Administration and User Management

Virgo makes it easy for a user with the Administrator or User Manager role to specify an organization's jurisdictions, manage users and passwords, and track user activity through a security log.

You will learn how to access your industry and jurisdiction coverage, manage different features within the user management system, and review login activity captured by the security log.

Length: 3 minutes.

Company Information, Industries, and Jurisdictions are grouped under the Admin tab.

All company information is listed under the Company tab. Virgo records your basic company information including Industries and Jurisdictions that are relevant to your business. For example, you can specify your organization's jurisdictions that will display to users on the Citations by Jurisdiction section of the Dashboard.

TIP: Click Edit to review your Industries and Jurisdictions.

To view an example of the Company tab, hover your mouse over the image.

Virgo makes it simple to update Industries and Jurisdictions.

  • Select the Industry Groups applicable to your business.

To view an example of Industry Groups, hover your mouse over the image.

  1. Click View as map to review where your citations are covered.

To view a map of Jurisdictions, hover your mouse over the image.

  1. Click View as list to review where your citations are covered.
  2. Select the countries, states or provinces you would like to add (sorted in alphabetical order by country).

To view a list of Jurisdictions, hover your mouse over the image.

The Users tab displays the Virgo users in your organization. You can manage Virgo users, their roles, passwords, and other settings and information.

  1. Click the Admin link.
  2. Click the Users tab.
  3. View user details by selecting the appropriate user from the list and then double-clicking or click the View Detail button at the bottom of the screen.

To view an example of the Users tab, hover your mouse over the image.

  1. Click on any field in the user screen to edit the value of the field.
  2. To set a new password, click on the masked Password field.
  3. Select a user Role. Roles control access to various features.
  4. If your Virgo subscription includes the Security Groups feature, specify a user Security Group.
  5. Federation ID can be used with Single Sign On if your user identifier is different than your user name or email address.
  6. Users cannot be deleted, but they can be marked Inactive, which removes all access to the system.
  7. In the Email field, you may specify an email address that is different from the user name. This is useful if the user name is generic, as may be the case with a service account, but password reset emails and other system notifications should go to a monitored email address.
  8. In Export Encoding specify the character encoding for .CSV export reports.
  9. In Export Delimiter specify the delimiter type for .CSV export reports.
  10. In Export Timezone specify the timezone for .CSV export reports.
  11. Once you have changed a field, click Save or Cancel to the right of the field.
  12. Click Reset Password to trigger a reset email to the user. The email will be sent to the address in the Email field, not the User Name field.

To view an example of how to Reset Password, hover your mouse over the image.

  1. Add a user by navigating to the Users tab and clicking New at the bottom of the screen.

TIP: All users, active and inactive, are listed on the Users tab.

To view an example of how to create a new user, hover your mouse over the image.

NOTE: The New User screen requires that you enter the user’s First Name, Last Name, User Name, Role, and Password.

  1. User Name must be in the form of an email address. Once you create the new user, you may optionally enter a different email address for system notification purposes.
  2. In the Generate Password field, select Yes if you would like Virgo to automatically generate a password.
  3. Select a user Role. Roles control access to various features.
  4. If your Virgo subscription includes the Security Groups feature, specify a user Security Group.
  5. Federation ID can be used with Single Sign On if the user identifier is different than the user name or email address.
  6. OPTIONAL: Enter the Contact Information fields.
  7. In Export Encoding specify the character encoding for .CSV export reports.
  8. In Export Delimiter specify the delimiter type for .CSV export reports.
  9. In Export Timezone specify the timezone for .CSV export reports.
  10. When finished, click the Save button.

To view an example of the new user detail screen, hover your mouse over the image.

Once the user has been created, you may either distribute the password to your new user or you can require your user to create a new password by triggering a password reset.

Virgo uses role-based security to control access to various features. A user's role determines their access to features in Virgo. For example, a user with read access cannot change information. But a user with the Records Manager role has full control of Record Series and Content Types.

The table below describes each role and level of access to various Virgo features.

Role Name Description Record Series Tab Citations Tab Content Types Tab Repositories Tab Private CommentsClosed Non-searchable conversation between Virgo users to discuss retention period recommendations, citation applicability, and approvals of retention schedules as published. This section displays on the following details pages: Record Series, Citations, Content Types, and Repositories. Setup Tab Admin Tab Employee Portal Configuration
Administrator Virgo admin with full control of all tabs except the Citations tab. Full control of Admin subtabs including those related to user management. Access to Employee Portal Admin View and the Configure button for views. Also has read-only access to the Record Schedule and Content Types views in the Portal. Full Control Read Full Control Full Control Create Full Control of all subtabs Full Control of all subtabs Full Control
Collaborator Virgo user with read-only access but can add private comments. Read Read Read Read Create Read None None
Content Manager Virgo user with full control of Content Types and Repositories tabs. Also has full control of some Setup subtabs related to content management. Read Read Full Control Full Control Read Full Control of Departments, Owners, and Processes subtabs None None
IG Manager Information Governance manager with full control of all tabs except the Citations tab and the Admin tab. Also has full control of some Setup subtabs related to IG. Full Control Read Full Control Full Control Create Full Control of Departments, Owners, Processes, Criticality, Privacy, Security, and Volume subtabs None None
Legal Reviewer Virgo user with read-only access to all tabs and full control of the Citations tab. Read Full Control Read Read Create Read None None
Portal Administrator Virgo Employee Portal admin with access to Admin View and the Configure button for views. Also has read-only access to the Record Schedule and Content Types views in the Portal. None None None None None None None Full Control
Portal User Virgo Employee Portal user with read-only access to the Record Schedule and Content Types views in the Portal. None None None None None None None None
Portal User Plus Virgo Employee Portal user with read-only access to the Record Schedule and Content Types views in the Portal. Also has read-only access to Record Series and Repositories fields (if enabled) for Content Types views. None None None None None None None None
Read Only Virgo user with read-only access to all tabs except the Admin tab. Read Read Read Read None Read None None
Records Manager Virgo user with full control of the Record Series and Content Types tabs. Also has full control of some Setup subtabs related to records management. Full Control Read Full Control Read Create Full Control of Functions, Entities, Departments, Owners, and Trigger Events subtabs None None
Records Manager Assistant Virgo user with full control of the Record Series and Content Types tabs. Full Control Read Full Control Read Create Read None None
User Manager Virgo user with full control of some Admin subtabs related to user management. No access to information in Virgo. None None None None None None Full Control of Company, Users, Login Policy, Identity Providers, Security Log, and Security Groups subtabs None

Complex passwords are required. Passwords must include:

  • 8 to 25 characters
  • 1 uppercase letter
  • 1 lowercase letter
  • 1 number
  • 1 special character such as !, @, #, $, %, etc.

Administrators and User Managers can trigger a password reset for a user or a user can request a reset using the Forgot my password feature.

To specify a new password for a user

  1. Select and view the user.
  2. Click on masked password field.
  3. Enter a new password and then confirm the new password.
  4. Click Save next to the password field.

To trigger a password reset for a user

  1. Select and view the user.
  2. Click on the Reset Password button and confirm the operation at the prompt.
  3. Virgo will send a password reset email to the user who must then follow the link and set a new password.

User accounts are locked out after 10 failed login attempts. The user will be unlocked automatically after 15 minutes of inactivity, or an administrator can unlock the user at any time.

Both lockout parameters can be configured or disabled.

  1. Select the user and view details.
  2. Click the Unlock User button.

To view an example of the Users tab, hover your mouse over the image.

Administrators can't delete a user's account but they can deactivate a user's account. This preserves the Audit Trail within Virgo.

  1. View the user record.
  2. Click on the value of the Inactive field to edit.
  3. Set the value of Inactive to Yes.
  4. Click Save. The user no longer has access to Virgo.

To view an example of the Users tab, hover your mouse over the image.

You can manage user login policies, including the minimum password length. The table below describes the fields on the Login Policy tab.

Field Description

Session Inactivity Timeout (minutes)

The number of minutes Virgo can be inactive before a session will time out.

Minimum Password Length

The minimum length of a Virgo password.

Failed Login Attempts Before User Lockout

The number of times a user can try to log into Virgo before they are locked out.

User Lockout Reset Waiting Period (minutes)

The number of minutes before a locked out user can try to log back into Virgo.

Authentication Domain Name

A unique string to identify your Virgo instance for the purpose of providing SSO login options. This value is used in the Login URL field.

Login URL

The URL to the Virgo login screen. Click the paperclip to open the Virgo login screen.

Disable Standard Login (Require SSO)

By default, users are permitted to use the standard login or SSO. To prevent the use of standard login, set this value to either Non-Administrators or All Users. If you opt for All Users, please be certain that your SSO configuration is working correctly before enabling this restriction.

Allow URL Token Login

If set to Yes, an Employee Portal User or Employee Portal User+ can log into the Virgo Employee Portal via a token.

SharePoint Tenant Id(s)

This field supports the Virgo Employee Portal SSO for SharePoint feature. Enter the Microsoft 365 Tenant ID. To enter multiple Microsoft Tenant IDs, separate the IDs with commas.

Virgo Identifier Field

This optional field supports the Virgo Employee Portal SSO for SharePoint feature. To log Virgo users into the Virgo Employee Portal, enter the Virgo user information to match in Microsoft 365. For example, Username.

Employee Portal User Mapping

This optional field supports the Virgo Employee Portal SSO for SharePoint feature. To allow non-Virgo users to access the Virgo Employee Portal, enter the user name of a Virgo Employee Portal User or Employee Portal User Plus.

You can manage identity providers. For example, you can configure Virgo to support Single Sign On, also known as SSO.

In a SAML relationship there is an identity provider and a service provider. Virgo is the service provider. The identify provider could be Active Directory (ADFS), Azure AD, or another service. The identify provider includes a list of users and you set up a trust relationship between the identity provider and the service provider.

The table below describes the fields on the Identity Providers Details page and when you create or edit an identity provider.

Field Description

Name

The name that displays in Virgo or on the Virgo login page.

Type

Only SAML 2.0.

SSO URL

The SSO service URL from an identity provider, typically provided in an XML metadata file.

Entity ID

The entity ID from an identity provider, typically provided in an XML metadata file.

IdP Certificate

The signing certificate from a customer's identity provider, typically provided in an XML metadata file.

Must be in SAML 2.0 PEM encoded format with headers generated from a tool like SAML Developer Tools.

Authentication Request Binding

The setting for the SSO URL from the XML metadata file.

Authentication Context

A hint to identify provider for the kind of authentication. Unspecified means to use whatever kind of authentication the identity provider wants to use (default). If ADFS, select Disabled.

Identifier Format

The default is emailAddress.

Virgo Identifier Field

The field in the user information in Virgo to match. For example, Username.

Signature Algorithm

The signature algorithm from the identity provider, typically provided in an XML metadata file.

Employee Portal User Mapping

Select a Virgo Employee Portal User or Employee Portal User+ to allow access to Virgo.

Show on Login Page

Select Yes to display this identity provider on the Virgo login page.

Inactive

Select Yes to disable the identity provider.

Logout Redirect URL

When a user logs out of Virgo, this page displays instead of the Virgo login screen.

Virgo SSO

This section displays Virgo's service provider information.

Click the paperclip to download XML metadata files and then import into an identity provider.

Employee Portal SSO

This section displays the Virgo Employee Portal service provider information.

Click the paperclip to download XML metadata files and then import into an identity provider.

If the Partners feature is enabled, you can view partners who have access to your Virgo site. For example, the Access Support team is a partner. This feature also supports internal and external partnerships between Virgo customers.

To add a partner, contact Support.

NOTE: A partner user has the same user role and permissions on your Virgo site as they have on their site. For example, if a partner user has administrator access on their Virgo site, they will also have administrator access on your site. If they have read-only access on their Virgo site, they will only have read-only access on your site.

  1. Click the Admin link.
  2. Click the Partners tab.
  3. Select the partner and click View Detail.
  4. Specify the Expiration Date, which controls the partner's access to your site. Leave blank to allow indefinite access.
  5. Click Save.

TIP: You can view partner activity on the Security Log tab. The Event Type will display Partner Authentication, indicating that a partner signed into or out of your Virgo site.

If your Virgo subscription includes the Security Groups feature, users with the Administrator or User Manager role can create security groups for Virgo users. Security groups restrict users' ability to edit record series. For example, you can create a security group that ensures only users in the Switzerland Finance group can edit a Swiss financial record series.

NOTE: Currently, Security Groups apply only to the Record Series tab.

  1. On the Security Group tab click New.

  2. Enter a unique Name for the security group.

  3. Enter a Description for the security group.

  4. The optional SSO Designation field will support a future feature that will let users in the security group log into Virgo via their Single Sign-On (SSO) provider.

  5. Enter JurisdictionsClosed An association, country, district, province, region, state, or territory. For example, the Jurisdiction of a California records keeping law could be North America, United States, and California. This field can display on the following Virgo pages: Record Series, Citations, and Repositories. This field also displays if you click View Detail or create or copy a record series or repository..

  6. Enter EntitiesClosed Parent or subsidiary organizations related by ownership structure. This field can display on the following Virgo pages: Record Series and Content Types. This field also displays if you click View Detail or create or copy a record series..

  7. Enter FunctionsClosed A set of related processes or activities conducted by multiple corporate departments or employees. For example, Purchasing is a function related to activities conducted by most departments. This field can display on the Record Series page. This field also displays if you click View Detail or create or copy a record series..

  8. Click Save. You can now assign the security group to users.

The Integrations tab is used to manage connectors between your Virgo environment and OpenText. On the Integrations tab you can view, create, or delete integration services.

To enable the OpenText Connector for your organization, please contact Support.

You can track user activity through the security log. The security log also contains login activity, user changes, and data exports. You can also generate a report of the grid to track changes a user has made in Virgo.

  1. Click Edit Columns to customize the fields.

  2. All lists are exportable into an Excel or CSV file.

To view an example of the Security Log tab, hover your mouse over the image.