayed.
    Note: In order for this feature to function properly the employee must be assigned to a schedule with a shift in the program. This feature applies only to punches entered through the Self Service module of the program. Punches entered at a physical time clock are not restricted by the rules specified here.
  7. The Lunch Punch Lockout option allows you to restrict an employee from entering a "Lunch" punch unless they have met or surpassed the lunch amount specified in the "Lunch Policy" that they are assigned to. A message will appear stating that the user is not allowed to punch at this time, and notifying them of their allowed punch time.
    Note: In order for this option to function the employee must be assigned to a Meal Policy in the program. This feature will only be activated for punches that are entered using the [LUNCH] key through the Self Service module of the program. Punches entered at a physical time clock are not restricted by the rules specified here.
  8. The Break  Punch Lockout option allows you to restrict an employee from entering a "Break" punch unless they have met or surpassed the break amount specified in the "Break Policy" that they are assigned to. A message will appear stating that the user is not allowed to punch at this time, and notifying them of their allowed punch times
    Note: In order for this option to function the employee must be assigned to a Break Policy in the program. This feature will only be activated for punches that are entered using the [BREAK] key through the Self Service module of the program. Punches entered at a physical time clock are not restricted by the rules specified here.
  9. Use the Cache Data option for internet connections up to 56k.
  10. The Time Offset field is used when you have employees logging into the TimeForce system from a different time zone. Based on this setting, the system will automatically adjust all times entered by this user using Self Service to compensate for the difference in hours between time zones. Leave this setting at "0" to disable it.
  11. If you would like to use an existing role as a template, select the desired role from the Copy Permissions From drop-down menu and click on the "Copy" link. The permissions from the selected role are populated in the screen below.
  12. The Permissions section of the screen is where you define each level of access allowed to the role. You may need to maximize the section by clicking on the icon_black_down.jpg icon located to the right of the "Permissions" heading. Put a check mark in the box next to each permission that you would like to allow users assigned to this role. Where applicable, select independent right for "Self" and "Assigned" (or, the user's own time and attendance information, and the information of the employees they are assigned to supervise in the system).
    Note: Refer to Customized User Access Rights for a breakdown of the available permissions.
  13. When the desired permissions have been specified, click on the [CREATE] icon to save the role.

Existing roles are displayed on the main "Roles" screen. The default system roles are locked, and cannot be edited. To edit a customized role, click on the link under the Name header. Click on the icon_delete.jpg icon to remove a customized role from the system.

icon_previous_topic.jpg