I am setting up some menu security, obviously there is both the groups section and the users section. Which takes priority? I have set a couple of groups to have access to one set of security (Default is allow, most groups are disallow) but the users lists are set to Default. Do i need to set the users to disallow as well or does the User Groups take Priority? 
Users take priority over groups if and when they are present. So only use the user level in extreme or temporary cases. Everyone should be in a group and the group permissions should restrict their activity properly.
2 Likes
So would be best to have Default Access to Disallow and the only the groups i want to be able to use the security set to allow. All other groups and users set to default?
Yes, I believe that is the right way to do it.
1 Like
Thanks Nate, appreciate the advice.
This was one of the real problems for us when we set up initially. In the end it was easier to setup up our own Menu System (Using our own IDs) and give people exactly what they needed access to.
We, for the most part, disallow everything, and then added permissions to what they needed.
One of the problems is that they for some of the slideouts, print reports, or even using the Explorer Tab - you will have to allow certain permissions to enable that functionality.
I requested through Epicor Ideas that when access is not allowed appears as a popup error appears that would put the ID of what was causing the block, but I didn’t get much movement on it (it would make troubleshooting so easy)…every so often, we have to hunt down a new permission issue, but they are rare now.
User overrides group permissions. The other issue we kept running into is that if the user doesn’t have permission to see the very 1st level of where an “app” may be nested, they wont’ see it even though they have access to it, the fact that it is nested blocks it, so you will have to always give permission to the 1st or prior folder to see something that is nested below it…
2 Likes