………..
We are sending an auto-enrollment link in the email for the safety and compliance course, and when the temporary employee clicks the link, they are being enrolled and taking a seat/license for Open Sesame.
Teri
Teri - good afternoon - the auto-enrollment link is the key issue. The link supports the self enrollment all in one step. Once a person successfully authenticates - the autoenrollment will kick in no matter what.
You can though limit this a few ways:
- Stop working with the autoenrollment links.
- Send out a link to only the page.
- Make sure that the catalog that is being used to deploy the course only grants permission to your targeted audience only.
- Make sure your menus support that as well.
Here are four options off the top of my head. You will probably want to run these solutions by your company’s security folks.
Option 1: We have situations where we have to assign a bogus email address to students who don’t have real email addresses. In that case you’ll need to assign email addresses that you know will bounce. If you wish, feel free to make up any email address RANDOMSTUFFHERE@updateltr.com. Any email to that domain bounces. (I own it)
Since these employees don’t have real email addresses, they’re also not going to get invitations or be able to validate/change their passwords the normal way. You’ll need to assign those accounts a password and turn off the “must change” setting.
For the temp employees to be able to log in and take the training, the URL to the course, login ID and password will need to be communicated through supervisors.
Option 2: Another option would be to use a temporary/disposable email address for these accounts. The upside is that emails can be delivered to these disposable accounts, but they’re pretty transitory and there is very little security to them.
You’ll find a list of them here: https://www.google.com/search?q=disposable+email+address&rlz=1C1GCEB_enUS920US920&oq=disposable+email+a&gs_lcrp=EgZjaHJvbWUqCggAEAAYsQMYgAQyCggAEAAYsQMYgAQyBggBEEUYOTIHCAIQABiABDIHCAMQABiABDIHCAQQABiABDIHCAUQABiABDIHCAYQABiABDIHCAcQABiABDIHCAgQABiABDIHCAkQABiABKgCALACAA&sourceid=chrome&ie=UTF-8
Option 3: The security-favored option is to have your company set up real email addresses for them, or you may need to collect and use their personal email addresses if policy will allow it.
Option 4: It is possible to use a single Gmail account and “plus addressing” to create many accounts that Docebo will see as unique. However, you’ll be the only one with access to this mailbox. If you want to go this way, you would create accounts like this YOURACCOUNT+1@gmail.com, YOURACCOUNT+2@gmail.com, YOURACCOUNT+3@gmail.com (you could use something other than numbers 1, 2 and 3 if you want). You’ll still have the problem of how to communicate logins/passwords and course links unless you’re going to send those to supervisors.
Thank you both for the suggestions. I can’t mess with their email addresses because they legitimately need to have a company email address because of what position they are filling. I can stop the enrollment links though and just exclude the temp group from the catalog (they only have one catalog anyway.) I think I can enroll my existing Active Employees that aren’t temps in the course and then we can email a link to the page instead of the enrollment link.
Thank you both so much for your input! I appreciate your help.