DMT error: Access contains a value which is not in the list of valid values for this column

Has anyone run across this error in DMT? Security Msg: Access contains a value which is not in the list of valid values for this column.

I have a DMT file format for updating Menu Security which runs fine in 2022.2.11 but when I run the same file in 2023.1.10 it errors. I have submitted an EpicCare case but thought I would also see if anyone on the user group has run across this.

Perhaps some fields format or name have change beetween the version. Did you edit your DMT from the DMT tool?

I did check the formats/fields in the Template and all looked the same. However, per Epicor Support…the new version requires the column Access in your template with a value of either “Allow” or “Disallow”. Knowledge Article KB0128873 - DMT - Menu Security: “Access contains a value which is not in the list of valid values for this column.”
Once I added the Access field with “Allow” value my DMT worked in 2023.1.10

Note: The template description for the Access column is blank so doesn’t give you any indication of what values should be used or that it is required. I don’t recall seeing anything in the upgrade notes that this was changing (unless I missed it)…I guess we are just supposed to know or figure it out :scream:


Thanks for pointing me to the Epicor KB article. I was trying to get menu security set for all the new Kinetic menu items that are set to “Allow All”. I am preparing for a go-live on 2023.1 (2023.1.12). There is another wrinkle to the KB article. It says add “Allow” or “Disallow” in the new “Access” column. Looking at the results in the DB on the Ice.Security table, if you use “Allow”, the “EntryList” column gets “*” added to the beginning of the list provided to DMT. If you set it to “Disallow”, then the “Disallow All Users” check box is set in the Menu Maintenance Classic screen. For my case I went back and added a blank “Access” column. This looks like it gives the correct results for me.

I think that Epicor is making changes to the Menu Security setup and that the “AllowAll” and “DisallowAll” columns might be changing. I have been looking at the new Kinetic Menu Security app and it does not look like it is working correctly yet. Even though there are Security Groups shown under the “Allow Access” list in the Classis Menu Maintenance application, no groups are checked in the Kinetic version.

@jhopeross good catch. I had only assigned security to one new Security Group since the Access column was required and I had already pulled my DMT data to csv so just added the new column. I need to take a look at the BAQ I am using to create the DMT data now as it doesn’t seem to add the “*” for all.

Regarding the Kinetic Menu Security. I am on 2023.1.10 and there is a column for “Access” which shows Allow for the Groups that are assigned to the menu.

@jhopeross what version did you see the * in? Asking as I opened an Epicor Support case and they of course don’t see the *. We are on 2023.1.10 and I see it there but did not notice it in prior versions.

I am working with 2023.1.12. I saw this in the Ice.Security database table when I used a value of “Allow” in the new “Access” DMT column:

When you run the DMT with a blank “Access” column this does not happen:

Gotch Ya…I passed this on to Epicor Support.

I ran a test in our Pilot environment with Access blank for a DMT file where I had initially used “Allow” and it removed the * from the ICE.Security EntryList. I also found that if you manually update a menus security in Menu Maintenance it removes the * when you save but I had 65 entries for this one Security Group to update so DMT was much easier.

Per Epicor Support…the way this is functioning is as designed however KB0128873 wasn’t clear nor was the advice I was initially given by Epicor Support.
The Access column would only require the Allow/Disallow value if you are allowing/disallowing for ALL Groups/Users. If you are specifying certain groups/user in the AllowAccess or DisallowAccess columns the Access column is required but should be left blank.