Inclusive Security testing...

[DJH]

Hi List,
We currently have Exclusive Security and we wish to change to Inclusive. I have setup a new F00950 table and created a new environment for testing with OCM mappings which point to the new F00950 table. I have logged into the new Environment and switched Inclusive security on, and also added *Public restrictions for App and Action Security for *ALL. I created 2 records also to allow all actions and apps for the admin role. The problem is when I log in to the new environment I was expecting not to see any records however I seem to be able to see all branch plants etc. Is what we have setup a viable way to test Inclusive security? I am hoping that I dont need to have another implementation running in order to test this as we really wanted to move everyone over bit by bit rather than all at once.

E810
8.98.3.1
SQL 2005
INTEL

 

[peterbruce]

DJH,

It has been a while since we looked at this. What you see will depend on what you have set up in the Security Workbench (row security?) for branch plants.

 

[jjanowski]

Under Inclusive you have access to all plants until something is assigned. This actually makes maintenance simpler long term. For example if we have plants A, B, C, where User1 with A = Y has B, C = N while User2 with nothing has A, B, C = Y.

I will not bore you with the SQL statements and the why it is better performance. Unless you really want the detail. Just know Inclusive is the BEST model both for technical performance as well as administrative maintenance.

PS You will be unable to move phased/Bit by Bit Exclusive to inclusive because it’s a global Setting… Either you are Exclusive or Inclusive and you cannot run parallel. You can test with OCM and the separate security file, exactly how you are doing now but a Big Bang will be required for companies and branch plants ultimately.

How many company’s/branch plants are you converting from exclusive to inclusive?