Steven,
Thanks. I'll talk about it with Mike next week.
Tom Molyneux
NOV Mono
MIS Department
Tel. +44 (161) 214 2142
Fax. +44 (161) 214 2344
E:mail Tom.Molyneux@xxxxxxx
From: Steven Dykstra [mailto:sdykstra@xxxxxxxxxx]
Sent: 24 August 2011 14:28
To: bpcs-l@xxxxxxxxxxxx
Subject: Re: BPCS Security topic --- solution has been invented...
Dear Tom ...
Our By Invitation Only software [www.unbeatenpath.com/software/bio/BIOnly.pdf] can accomplish the objective stated in your August 16th email. I've pasted the key part of your post here:
"How do we set up BPCS security so that a user can have all
functionality in one Facility (Enquiry & Maintenance) and
have Enquiry access to another Facility, but not be allowed
to maintain data for that facility?"
It could be done across different companies too. This can be accomplished without increasing BPCS user count subject to an INFOR license audit. What you want to accomplish is in harmony with By Invitation Only's purpose: manage user security more productively and more transparently than the vanilla approach used by BPCS/ERP LX. Therefore, your question prompted some intense creative thinking here.
This new application of By Invitation Only functionality is not explained on our web site. Tom, if you are interested, please contact us directly to learn more about how we could get this done for you. To be honest, we'd have to tweak one facet of the existing software to pull it off.
Warm regards,
Steve Dykstra
Unbeaten Path International
+262-681-3151
(888) 874-8008
sdykstra@xxxxxxxxxx
Today's Topics:
1. Re: BPCS Security (Al)
2. Re: BPCS Security (Carr, Wally)
3. Re: BPCS Security (Molyneux, Tom)
4. Re: BPCS Security (rob@xxxxxxxxx<mailto:rob@xxxxxxxxx>)
5. Re: BPCS Security (rob@xxxxxxxxx<mailto:rob@xxxxxxxxx>)
----------------------------------------------------------------------
message: 1
date: Tue, 16 Aug 2011 12:36:15 -0500
from: "Al" <macwheel99@xxxxxxxxxx<mailto:macwheel99@xxxxxxxxxx>>
subject: Re: [BPCS-L] BPCS Security
In earlier versions of BPCS we accomplished this with several alternative
approaches.
Sign-on ANYONE (everyone knows the password to ANYONE and ANY person may use
this sign-on) which has access to stuff the company thinks ANYONE in the
company may have access to. It is INQUIRY ONLY to a collection of
applications inquiry, some query/400, with no access to printers, reports,
updates, data entry, and they are stuck with a tiny collection of menus.
SSA INFOR has had a problem with us doing this, in past security audits.
The issue was that some of our people are ONLY interested in inquiry, such
as factory workers, so they did not need their own sign-on to do the exact
same stuff as ANYONE.
TomUS is to be used for access to USA facility. This has all functionality
access to US but no access to other facilities.
TomUK is to be used for access to UK facility. This has inquiry access to
all facilities, but no update maintenance options.
It affects licensing. We tell SSA INFOR that there is only one Tom person,
for user counting purposes. Sometimes they buy it, sometimes not.
If you don't think they going to buy it, another approach is modifications,
if you have access to source code.
You have your own modified version of INV300, ORD300, MRP300, DRP300 etc.
These modified versions are not using BPCS security.
People can get at BPCS data thru the modified software, they just can't
change that data.
Use vanilla BPCS for normal access, TomUS model.
Use modified programs for access to other facilities, using the ANYONE
model, except there may be some facility constraints ... a particular user
has access to UK but not Australia data.
By Invitation Only is not UPI's only BPCS Security Product.
It won't hurt to discuss your options with UPI off-line.
-
Al Mac
There are no limits to what you can accomplish, when you are supposed to be
doing something else.
Success has many fathers, while failure is an orphan.
-----Original Message-----
From: bpcs-l-bounces@xxxxxxxxxxxx<mailto:bpcs-l-bounces@xxxxxxxxxxxx> [mailto:bpcs-l-bounces@xxxxxxxxxxxx] On
Behalf Of Molyneux, Tom
Sent: Tuesday, August 16, 2011 3:19 AM
To: BPCS-L@xxxxxxxxxxxx<mailto:BPCS-L@xxxxxxxxxxxx>
Subject: [BPCS-L] BPCS Security
We are on ERP Lx 8.3.2 and are increasingly rolling it out across the globe,
leading to issues of security and access that we haven't previously had to
consider much.
How do we set up BPCS security so that a user can have all functionality in
one Facility (Enquiry & Maintenance) and have Enquiry access to another
Facility, but not be allowed to maintain data for that facility?
Eg. We have a user with full access to our US facility who wants to be able
to enquire on the UK facility data (MRP, BOMs, costs etc) but not be able to
change UK data.
Other US users may need to enquire on our Argentina facility data...... and
so on, each potentially with differing access requirements
I know there are Security Groups where functionality can be specified at a
program level, but we haven't used them much to date and I'm not sure if
they are the answer or would get over-complicated.
Is there a manual describing how to solve such issues or has anyone
experience of setting BPCS up to achieve this.
Thanks in advance.
Tom Molyneux
NOV Mono
MIS Department
Tel. +44 (161) 214 2142
Fax. +44 (161) 214 2344
E:mail Tom.Molyneux@xxxxxxx<mailto:Tom.Molyneux@xxxxxxx>
________________________________
Mono Pumps Limited
Registered in England No. 300721.
Registered Office : Martin Street, Audenshaw, Manchester. M34 5JA
--
This is the BPCS ERP System (BPCS-L) mailing list
To post a message email: BPCS-L@xxxxxxxxxxxx<mailto:BPCS-L@xxxxxxxxxxxx>
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/bpcs-l
or email: BPCS-L-request@xxxxxxxxxxxx<mailto:BPCS-L-request@xxxxxxxxxxxx>
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/bpcs-l.
ty
Al and everyone who has replied,
Thanks for your answers. It sounds like BPCS/ERP Lx doesn't have the kind of authorisation to address this issue. From my knowledge of BPCS security, I thought not, but hoped I was missing something!
Your suggestions of "Inquiry-only" signons is feasible, but has complications. We have a limited number of licences available. Also our in-house Sarbannes-Oxley rules forbid shared signons, not to mention what Infor would think of multiple users using one Id.
I'm sure we'll find a way around this, in my innocence I'd just hoped for an easy solution!
Thanks again.
Tom Molyneux
NOV Mono
MIS Department
Tel. +44 (161) 214 2142
Fax. +44 (161) 214 2344
E:mail Tom.Molyneux@xxxxxxx<mailto:Tom.Molyneux@xxxxxxx>
-----Original Message-----
________________________________
Mono Pumps Limited
Registered in England No. 300721.
Registered Office : Martin Street, Audenshaw, Manchester. M34 5JA
As an Amazon Associate we earn from qualifying purchases.