Security Group

Rowley150 · June 27, 2018, 7:53am

Epicor 9.05.701

Something i’ve never looked at before but if possible i’d like to understand and review.

When we setup a new user, we assign groups and companies to them so that they can see specific modules / companies of epicor.
However, how can i be sure which processes / reports etc sit behind each group?

I looked in security maintenance / security groups but its just a list of the existing groups.

Many thanks in advance.

Mark_Wonsil · June 27, 2018, 10:02am

Hi Mark,

Now check the Menu items. They also have the security ID that links the groups.

Mark W.

Rowley150 · June 27, 2018, 10:57am

Hi Mark,

Thanks for this,
So, if i understand correctly, this security ID in the screenshot sits somewhere behind 1 of the security groups?

Mark_Wonsil · June 27, 2018, 11:02am

That is correct. Click on the Security tab on that very screen and you will see it.

Mark W.

Rowley150 · June 27, 2018, 11:04am

ahhhh i see the users / groups allowed and disallow section.

Thanks for this, i think i need to review our groups!

Rowley150 · June 27, 2018, 11:23am

I just disallowed a user to Part in inventory management / setup in the TEST database
but he was still able to get in and create a part?!
Would this be because he is part of a group that is allowed access?

Mark_Wonsil · June 27, 2018, 11:34am

To be honest, I’ve always used Positive Access, i.e. allowed only and have avoided the Disallow flag.

Our security matrix is based on role. We’ve identified the commands that a role would require and then assign a group for each role. We make sure EVERY command (and now BAQs) has explicit groups assigned (No ALL access for allow or deny).

This is much easier to report on access and leave no surprises.

Mark W.

asmar · June 27, 2018, 1:50pm

In Epicor 10.1 we have a report called “Users / Groups Report”.

Mazin

markdamen · June 27, 2018, 9:52pm

Be aware of the fact that each time Part appears in the Menu, it MIGHT have a different security ID attached to it - therefore, user might be blocked under Inventory Mgmt, but has access via User/Group under the Job Mgmt menu.

RC2020 · April 22, 2020, 6:08pm

Hello Mark,

Is there any other place where I can see what the user has access to. I see the groups but the user cannot get into the Supplier Maintenance screen. Which is weird since she had access prior and she was given additional access on the server and something is now keeping her from accessing the function.

I would appreciate any assistance. I am new to Epicor 9.

Thank you.

Miguel

Rowley150 · April 22, 2020, 6:30pm

Have you tried in menu maintenance?
Look at the security behind the process.

If that’s ok…is she accessing it via a favourite?
That could be the issue…tell her to try from the main menu tree