Administration and control of 1C 8.3 users is an integral part of the implementation and support of any software product firm 1C. In fact, this is a simple task, and, I am sure, any person can easily cope with it. Consider the process of administering 1C users in more detail.
User management in 1C is a fairly simple and intuitive process, but it still needs a description.
Conditionally administration and control includes:
- user creation;
- setting user rights;
- view active users;
- analysis of user actions.
Let's consider each of these points in more detail:
Creation and installation of user rights 1C 8.2
Depending on the configuration, users are entered either in the configurator or in user mode. Almost all modern configurations support user input in 1C: Enterprise 8 mode. Also in 1C: Enterprise mode, as a rule, you enter Extra options users.
However, regardless of the configuration, the first user with administrative rights is always entered in configurator mode. Therefore, we will consider both modes of user input.
Entering users in the Configurator
To enter the 1C Configurator mode, select the Configurator option in the database selection list:
After logging in, select Administration - Users from the menu. A list of users will open, if you start the first user, it will be empty. Let's add a new user "Administrator":
On this page you must specify the user settings:
- Name and Full name— username.
- If the flag is set Authentication 1C: Enterprises, then the items will become available Password(password that is used to enter 1C), The user is not allowed to change the password(makes available the ability to change the password by the user in user mode), Show in selection list(makes available the selection of a user in the list, otherwise the username must be entered manually).
- Authentication operating system — flag responsible for the possibility of authorization using the username of the operating system. User- Username information system(for example, \\dom\kirill, where dom is the network domain and kirill is the OS username). 1C at startup first checks authorization through the OS, and then authorization 1C 8.2.
- Open ID authentication- enabling authorization using OpenID technology . Open ID is an open decentralized system that allows the user to use a single account for authentication on a variety of unrelated sites, portals, blogs and forums.
Get 267 1C video lessons for free:
On the tab Other you need to specify the appropriate roles for the user (). In our case, we will specify for the administrator Full rights. For other users, the required roles can be flagged here. User rights are summarized from the available objects of different roles. Those. if the user has two roles selected, one has access to the "Nomenclature" directory, and the second role does not, access will be. For any user without "Full rights" the user role must be set(if present).
Also on this tab you can specify Main interface(only works for regular forms). Default language— if the configuration is developed in several languages. Start mode- managed or regular application.
Creating a user in 1C Accounting 2.0
After a user with full rights is registered in the system, users can be entered in 1C: Enterprise mode. For example, let's create a user in the most common configuration - Enterprise Accounting 8.2.
To do this, select the menu item Service - User and Access Management. The "Users" directory will open. Create a new user:
Enter information about the user and its main ones, click the "OK" button: the system will offer to automatically create a database user:
You must agree, the form of the new database user will be displayed:
That's all! The creation of the user and the assignment of rights to him is completed.
Viewing active users in the 1C database
To view users working in the database in 1C: Enterprise mode, select the item Service - Active Users. A list of users working in the database will open:
How to disable users in 1C 8.3 and 8.2
There are two ways to disable an active user in the 1C database:
- in the program interface (for configurations 1C Accounting 3.0, Trade Management 11, etc.);
- via the server cluster console (only available in client-server mode).
From the interface
In user mode, you can kick out a hung user by going to the "Administration" - "Support and maintenance" menu, then selecting the "Active users" item:
Select the desired user from the list and click the "Finish" button.
From the cluster console
If you have access to the administrative panel of the 1C server, you can end the session using it. We go to the console, find the hung user in the "Sessions" menu, call context menu and click "Delete":
User control 1C 8.3
To view the user's work history, go to the menu item Service - :
At backup infobases, the work of users with the infobase should be terminated.
"Shut down 1C:Enterprise users"
Set the flag if it is necessary to terminate users' work with the database before archiving.
Possible options for shutting down users:
- "End sessions on 1C:Enterprise server"
An option to disconnect users by forcibly disconnecting sessions on the 1C:Enterprise server. Available only for 1C:Enterprise client/server databases.
Important: do not confuse this user with a 1C:Enterprise base user and a "central server administrator" user.
In the 1C:Enterprise server console, cluster administrators are located in the following path: "Console Root" - "1C:Enterprise 8.3 Central Servers" - "(*)computer name" - "Clusters" - "Local Cluster" - "Administrators".
"Cluster administrator name:"
The username is "cluster administrator".
"Cluster administrator password:"
The password for the user is "cluster administrator".
"A non-standard server agent port is being used"
Set this flag if the connection port to the Server Agent is different from the standard one.
"Port:"
Port for connecting to the 1C:Enterprise server agent. The default is 1540.
To determine the port of the server agent, go to Server 1C by clicking right click click on the computer name from the drop-down menu, select "Properties" - "Parameters of the central server 1C: Enterprise" - "IP port:".
- "Invoke regular shutdown of users"
Option to disable users by calling the built-in user shutdown mechanism in typical configurations. This mechanism is based on using the "Blocking the establishment of connections to the infobase" procedure.
The execution algorithm is as follows:
- Trigger user shutdown.
- Starting a task execution (archiving, testing and fixing, etc.).
- Launching user permissions.
"Moment:"
The moment when users exited.
- "Shut down before running task". Before each task execution, a user shutdown procedure will be run.
- "Quit only if you need to update the configuration". If the task is configured to perform an exchange for an edge base and a modified configuration is received from the central node, the user shutdown procedure will start. In other cases, the completion mechanism will not work.
1. Disable users in file version 1C 8.
To disable users in the file version I created a *.bat file with one line
net session /delete /y
It disables all open shared files on the computer on which the base is located.
Next, I created a task (Windows Task Scheduler) that would run this file at the appointed time.
You ask, what about those sessions that are open on the computer, I also eliminated them by creating a new * .bat file with the line
taskkill /IM 1cv8.exe /f
True, it disables all running 1C on the current computer, but for me it was not so scary since the archiving was carried out at night and no one was working in the database, this batch file can also be added to the Windows Scheduler.
2. Disabling users in the client-server database.
As well as in case of file base I used *.bat files.
Created two *. bat file, the first one turns off the 1C enterprise server, the second turns it on very simply.
net stop "1C:Enterprise 8.2 Server Agent"
net start "1C:Enterprise 8.2 Server Agent"
Added two new tasks to windows scheduler, with a time difference of 15 minutes so that all hung users can disconnect, these actions are similar to Starting the 1C Enterprise server and Stopping the 1C Enterprise server
3. Programmatic way disconnecting users in 1C
The task was to perform archiving every day at 22:30.
In this way, I did not bother, I created a new role "Don't Close 1C".
Created new procedure in a normal application module:
Procedure ShutdownUsers() Export If NOT RoleAvailable("Don'tClose1S") Then If Hour(mop_PerformingOperationsOnServer.CurrentDateOnServer()) >= 22 Then // get time on server TerminateSystem(False); EndIf; EndIf; EndProcedure
If NOT RoleAvailable("Don't Close1S") Then If Hour(mop_PerformingOperationsOnServer.CurrentDateOnServer()) >= 22 Then // get time on server TerminateSystem(False); EndIf; EndIf;
ConnectWaitingHandler("ShutdownUsers", "600");
Function The current date on the server looks like this:
Function CurrentDateOnServer() Export
Return CurrentDate();
EndFunctions
Thus, we get the date on the server, if the "Server" checkbox is set in the properties of the general module, I only checked it.
It turns out that the current code cuts off users for two hours, but usually after midnight no one enters the database.
If this article helped someone I will be very glad.
- Vasya, from today you are the one who turns on the users!
— But I'm a programmer, not a system administrator?!
- System administrators do not know 1C, so you will start the users!
— Aaaaa!!!
A programmer is a person who writes programs for a computer. However, managing the list of users in 1C is usually entrusted to someone who is associated with 1C, namely, a 1C programmer.
In principle, some programmers do not mind, since this gives them some "privileges" in their hands.
Nevertheless, the list of users in 1C differs little from the lists of users in other programs. Therefore, getting a new user or deactivating an existing one is as easy as shelling pears.
1C users
So, 1C has its own list of users. With it, access to the 1C database is regulated. When entering the database, 1C will ask you to select a user from this list and enter a password.
There are options in which 1C does not ask for a username to log in. However, that doesn't mean anything at all. It's just that in this case the user from the list is mapped to a Windows/domain user and is determined automatically. How
The only option when 1C does not really prompt the user is when creating a new (empty) database. In this case, the list of 1C users is empty. Until the first user is added, 1C will log in automatically. A similar system is used in Windows when there is a single user without a password.
1C users differ from each other:
- Access rights
- Interface (presence in the menu of items).
There is no "superuser" or "administrators group" as such. An administrator is a user who has all the rights in the configuration and administration rights enabled. In an empty database (when the list of users is still empty), this user should be added first.
Two lists of 1C users
In fact, in 1C there are two lists of users. One of them (the list of 1C users) is “real” from the point of view of the programmer. It's in the config. It is for him that 1C determines the user.
This is the approach of old typical configurations (for example, trade management 10, accounting 1.6, etc.) - users are edited in this list, and they automatically enter the user directory upon first login.
The second one (users of version 1C 8.2, “not real”) is the users directory (and the external users directory, as in ut 11). There was a directory before, but the approach of the new typical configurations is that users start up in it, and automatically get into the “real” list.
The main problem with this approach is that those who do not like to work this way and want to do it the old way cannot do it, because certain fields are filled in at the establishment, and if you start the user with pens in the list, they will no longer be picked up in the directory automatically.
How to add a user to the list of 1C users
So, the list of 1C users is in the configurator. and open the Administration/Users menu.
To add a user, you must press the add button (or Ins from the keyboard). If the list is currently empty, then the first user must have administrative rights (see below).
- Name - username (which he will choose when entering 1C)
- Full name - reference full name, does not appear anywhere
- Password
- Show in selection list
o if the checkbox is checked, then the user will be in the selection list when entering 1C
o if the checkbox is not checked, then the user will not be in the selection list (that is, you cannot select), but you can enter his name from the keyboard and log in - Operating system authentication - can be associated with a Windows / domain user and this user will not need to enter a password (it will log in automatically).
On the Other tab, you can select rights and basic user settings.
- Main interface - the menu that will be available to the user (only used in the thick client)
- Russian language
- [Basic] Startup mode - thick or thin client, using this parameter you can enter the thin client configuration - thick and vice versa
- Available roles (user rights).
User rights in configurations are usually divided into blocks (“roles”). In the approach of the old configurations, they were broken down by user positions (cashier, manager, etc.). This approach has a minus - since in different organizations the cashier and the manager may have different functions.
Therefore, in the approach of new configurations, they are broken down by actions (access to burying the month, access to cash transactions). That is, a set of operations is set for each user.
In both cases, there are basic rights to access the entrance to the program. In the old approach, this is:
- User
- FullPermissions (for administrator).
In the new approach, this is:
- BasicRights
- BasicRightUT
- LaunchThinClient - plus LaunchXxxxClient to launch others
- SubsystemХхх - checkbox for each subsystem (tab in the interface) that the user needs
- FullPermissions (for administrator, not Administration!).
PS. For external users, basic rights are not needed.
How to add a 1C user - 1C 8.2 users
The list of 1C 8.2 users in the new version is located in 1C (in 1C Enterprise mode), in the Users and External Users directories (only if the configuration supports). The difference is that you must create users not in the configurator, but in this directory, and they will automatically enter the configurator.
If you are using a thin client, then see the Administration tab on the desktop. Otherwise, open the Users directory, for example, through the Operations menu.
Click the Add button (or Ins from the keyboard). To be able to manage the list of users, you must have FullPermissions enabled.
Unlike the first approach, here you do not directly specify each right (role) to the user, but specify groups of rights (user groups).
The User Groups directory contains a profile that defines a set of rights (roles). In the User Group Profiles directory, you can change or add such sets of rights (roles).
User settings 1C
In some configurations (especially in the old approach configurations) it is not enough to create a user. Additionally, you need:
- Login as a user for the first time
- After that, find the user in the user directory
- In the form of a directory, press (options "or")
o Go Menu/User Settings
o Additional information/User settings menu and Additional user rights
o In some configurations, this is a plate directly on the user form
o In some configurations, the global menu of the program Tools/User settings - Configure advanced settings/user rights that define autocomplete fields and some accesses.
How to disable a 1C user
[Temporary] disconnection of the user in most configurations is not provided. Here are the variations that can be used to achieve this result.
Configurations of the old approach (via the configurator):
- Delete user
- Change password
- Remove the User role (cannot login).
New Approach Configurations (via Enterprise):
- Uncheck Access to info. database allowed
- Change password
- Exclude from all access groups.
Active users 1C
1C allows you to find out the list of users who are currently in the database.
To do this, in the Enterprise mode, select the menu Tools / Active users (thick client, administrative interface). AT thin client– Administration tab, active users on the left (may be in See also).
In the Configurator mode, select the Administration/Active Users menu.
Disabling 1C users
As you know, in order to update the database (configuration), it is necessary that all users exit 1C (not in all cases, but often required).
Users do not like to go out (this is a fact). And if you ask them by phone, they will definitely enter again in 30 seconds. When there are 200 users, it becomes a very fun event.
Therefore, there are three ways to disconnect users from 1C:
Hello Dmitry! Please teach me how to expel users forcibly from the database in order to update the configuration. Thanks in advance.
From user: Svetlana Nikolaevna
Hello, Svetlana Nikolaevna!
In order to expel users from the database, you need to have administrator rights.
We go to the section Administration, Support and maintenance:
Choose Blocking user work:
You can view the list of active users from the form by clicking the button.
We fill in the message that users will see on their screens, set the blocking interval (if you do not know the end time, leave the field blank). Install also unlock code, because blocking will also affect your active session, for example, set 1234 .
Click Set lock. A warning message will appear:
We agree. Now the form says in red that the blocking will begin soon.
For active users at this time, the following window appears:
Closer to the beginning of the blocking, it starts to appear every minute:
The user needs to complete his work in the program and exit. If it does not exit on its own, the program will close automatically. When trying to login to the database, the user will receive the following warning:
The user who set the block also receives a message:
Let's get out of the base.
Because the lock applies to all sessions of all users, we will need to set the launch parameter (this is where we need Unlock code):
On the second tab, we write the database launch parameter (where 1234 is our code):
We click ready. Now we can enter both the configurator and the user mode.
To unlock the base, you need to return to the lock form and click Remove lock.
If a blocking end date has been set, then the blocking will end automatically when it occurs.