When someone becomes a member of the school faculty or staff, some changes must be made to convert a "non-staff account" to a "staff account". Follow these steps below to change a non-staff account to a staff account:
- Navigate to the System homepage and open the Find User Accounts query. Search for the person (remember, last name then first name!) and then run the query.
- Click the Security Admin link in the Security Admin column next to the person you are converting to open their person account record.
- Click on the Action menu and run the "Convert Parent Account to Staff Account" procedure.
- At this point, the account is set up be be a staff account. Click on the Security Roles tab to apply the appropriate security role to this new faculty or staff member.
You may also find the following articles useful:
There will be times when you want to create a large amount of accounts for your faculty and staff. You could do this on a one-by-one basis, but we also can create these accounts for you in batch. Due to the configuration work that must be done for this process, batch creating staff/faculty accounts can only be done by Veracross.
If you want to create staff/faculty accounts in batch, you should open a ticket with Veracross support to facilitate this process. To expedite this task, you should include:
- a link to a saved query containing all people that you want to generate staff/faculty accounts for
- a date when these accounts should be created (if not ASAP)
When people designated as "Future Staff" or "Future Faculty" reach their hire date, the system does not automatically update them to "Staff" or "Faculty" — this must be done manually.
To remove a large number of user accounts at once, there is a short process you should complete. This process is built on the fact that the nightly scripts automatically remove user accounts where the person has no assigned security roles. There are several exceptions to this rule to be aware of:
- Students may lack a "Student" security role for a short time between when they are promoted from future student to student and when student user accounts are created.
- Future students and their parents are allowed to have accounts without any security roles.
- "Staff" and "Faculty" may have accounts without security roles.
- "Program Students" and "Future Program Students" may have accounts without security roles.
This method works best for users who only have one security role. It also works for users with more than one, but you will need to navigate to more than one security role to complete this process.
- Determine which security roles people have that you with to remove user accounts for.
- Navigate to the System homepage and click on the Security Roles link.
- Click on the link to the security role in question, and then click on the Members tab.
- Click the red X next to the people you wish to remove the security role from and then click Update.
- Repeat this process until these people have no security roles.
At this point, all of these users' accounts will be removed the next time the nightly scripts run.
Removing Accounts Individually
To remove a single user's account, complete the following steps:
- Navigate to the individual's person record.
- From the Action menu, run the "Remove VC User Account" procedure.
Username conventions are the format that user accounts are given for each security role. These conventions are set up using merge fields listed in this article. Depending on what role a person has at a school, you may want to set a username convention differently than other Veracross users. You can view/edit username conventions for constituents in the database from the Security Roles query on the System homepage. To change username conventions, you must have a Sys_Admin1 security role.
To change a username convention:
- Double click into the Primary Username Convention or Secondary Username Convention field.
- Primary Username Conventions are the default convention for user accounts created with each security role.
- Secondary Username Conventions are used if the primary username convention creates a username that is already in use.
- For most circumstances, you will only need to set a primary username convention. In cases where there is no secondary username convention set and a duplicate username is created, the system instead appends a number to the end of the username.
- Update the convention. Review the list of acceptable merge fields for usernames here.
- Select the Update Records button.
When an employee leaves the school, you can populate the "Date Terminated" field on the HR tab of their person record. Then, when the date arrives (you can populate a future date), the system does several things automatically, including removing the user account in the overnight scripts. This functionality does not require the Employment module.
To remove user accounts for former employees, perform the following steps:
- Navigate to the Person record of the employee who was terminated and click on the HR tab in the Employment category section.
- Populate the "Date Terminated" field with the date they were terminated.
- Click Update.
- Wait for the nightly scripts to run. When the date passes:
- the staff or faculty person role is removed
- Former Faculty/Staff person classifications are populated with a start date based on the staff or faculty member’s termination date
- the person's user account is removed
If you need to remove their user account immediately:
- Navigate to the former employee's person record.
- Open the Action menu and run the Remove VC User Account procedure.
You may also find the following articles helpful:
If a parent becomes a teacher, you need to update their user account so that they can access the faculty portal. To do this:
- Navigate to the 'Find User Accounts' query on the System homepage.
- Query the person and — in the query results — click the 'Security Admin' link.
- Run the *Convert Parent Account to Staff Account* procedure from the Action menu.
- Ensure that the person has the 'Faculty' security role on the Security Roles tab.
You should also double check their portal membership:
- Portal Admin homepage > Faculty Portal > Membership (Enabled) tab.
- If they aren't enabled, check the "Disabled" tab and flip their status to "Enabled."
- If they were automatically added as "Disabled," it means that the default membership role is disabled, which you can check on the General tab of the portal record.
Security roles are important as they determine how screens appear as well as what users have access to. A person's security role is updated on the Security Roles tab on their User Account record.
To update a person's security role, perform the following steps:
- Navigate to the "Find User Accounts" query on the Identity & Access Management homepage.
- Once you find the record you want to update, click on the Security Admin link on the query results screen, bringing you to the User Account record.
- Click on the Security Roles tab in the pane on the left.
- To add a security role, simply click on the role in the left hand column which will make it appear in the right hand column and click Update.
- To remove a security role, click on the role in the right hand column and click Update.
You may also find the following articles useful:
The 'Communications' tab on a person record is visible to anyone who has a security role that is able to view Staff or Faculty person records. The emails on the Communication tab are hidden from all but a few people, which are:
- System Administrators (those with SysAdmin security roles)
- the person themself
- someone who has access to the communications channel that the email was sent through.
Faculty members are unable to see the Communications homepage without a supplemental role such as Communications_ADMIN or Communications_Email_User.
You may also find the following articles helpful:
To quickly see if user accounts have AD/LDAP enabled:
- Navigate to "Security Roles" query on either the Identity & Access Management or System homepage.
- Check the "Password Syncing Enabled" field for the relevant security role(s).
In order for someone to be able to update a portal, the following must be true:
They must have the Portals_ADMIN security role. To add this security role to someone's user account, follow these steps:
- From the Identity & Access Management homepage, click on the Find User Accounts query link.
- Query on the person you want to add this security role for, and then click on the Security Admin link.
- Click the Security Roles tab and then click on the Portals_ADMIN option in the left column so it appears in the right column.
- Click Update.
They must have permissions on the individual portal in question. To do this, perform the following steps:
- Navigate to the Portal Admin homepage and, inside the "Find Portals" section, click into the portal you would like this user to have permissions for.
- Click on the “Admins” tab, click “Add Record” and add the individual in which you would like to have permission to edit this portal.
- Click Update.
Security roles are a fundamental part of Veracross that help determine what users can create, update, and access within Axiom. Security roles can be added and removed in batch to multiple people through the process highlighted below.
- Navigate to the Identify & Access Management homepage and click on the "Security Roles" query.
- Click into a security role record. Once in the security role detail screen, click the Members tab.
- To add a person, click Add Record and select the person, then click update. You can add multiple people before clicking update.
- To remove a person from a security role, click the red X, then click update. You can remove multiple people before clicking update.
Yes, you can create accounts for future students! To do this:
- Run the procedure "Create Future Student Accounts (no Portals access)" from the action menu on the system homepage.
Although future students will have user accounts created, they will not be given portal access until school has started and they become students.
Yes! There are three different ways to send "forgotten password" emails to individual people in Axiom.
On the Person Record (Procedure)
From the person record, click on the Action menu and run the "Send Forgot Password Email" procedure to send the system "forgotten password" email to the Email 1 associated with this user.
On the Person's Security Detail Record (Procedure)
By navigating to the person's Security Detail record through the Find User Accounts query on the System homepage, you can run the "Send Forgot Password Email" procedure to send the system "forgotten password" email to the Email 1 associated with this user.
Through the Person's Security Detail Record (Link)
You can find more information on user accounts by reading the User Account Management article in Learn Veracross.
- Navigate to the System homepage and click the "File Security" link.
- Select a file classification record and click the Security tab.
- Adjust the active security contexts by selecting them on the left.
File security configuration falls into two categories:
- Those preceded by "S:" are based on the relationship of the user to the student, i.e. student's teacher.
- Those preceded by "R:" have security based on the user's security role.
Additional classifications can be created by selecting "File Security" from the "+Add" menu on the System homepage. Read more about file security.
Usernames are determined by username conventions set for certain roles at the school. Outside of this, someone at your school may wish to change their username to something else for a number of reasons, such as an updated email address. There is no self-service feature to change your own username through portals, however, you as the school are able to change it for them, should you so choose.
If you wish to update someone's username on a one-off basis, perform the following steps:
The following security roles have access to birth date data (mm/dd/yyyy) in Axiom: Board, Development_1, Employment, Medical_1, Solicitor and SysAdmins.
Alumni accounts are used to access the alumni portal if purchased. Only people with the following security roles are able to create user accounts for alumni (or any other user):
They are created by running the “Create Alumni Accounts” procedure from the Action menu on the System homepage.
In order to assign MFA status to users, you must have User_Account_Admin or SysAdmin_1 security role access. To learn more about Multi-Factor Authentication, review this article here.
Sometimes, it can be easy to forget that "Veracross" isn't just what's known as Axiom or Portals — there are many other platforms people can use to access data throughout the Veracross system. To see what platform a user used to access this information, you cansee it on the Login History tab on a person's user account record.
To navigate to this, perform the following steps:
- Beginning on the Identity & Access Management homepage, click on the Find User Accounts query.
- Search for the person in question by applying criteria to the fields on the query design screen and running the query.
- Click on the link in the "Username" column to navigate to the user account record ond click on the Login History tab.
- The "Application" column in the embedded query displays what platform the user utilized to access Veracross.
The Find Behavior/Comments query on the School level homepages can be used to see instances of behaviors and comments that occur during classes.
Users with any Faculty security role can see and edit all behavior and comments for students that they teach. If they do not teach any students, they will need either of the following security roles to see all behaviors/comments:
- Behavior_Reader (read-only access)
- Behavior_Admin (read-write access)
Transport Layer Security — or TLS — are protocols designed to provide communications security over a computer network. TLS 1.2 is used throughout Veracross both internally and externally. Additionally, if you use a service that connects to Veracross and is retiring TLS 1.0 or 1.1, no action is required.