Column Security in Roles

Hello there

First problem is that we have one role in JDE called HRCLERK and it is attach to the user SAMA.
The role is setup for the TAXID as follow:

Table Dataitem View Add Change Alias
*All Taxid Y Y Y Tax

when i login to as SAMA it shows me the Tax column with data in application take P01012 as an example, I am expecting ********** instead of real Tax id column.

Then i assigned column security in user level same as above fashion and still no luck? Any idea ?

I believe system looks first for user then role and then Public same fashion as UO. but i can not make it work in both user leve and role level. Is there anything i am doing wrong? It is all in PD environment.

Thanks

AD
8.12
8.96

Can you clarify what you are trying to accomplish? If you want the data in the TAX ID field to show asterisks instead of the actual data then you have to use the address book security programs to set that up, which is outside of the standard security workbench. Those programs are P01138 and P95922.

Hello again

I guess you have cleared lot of question i had and thanks for the response.

Correct me if i am wrong, i looked through the program you mentioned and yes I noticed that HRCLERK role allows to see TAXID etc so it means if we try to restrict individual user will not work through security workbench?

Other question, i noticed one other role which is not in the permission list P95922 and when i go to P01012 the Tax id is not visible. I assume here that the PUBLIC permission applied and that user must using the PUBLIC which does not allow to see column at all?

Thank

AD

I believe you're on the right track. If you want to block out the Tax ID field from being seen at all then you use security workbench. If you want people not to see the SSN number that is in the Tax ID field for an employee type record, for example, but you want them to see the value in the Tax ID field for a vendor record, then you will need to use the AB security programs I mentioned above.

The way we have it setup is we use column security to block out the Tax ID field at the *Public level and then grant it back to specific groups that need to see it, like HR or Vendor Maintenance. We then use the AB security to '*' out the Tax ID field for any employee or dependant type record from *Public and then grant it back to the HR roles for those record types.

Hi,

Cncjunior is correct - the two functions do different things. If you are struggling with using the F00950 at all I can help with either setting the role sequencer or identifying conflicts. Otherwise, you need to focus on the P95922.

Minnie Prescott

ALLOut Security
www.alloutsecurity.com
email [email protected]

I areed. I believe security needs to be setup properly in the startup so this should not bother us later with conflicts. I liked the idea to have secure everything in the beginning and assign roles to users who are power users etc.

Thanks
AD

Hi,

Can we *ALL for data item in column security?

Yes you can for specific data item.