During my Interactive Discussion at Convergence over GP Security it became clear that I need to post what I do with my customers to help with administering and maintaining their GP security. This will only focus on GP 10 and later.
There are many very well designed reports buildt into the product which are great for documenting, however, they fall short in helping to analyze or maintain your security. To do security analysis you need something more interactive, something you can slice-n-dice or drill into.
Here are two tools that I use:
- SQL View (that I can import into Excel)
Support Debugging Tool
There is a great SQL View on MPV Victoria Yudin’s blog site called “SQL View with Security and SmartList details in GP”. Be sure to read her entire post as the SQL View is dependent on the Security Resource Descriptions table being populated, but not by default. The (counter intuitive) Clear Data method that she describes to populate the table only populates descriptions for Forms and Reports. The SQL view will return every security setting, but only Forms and Reports will have descriptions. Since 90% of security analysis and debugging is related to Forms and Report, this view is a great place to start.
Once you have the view in place, there are many ways to get the data into Excel. I am going to give you my favorite method through SmartList Builder. With SmartList Builder you can point directly to the view, and once you have built and deployed your SmartList, the true slicing-n-dicing can begin!
PowerUser – The access that PowerUsers have will not show up in this SQL View. Why? Because the PowerUser Role is not really a Role at all--it is a hard coded feature that exempts the user from ALL security. What this really means is that there are no security tasks or operations created, so I don’t recommend the use of PowerUser in any environment. If a user needs PowerUser…