If we have multiple sites, do permissions need to be set per security group for each site, or do the same permissions apply for all sites?
Permissions apply to all sites and companies. I mean that if you have access to the site in the user account,the same menu permissions would apply in each site.
If menu security needs to be site specific for users, use Security Groups.
We have a basic setup where there are three “levels” for each business area.
MTL001 - Materials, Basic - Can do the most basic functions. Like Receipt Entry
MTL002 - Materials, Intermediate - Can make parts, enter POs, issue mtl’s, etc…
MTL003 - Materials, Advanced - Can do just about anything. Part Class and Prd Grp, add warehouses, Qty and Cost Adj’s etc …
Then for Site specific requirements, make groups with the site ID as a suffix
MTL001_CHAL - MTL001 rights but only for site CHAL
MTL001_GUTH - MTL001 rights but only for site GUTH
Then use menu security to assign groups to Allow Access, and use User Security to assign who is in which group.
For example, user Joe Schmo may need MTL002 in site CHAL, but only MTL001 access in site GUTH. His user security would be setup so he’s a member of