Open Forum

Expand all | Collapse all

User access

  • 1.  User access

    Posted May 04, 2020 02:36 PM
    Is there a report that will list the user and what they have access to within GP?

    ------------------------------
    Sue Van Vreede
    Tri City Glass & Door
    ------------------------------
    Academy - Online Interactive Learning from Experts


  • 2.  RE: User access

    TOP CONTRIBUTOR
    Posted May 04, 2020 02:56 PM
    Hi @Sue Van Vreede,

    The are a number of administrative reports that can show various types of security access (Administration>>Reports>>Security​).  From there you can pick to see security role assignments, security role setups, security task assignments, etc.

    However, the reports kind of exist  independently of one another.  I can run a report to see what security roles the users are assigned to...but then I have to run a separate report to see which tasks are assigned to that role....and then another to see which operations (windows, reports, etc.) are assigned to the various tasks.  It can be quite a task if someone asks a seemingly straightforward question like "who can create GL accounts" depending on how your security it set up.

    There are numerous blog posts about creating a SQL script or view to combine the information similar to the one by @Victoria Yudin that I'm linking below.  It rolls all that information into one SQL view (which can then be used in an SSRS report, smartlist,etc.).  It's saved me tons of time when security access requests have been made!

    https://victoriayudin.com/2009/03/20/sql-view-with-security-resource-details-for-dynamics-gp-10/

    ​Take a look at the standard reports and the view from Victoria to see if either or both get you what you need.

    Thanks,

    Samantha

    ------------------------------
    Samantha Higdon ,CPA,CGMA
    Consultant
    Lagom, LLC
    Carmel IN
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 3.  RE: User access

    TOP CONTRIBUTOR
    Posted May 05, 2020 10:46 AM
    Does anyone know if Victoria's script works for GP2018R2?

    Thanks!

    ------------------------------
    Don McCready
    Retired Controller and IT Director
    The Schaefer Group, Inc.
    Beavercreek OH
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 4.  RE: User access

    GPUG ALL STAR
    Posted May 05, 2020 11:33 AM
    @Don McCready

    The security model has not changed since v10 so yes the script works.

    Note that this will only work for the subset of resources (forms and reports) in the SY09400 table added by Dynamics. You need GP Power Tools to populate all the ​other resources (Tables, Document Access, Posting Permissions, Smartlists, etc.)

    Regards

    David

    ------------------------------
    David Musgrave MVP, GPUG All-Star

    Managing Director
    Winthrop Development Consultants

    Perth, Western Australia

    http://www.winthropdc.com
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 5.  RE: User access

    TOP CONTRIBUTOR
    Posted May 05, 2020 11:35 AM
    Hi @Don McCready,

    The script  should work on GP 2018 R2.  The key piece to the script though is the SY09400 (Security Resource Description table).  As Victoria mentions briefly in her post, the population of the SY09400 is critical​ to this script being usable.  If the SY09400 isn't populated, the script won't help you manage security.

    She references a blog post by David Musgrave who also replied on this thread.  The link she included in her post is below for reference.
    https://groups.google.com/forum/#!topic/microsoft.public.greatplains/fGWp2Zs4Fjc


    ​​​Thanks,

    Samantha

    ------------------------------
    Samantha Higdon ,CPA,CGMA
    Consultant
    Lagom, LLC
    Carmel IN
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 6.  RE: User access

    SILVER CONTRIBUTOR
    Posted May 05, 2020 01:28 PM
    Over a year ago I started playing with Victoria Yudin's (with Robert Cavill) security script mentioned in this post to attempt to create a quarterly report that could be reviewed by our various finance managers. I started using GP around version 2.x, and it has never had succinct security reporting. We are using GP Power Tools, but I haven't worked much in the security area as of yet.

    In our organization we currently have 70 users and 49 company databases so to create one easy to review security report was a beast! I developed and tweaked the report over about six months before starting a quarterly approval cadence.

    For our company's purpose I separated the Victoria Yudin security script into two digestible pieces and created an Excel file that is organized into color-coded tabs and sent to managers for a quarterly review:
    Quarterly Security Review image

    1. How to use this report - Color-coded to match the tabs at the bottom. Basic instructions...
    2. Role and Task Overview - I took the time to describe, in generic terms, each GP Security Role assigned to one or more users. The only time I need to update this tab is if I create (through native GP or GP Power Tools) a new Security Role ID and assign it to users.
    3. GP Users -  A simple list of all GP User IDs, including DYNSA and sa, user status (active/inactive), comments (purpose of the user if not a BluJay team member), user create date, and which user IDs are new since the last quarterly review. The list does not show which GP companies the user can access or their security roles.
    4. All users and roles (and [region] users and roles) - using part of Victoria Yudin's script, these tabs show each user and the roles they are assigned.  These tabs do not include all the security tasks and resources contained in each security role.
    5. All security resources - this tab uses the other part of Victoria Yudin's script and only reports the security tasks and resources assigned to each Security Role ID.
    When the quarterly review is emailed, each regional finance director and/or their country managers reviews their region's user security, referring to the Role and Task Overview tab as needed, and provides an email response either approving the report as-is or with changes noted for their region.

    I'm happy to share my two-part version of Victoria Yudin's script if needed.

    Hope this info helps,
    Jeff

    ------------------------------
    Jeff Pfershy
    Sr Business Analyst
    BluJay Solutions Inc
    Holland MI
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 7.  RE: User access

    GPUG ALL STAR
    Posted May 05, 2020 01:19 AM
    Hi @Sue Van Vreede

    The best multi-dimensional reporting for Security Access is available in GP Power Tools. Using the Security Information and Security Information Resources windows you can slice and dice the data from any angle.

    GP Power Tools makes working with security simple and even completes the security model with Deny Based Security​ giving you the ability to deny access to fine tune settings. There is also Security Activity Tracking which logs statistics about what users are actually accessing so you can compare what they have access to against what they have used.

    Check out the Benefits Presentation to understand why all GP sites globally should have the tool:

    https://www.winthropdc.com/ftp/pub/GPPowerTools_Benefits.ppsx

    You can install it and activate a free 30 day trial period.

    Regards

    David


    ------------------------------
    David Musgrave MVP, GPUG All-Star

    Managing Director
    Winthrop Development Consultants

    Perth, Western Australia

    http://www.winthropdc.com
    ------------------------------

    Academy - Online Interactive Learning from Experts


If you've found this thread useful, dive deeper into User Group community content by role