@@ -103,7 +103,17 @@ Create new Folders or Collections using the **"New"** button.
...
@@ -103,7 +103,17 @@ Create new Folders or Collections using the **"New"** button.
# How-to
# How-to
<!-- more in-depth procedure that may require interpretation -->
## Add a user
To add a new user to the vault, they will need to be "invited" via the admin console (`/admin`) to the organization. They should be added to the appropriate groups, depending on their role in the organization. Additionally, each user should have a "Personal - <username>" collection created, and the user is given "Edit items, hidden passwords" access, and the "Manage collection" access should be given to the "Executive Leadership" group.
## Recover a user
The [process for recovering a user](https://bitwarden.com/help/account-recovery/) may be needed if a user forgets their 'master' password, or has been offboarded from the organization and any access that they have needs to be cleaned up. Turning on the Account recovery administration policy will allow owners and admins to use password reset to reset the master password of enrolled users.
In order to recover a user, the organization policy "Account recovery administration" has been turned on. This policy requires that the "Single organization policy" must be enabled. We have also enabled the "automatic enrollment option" which will automatically enroll all new members, regardless of role, in password reset when their invitation to the organization is accepted and prevent them from withdrawing.
Note: Users already in the organization will not be retroactively enrolled in password reset, and will be required to self-enroll. Most users have not been enrolled in this configuration, but as of November 1st, they have been contacted to self-enroll. Enrollment in recovery can be determined by the key icon under the "Policies" column in the Members section of the Admin Console
