Required Security when using *all to deny everyting

johne

Member
I am setting up security with *public, denying access at *all level. Does anyone have the list what applications I must grant back access? I know it is some batch application, some security etc. I thought there was a list on the old JDE website, but I can't find the list on the new site.

Thank you.
 
John,

Denying access using *ALL is not necessarily the best way to secure your system. You might consider setting *PUBLIC *ALL for Action Code security NNNN (excluding Search/Select), and then leave App. Security as default minus a few of the sensitive applications (such as Security Workbench, Address Book, System Constants etc). This can makde maintenance more manageable. You may also need to add back Action Code Security at *PUBLIC for all the relelvent Search and Select application (such as the P0101S). As the Security Officer you should also, as a precaution if you are not over familiar with doing this, assign yourself open security just to make sure you don't secure yourself out of it at the same time. Hope this helps.

James (ERP8)
 
Hi,

We found that this was the hardest part of implementing deny all, but once you have the model right it becomes so easy to manage. If it helps we used a company called QSoftware and their tools. They ship the list of apps you need to grant access back to along with the ability to group your security into a job role/group. Saved us a great deal of time and helped with the Sarbanes Oxley requirements we had. I agree with Bodmin, its a nightmare if you shut everyone out and don't get the setup right.

I still have some documents from them if you require them, feel free to get in contact.
 
John

Attached is a spreadsheet that used to be on the download forum of JDELIST. This should give you a good start.

Patty
 

Attachments

  • 83592-security.xls
    446 KB · Views: 458
There is a document on the KG that may help you: ott-02-0025 (At least I think it is still on the KG...)

This document lists the applications required for things like submitting jobs, running UBE's, the Object Librarian, etc.

KD.
 

Similar threads

E9.1 Secure all but a couple fields in a form
Replies
3
Views
1K
BPConnor
BPConnor
E9.2 How do I block access to security for all users?
Replies
5
Views
1K
Harry Chen
E9.2 Best way to find correct role for user?
Replies
1
Views
825
JMR
Soumen
E9.2 P98220U - Advanced Security
Replies
3
Views
1K
Soumen
Soumen
KoalaBaby
E9.2 The Right Sequence to Back Out ESUs
Replies
0
Views
298
KoalaBaby
KoalaBaby
Back
Top