Reply to thread

Message: <blockquote data-quote="Larry_Jones" data-source="post: 6534" data-attributes="member: 660">Scotti,I assume you mean database security scheme.A strong argument may be made that the system security scheme (only 1 or 2 database IDs used by all JDE user accounts) is a stronger/safer scheme.1) Multiple accounts = multiple opportunities for disclosure.2) Unless you truly understand all the database interactions for all the OneWorld objects you cannot safely assign exclusive permissions on database objects by database user/account (HR/Payroll possible exception to this rule).  Attempting to control user access to data at the database level is a dangerous exercise in futility that can cause data integrity problems - consider the affects of granting someone write permissions to inventory master and transaction tables but denying read/write to G/L master and transaction tables.ERP systems are designed so that functions interact.  Clear boundaries do not always exist.3) Far easier to periodically change passwords on 1 - 2 accounts than on 100 - 200, thereby ensuring that the passwords will be changed.My 2 cents,Larry Jones<a href="mailto:ljones@wagstaff.com">ljones@wagstaff.com</a>OneWorld B733.1, SP 11.3HPUX 11, Oracle SE 8.1.6SandBox: OneWorld XE</blockquote>