Customized work around-Please help

Hello All

I have couple of queries.can some one help me with this.
For a particular project we are not able to get CNC rights, so we are trying to create a work around by creating a custom environment and do all the development there.
So here are the questions following this.

1)Is it possible to have CNC rights gor only one environment.
2)If i have a customized environment, can i put it before DV environment so that any object that i create in the customized environment can be promoted to DV and later it follows normal development cycle
(Custom-->DV-->PY-->PD)


DEV

ERP 8.94
DB:Oracle
WINDOWS

I'll assume when you say CNC rights, you are speaking of OMW rights, not general system rights. If this is the case, then yes, you may have more rights at certain statuses than others, that is the power and flexibility of OMW's allowed actions setup.

Your second question is answered again, yes. Through OMW's activity rules you can set up how objects flow through the system, and it can certainly include custom path codes.

Regards,

No, I do not mean OMW rights.I meant the right to access all application(OCM,User Profile,Work bench etc).
Thx for the reply
Dev

No...security is not environment specific...if you can't run an app in one environment due to security you will not be able to run it in another. However, it IS possible to allow you into one environment and not the other.

Perhaps if you explain what you want to do that you are not allowed to do, we could offer solutions acceptable to you and the CNC/security folks. Many installations simply prohibit access to the OMW application because they don't know how to or don't want to take the time to lock down OMW internally.

Regards,

In our environment, developers have these rights in the development environment. This can be done if you create separate, environment specific logins. For instance, my development login is DVSMAAS and CNC has me in a custom group they created called DVDEV. I can only log into the DEV environment with this login. For production, I have to login with my PDSMAAS account, and that account has been severely limited from a security perspective (in fact, it is disabled, and I have to request authorization to use it!).

I just thought you might want to consider going in this direction rather than creating an entirely new environment. Our perspective is that developers should have all rights (except CNC admin) in the DEV environment so that they can model and experiment as necessary. But DEV is the only environment where they have these rights, and we have very tight change management controls in place for promotions from DEV.

Shelley,

If DV is the only environment your developers need to have the rights in...let them have those rights and limit them to the DV environment.

But yes, by using multiple logins, one can achieve different authorities in different environments.

The question though, is can you limit via security what a single login can do, and I believe the main concern is about OMW functions. OMW has it's own security options, which many fail to take advantage of, and simply end up limitiing access to the OMW application alltogether.

Plus, there are other ways to keep someone who needs access to applications in DV for development out of data in other environments. Generally, security just isn't well thought through nor implemented.

Regards,