• Introducing Dark Mode! Switch by clicking on the lightbulb icon next to Search or by clicking on Default style at the bottom left of the page!

Security Issue

Hello All,

I am JD Edwards sales and Distribution consultant and currently working on JD Edwards security.

I have been assigned the Job for Cleaning SoD (Segregation of Duties).

I have Rule set in place and accordingly i have to see which role should have what access.

Now the issue is if i go to JD Edwards system 8.10 and check the security work bench a particular Role 0AUDITOR has Veiw only access.

When i see my Dashboard i can see that Role 0AUDITOR has access to almost all the major program.

Can anyone suggest me how i can start doing by analysis set by step because i am new in Security.

If more details has to be provided please let me know and i can provide it.

Regards
Amit
 

peterbruce

Legendary Poster
Amit,

SoD and security is a complex area in JDE. I would recommend training for yourself in JDE security (to provide ongoing support) as well as getting expert help for the initial analysis and setup. The two major players in the JDE Security area are All Out Security and Q-Soft. Both are excellent sources of expert help with JDE Security.
 

gopal122

Member
Hi Amit,

I have been doing security through All Out app since a year . This is a 3rd party tool which gives a very detailed view on all security aspects and believe, Security itself is a different world . U can understand it better, once you do in this way . Security for roles, menus , Audit , lot of options ae out there . easy approach .
 

BPConnor

Active Member
as others have said, a 3rd party tool will greatly simplify this task. However, you need to look at both application and action code security for the role. If those are not locked down at *PUBLIC (*PUBLIC *ALL Run=N and Action code of NNNYNN), then the role is inheriting the JDE default open security. Even if the role is restricted at Action code levels, there are many reports that are update capable that can cause SoD issues. You also need to take into account a user that has multiple roles as access is aggregated with multiple roles unless they are logging in with a specific role.
 
Top