4.1 Searching for a person

To search for a person:

  1. Click the People category.
  2. Select the search to use from the Reports drop-down list.

    By default, only the People search is available; however, your system may have additional people searches that you use for reporting.

  3. Select where to search.

    You can search the MyID database, or an attached directory; you may have more than one directory. If your system is set up with more than one source of people information, click the tabs to select where to search.

    If you are using the Additional Identities (AID), People with Biometrics or People Without Biometrics search reports, you can search only the MyID database; you cannot search a directory.

    Your system may contain people from several sources: people who exist only in the MyID database, people who exist in both the MyID database and in a directory, where their accounts are linked, or people who exist only in a directory.

    Note: You can search a directory only if you have configured MyID to do so; you must set the Search a directory configuration option to Yes or Ask. See the LDAP page (Operation Settings) section in the Administration Guide for details.

  4. Enter some or all of the search criteria.

    Note: Search criteria are not case sensitive.

    • This field is available only when searching the MyID database.

    • Group – click the open icon to select the group to which the person belongs.

      See section 3.3.7, Selecting a group.

      If you want to view people from the groups below the selected group in the hierarchy, ensure that the Include Subgroups option is selected.

    • Logon – type the person's logon name. You can use wildcards.
    • Employee ID – type the person's employee ID. You can use wildcards.
    • Email – type the person's email address. You can use wildcards.
    • User Data Approved – select whether the person has their User Data Approved flag set.

      For more information on this option, see the Identity checks section in the Administration Guide.

    Note: The available search criteria may depend on whether you are searching the MyID database or an attached directory.

    You can also select Additional search criteria. See section 7.3.1, People report for details of which fields are available for the People search.

    Select the additional criteria to add them to the search form. Click the close x buttons on the additional criteria to remove them from the search form.

  5. Click Search.

    The list of matching results appears.

    Records are sorted in the order they appear in the MyID database; currently, you cannot change the sort order.

    If more results are available, the text (scroll for more) appears; scroll to retrieve the next page of results automatically.

    A maximum of 200 results are returned. If the number of results exceeds the limit, a + sign is appended to the number of results; for example:

    200+ results - 50 displayed (scroll for more)

    In this case, you are recommended to change your search criteria to provide a more focused set of results.

    Note: When searching LDAP, the number of results returned may be limited by the directory; the default for Active Directory is 1000 records. You are recommended to use the search criteria to limit the results returned.

  6. Click a record to display the person's details.

    Note: If the person has been added to the MyID database, the form is titled View Person. If the person is only in a directory, and has not yet been added to the MyID database, the form is titled View Person (Directory).

    You can view information on the following tabs:

    From this screen, you can:

    Note: If you are viewing your own record, you cannot edit the account, request a device, or enable/disable the account. Another operator must carry out these operations on your behalf.

You can also view a person's details from any form that contains a link to their account.

For example:

4.1.1 Viewing a person's history

The History tab displays the 1000 most recent entries relating to the person in the MyID database; it is not available for people who are only in the directory.

Note: You must have a role that has access to the View User Audit or View Full Audit feature to view this tab; see section 3.5, Roles and groups. The View User Audit feature is in the People category of the Edit Roles workflow, while the View Full Audit feature is in the Reports category, under Audit Reporting.

If you have role permissions to the View Full Audit feature, you can click on an entry in the report to display the View Audit screen. See section 15.1, Viewing audit details for more information. This also provides information, on the Attribute Changes tab, about the fields that have changed, as well as their previous and new values.

Audit entries relating to the following workflows are never displayed on the History tab, for reasons of security:

Some other entries relating to MyID Desktop workflows may not be displayed, particularly in systems upgraded from older versions of MyID, due to inconsistencies in how user information is recorded in the audit data.

There is a difference between the contents of audit entries created from operations in the MyID Operator Client and MyID Desktop: operations carried out in the MyID Operator Client produce audit entries that detail only what has been changed, while operations carried out in MyID Desktop produce audit entries that also include data that has not been changed. Note also that the history displayed in MyID Desktop displays only changes made to the person's account, while the History tab in the MyID Operator Client displays all audit entries for which the person was the target.

Note: The History tab does not currently display any archived audit entries.

You can also view the history for a device; see section 5.1.1, Viewing a device's history.

4.1.2 Wildcards

For fields where you can use wildcards, you can use the following: