Essential tables for letting Epicor function

Anyone have a better idea of what tables are deemed important for a user/group to have access to for epicor to function properly? I recently created a tool to better manage field security (Giving BAQ access for Power Users), however it seems to have done too good of a job. My tool takes every ERP table and makes every column access set to none. Then I manually re-add the basic tables I want them to be able to query. However when testing with my Data Access only user I am unable to open up the Business Activity Query screen due to a Object Ref error.

Funny thing is, its only an issue for opening the screen up. If I take the security group off, open the screen, then re add the group, the screen works fine. Something that is being queried in the initial startup in the ERP schema is causing an issue.

All Ice tables have default access, Here are the follow ERP tables I have re-enabled default access to to try and correct. Company, UserFile, TaxSvcConfig, UserComp.

I would imagine that since a function could potentially touch all the tables they would need access to whatever tables the function has in it? Could be wrong though?

I tried using ILSpy to investigate into the TaxSvc message in the error, and thats what led me to enabling the TaxSvcConfig table. However i wasn’t able to uncover anymore. I also did a trace on a user that could open it without field security and went deeper with ILSpy after that, with not much more luck.

Just a warning… if you restrict access to fields, you can sometimes disable some functionality that a user needs, even if they are not allowed to “see” the data. I had a customer who applied field level security to some pricing/costing/labor rate fields, and as a result, the system started selling/buying/charging at zero value because the user was “not allowed to see” the values.
I would be more selective of your field security rather than restricting everything. Also, I am not certain, but turning off everything may also cause performance issues in the future since the system would need to apply all the field security on top of other processing.

1 Like

Thanks for the insight. I was actually able to resolve this as it appears that every screen that is opened in Epicor checks against the TaxSvcConfig table. So if any field security is set on that it will complain.

Fortunately this security group will only be assigned to a specific user whos entire purpose will be for opening the business activity query screen. So no functions/transactions will occur outside of this.

As for your comment on performance, I was suspicious as well but curious what you think. Will this affect performance for ALL users? or more specifically for this one user in the actions that they do?

My fear is that it would affect all even if no security is applied against there group/user.