I need help regarding this issue.
How to disable the “Open With” entry so that user can not attempt to do creations if he has not been granted access to do SET UP in Epicor.
Thanks!!.
The menu item security should prevent the user from accessing the maintenance screen.
2 Likes
This is not working we have tried the security maintenance module but there seems to be a problem or am i going wrong somewhere ??
Probably haven’t found the right menu item. Turn on developer mode and then use the menu item and it should pop up a message that tells you which menu ID it is.
Are you disabling access to Setup menu item or the individual items below the Setup menu item? You need to disable the individual items.
Will really appreciate if you can assist with a screenshot guide if possible.
You must secure each menu option, not just the upper level menu. In other words, if you secure all the setup menus in the menu, you have HIDDEN all the setups, including customer, part, abc code, etc… but THAT IS NOT ENOUGH. You must got to the actual PART menu option, and CUSTOMER menu option, and apply security to that specific menu option. once you do this, then the option is secured, and the right click is also secured.
I had a customer once who swore that their system was totally secure. I asked him: “Give me a login that gives me ONE option in the menu… just give me the PartTracker.”… he accepted the challenge, and gave me a login. I proceeded to log in, open the part tracker, and then proceeded to dig all the way into the system to launch order entry, job entry, chart tracker, buyer entry (where i could create my own buyer code), Chart of account maintenance (where I could create my own account numbers)… etc etc. He quickly got the point. One little hole in the system, allowed me EVERYWHERE because he had not secured the menu options. he only HID the menu options.
3 Likes
I know this is an old post but this has come up again for us as an implementing customer, and I know Tim answered how it’s working, but no one ever followed up and asked why it’s that way.
The first major problem I have with this is we were working with an Epicor consultant during implementation, and she said in her words, “I’ve helped implement security at many other previous customers.” She thought that disallowing menu items disallowed access to the screens, and even submitted the support ticket on our behalf, because she believed that’s how it worked.
The second problem I have is why doesn’t it work the same on the smart client as it does in the web? In the smart client, if you right click on one of the app link widgets and you don’t have security access, it prevents you from entering, however on the web you can right click on it and be on your way?
My last problem is why would you ever want to hide a menu option but let someone have access to a screen under it, that makes no sense to me.