Results 1 to 4 of 4

Thread: Just curious.. How does everyone else test their security roles?

  1. #1
    New Member Olivia_Terrell's Avatar
    Join Date
    Aug 2018
    Location
    Work in Fort Collins--live in Denver, drive it every day
    Posts
    6

    Just curious.. How does everyone else test their security roles?

    I would love to find a way to actually be able to create test security roles and promote them in DEV to PY before getting them into PROD. Just curious--how does everyone else do it? Or does everyone just create a test role (like I do) and then copy the permissions from it onto the final permission? Surely there's a more clever way...

  2. #2
    New Member
    Join Date
    Sep 2006
    Location
    Seattle, WA USA
    Posts
    44

    We use a secuser test account

    Quote Originally Posted by Olivia_Terrell View Post
    I would love to find a way to actually be able to create test security roles and promote them in DEV to PY before getting them into PROD. Just curious--how does everyone else do it? Or does everyone just create a test role (like I do) and then copy the permissions from it onto the final permission? Surely there's a more clever way...
    Since security is normally shared across all environments, we have a test account called secuser known only to the security administrator. Before we assign new roles to users, we assign to them to the secuser for testing. Also, before we make changes to existing roles, we first copy the security to a test role which we also use the secuser account for testing. We only do the testing for changed roles if the change is significant.
    E1 9.1 tools 9.2.2.5 IBMi v7r2
    Websphere 9.0.0.2

  3. #3
    Member
    Join Date
    Apr 2003
    Location
    Ohio, USA
    Posts
    395
    We have a test user account for each role. Make the role changes in test, someone tests the change and when it is approved the role change is promoted to production. I'm not actually a security or CNC person, so my knowledge doesn't extend much further than that. You might want to post this same question in the Technical form where more CNC and Security people might see it.

  4. #4
    Member BPConnor's Avatar
    Join Date
    Jul 2002
    Location
    Thornton, CO
    Posts
    54
    you can run multiple security tables to be able to have the ability to make changes to the security in a role in DV and once tested/approved move the changes to PY/PD. If you run multiple security tables you will need to segregate the JAS instances that run the different tables to prevent any issues there. EG if you have DV & PY on 1 F00950 and PD on another F00950 then the JAS instance should only have DV/PY *OR* PD.
    JDE E1 Xe to 9.0 installation, configuration, and upgrades.
    GSI Security Practice Lead http://www.getgsi.com/
    Highly Experienced with all facets of JDE security, specializing in the implementation and support of All Out Security.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
The legal restrictions and terms of use applicable to this site are available here.
Use of this site signifies your agreement to the terms of use.
JDELIST is NOT affiliated with JD Edwards® & Company, Oracle or Peoplesoft. Contents of this site are neither endorsed nor approved by JD Edwards® & Company and, or Oracle.