jimmymac
Reputable Poster
Greetings,
We currently use role based security where we have multiple roles set up for AP, GL, Fixed Assets, and Address Book. Roles are defined to allow certain menu options, and users of course are defined to have certain roles. Through this method, our users get access to what they need to do.
Now the fun part. We current have a dozen or so operating companies (company records in the F0010) but have no security around company.
We have acquired another company that we will be converted to our system, and there will be another several companies (say 4) being processed by our E1 9.0 system. The talk is that we may be asked to implement security to allow some users only access to the current 12 companies, and others only access to the 4 new companies.
It would see that the solution then would be to implement row security by company. For example, our current role GASPV we would modify to not allow users with that roles to View, Add, Change, Delete data for the new companies, but only access the existing 12 companyies. Then we would create a new role GASPVNEW identical to GASPV except that it would have row security defined to only allow acces to the new 4 companies and not the existing 12.
What I am seeking is any comments or experiences in implementing security in this way. Again out ultimate requirement is to be able to secure some companies from some users, and others from others. Also, if any one has other suggestoins on how to secure by company, we are all ears.
Thanks to all. Jim.
We currently use role based security where we have multiple roles set up for AP, GL, Fixed Assets, and Address Book. Roles are defined to allow certain menu options, and users of course are defined to have certain roles. Through this method, our users get access to what they need to do.
Now the fun part. We current have a dozen or so operating companies (company records in the F0010) but have no security around company.
We have acquired another company that we will be converted to our system, and there will be another several companies (say 4) being processed by our E1 9.0 system. The talk is that we may be asked to implement security to allow some users only access to the current 12 companies, and others only access to the 4 new companies.
It would see that the solution then would be to implement row security by company. For example, our current role GASPV we would modify to not allow users with that roles to View, Add, Change, Delete data for the new companies, but only access the existing 12 companyies. Then we would create a new role GASPVNEW identical to GASPV except that it would have row security defined to only allow acces to the new 4 companies and not the existing 12.
What I am seeking is any comments or experiences in implementing security in this way. Again out ultimate requirement is to be able to secure some companies from some users, and others from others. Also, if any one has other suggestoins on how to secure by company, we are all ears.
Thanks to all. Jim.