Once a User has been created (please see How Do I Create New User/s Using the Windows Corporate Directory? or How Do I Create A New User Using Dynamic Budget's Security? for more information), the next steps are to assign them with Profile elements, and Company and OrgUnit Permissions.
In this article the following is discussed:
iv. Searching for and Granting Access to OrgUnits
v. Grant Access to All Searched for OrgUnits
K. and L. "Sensitive Summary" and "Sensitive Detail"
3.b. "Synch OrgUnit Permissions"
Please note that for Window Corporate Directory Users only step 1 and 3 (a or b) are required as step 2 has been completed on Map Users to Companies.
1. The User's Role, Feature Access and Admin Menu Access needs to be completed on Assign User Permissions/User Profile tab.
i. Setup Role
The default role when setting up a new User is the Application User role. From the drop down menu there are five roles to select from:
Please see What Can the Different Roles Do To Set Security and What Menus Can Each Role See? and AutoSynch and Synch OrgUnit Permissions to determine what Role is most suitable for your user.
Once the Role is selected click
.
ii.Setup Feature Access
Checking the box for "Manage Capex" and "Edit ST/OT" Hours provides the User with access to those menu items in the Budgets menu as below.
Please see Edit ST/OT Hours and Manage Capex for information about these menu items.
Checking the "Project Tracking" box provides Users with access to the below menu items in the Allocations menu . However, please note that as below the "Allocations" item needs to checked on Admin Access Menu in order for the User to have access to the "Project Budget Tracking" menu item. Also, as Application Users cannot be given access to Admin Access Menu items, they will not be able to view and use this feature.
The Project Variance and Project Budgets Reports are visible provided the "Allocations" item is checked.
When selections are completed please click
.
iii. Setup Admin Menu Access
All Roles except Application User can be provided access to the Admin Menus. "Administrator- Restricted" Users can neither assign Payroll menus to themselves nor other Users.
To provide access check the appropriate box.
By Checking Tools, System Management, Allocations and User Management the following menus are available to user as are their menu items. (The exception are some items under Allocations for Project Management. Please see ii. above)
For information on he Payroll checkboxes and related menu access, please see How Does Payroll Security Work?
When selections are complete please click
.
2. Permissions to access CompanyDB and Autosynch rights are set on Assign User Right/Company Permissions tab.
Print, Export to Excel, Print to PDF, Autosize Columns, Filter, Expand/Reduce Column Width and Copy and Paste, Select All/Deselect All standard functionality is available.
The following Right-Click Menu and Short-Cut Keys are available:
A To give the user access to a company check the "ACCESS" box. Please note the name of the CompanyDB is listed in the CompanyDB column;
B. To give a user access to the "AUTOSYNC" function for the CompanyDB check this box. Please see AutoSynch and Synch OrgUnit Permissions for a full explanation of this functionality.
The "ACCESS" box needs to be checked in order for the "AUTOSYNC" functionality to be turned on for a CompanyDB.
C. To save selections click "Save User Companies".
The Company Tag1 - 5 that are highlighted in yellow are defined on the Bulk Company Management. Please contact Dynamic Budgets before making any changes to these sensitive fields.
3.A. Customizing Access to OrgUnits, Sensitive Levels, Sensitive and Accounts (if Necessary) for Users.
Filter and Select/Deselect All functionality is available.
The following Right-Click Menu and Short-Cut Keys are available:
iv. Searching for and Granting Access to OrgUnits
to save your work.
to save your work.
.
For an explanation on Sensitive Levels and Sensitive please see How does the "Sensitive" Security Hierarchy Works - (Why Don't I See Data)? and When and Why Do I Use "Sensitive Levels" and/or "Sensitive"?.
M. To provide Users with the ability to view an Object that has been setup with a "Sensitive Level" from the drop down menu select the appropriate Sensitive Level and then click
.
N. Account level security is both turned on and assigned at the Budget Account level. This is in comparison to "Sensitive Level" which is turn on at the Object level and "Sensitive" which is turned on at the Budget Account level but both "Sensitive Level" and "Sensitive" are assigned at the OrgUnit level. If Account Level Security is turn on Accounts permission to view the Account needs to be completed. Please see How Do I Activate and Use Account Level Security? for more information
3.b. "Synch OrgUnit Permissions" can be used to assign standard security settings to Users based on their Role instead of manually assigning Users permissions as per 3.a. above. Please see AutoSynch and Synch OrgUnit Permissions for more information. And then if necessary, Users settings can be customized as per 3.a. above after assigning standard security settings to them.
4. Data Security Hierarchy
As discussed above access to data can be secured at different levels. And depending on which security features are turned on users will need to be assigned the appropriate security to view the data, The data security hierarchy is as follows: