12 Working With Signon Security

For initial installations of JD Edwards EnterpriseOne, you must setup system user(s) using the Work With System Users (P980001) program to populate the F98OWPU table. You must set up system users before you can add and associate a JD Edwards EnterpriseOne user to a system user using EnterpriseOne Security (P98OWSEC).

Caution:

If you attempt to add a user with the P98OWSEC program before you add the system user through the P980001 program, the system may add an invalid record to the F98OWPU table. You might have to delete the invalid record from F98OWPU using the SQL Query tool.

You must perform security setup signed on to JD Edwards EnterpriseOne from a deployed client. If you perform the steps signed on to the deployment server, you will not be updating the correct security tables for your JD Edwards EnterpriseOne system.

This chapter contains the following tasks:

12.1 Setting Up Signon Security

To set up signon security:

  1. On P980001 [Work With System Users], click Add.

    Surrounding text describes system_user_revs.gif.
  2. On System User Revisions, complete the following fields:

    • System User

      JDE

    • Data Source

      DEFAULT

    • Password

      Enter a valid password for your installation.

    • Password Verify

      Enter the same password that you entered in the password field.

  3. Click OK.

  4. Click Find to verify the new record was added.

    Surrounding text describes work_user_security.gif.
  5. On P98OWSEC [Work With User Security], complete the following field:

    • User ID \ Role

      JDE

  6. Click Find.

  7. Click Add.

    Surrounding text describes security_revisions.gif.
  8. On Security Revisions, complete the following fields:

    • User ID

      JDE

    • Data Source

      DEFAULT

    • System User

      JDE

    • Password

      Enter a valid password for your installation.

    • User Status

      Ensure the Enabled radio button is selected.

    • Allowed password attempts

      Enter a value applicable to your installation.

    • Password change frequency

      Enter a value applicable to your installation.

  9. Click OK.

  10. Click Find to verify that the record was added.

12.2 Setting up Security Overrides for Package Build

The Package Build process creates tables due to the requirement for metadata. Therefore, you must setup up security overrides for any user who will be doing the package build. For example, if you are setting up the user JDE for path code DV910, you would use this procedure:

  1. Add a System User for Central Objects - DV910 for the owner, DV910, with the database password for DV910. (The default database password is DV910.)

  2. Add a security override for JDE for Central Objects - DV910 using System User DV910.

See Also

  • JD Edwards EnterpriseOne Package Management Guide

12.3 Enabling Server-Side Signon Security

Ensure the JDE.INI on the Enterprise Server has these settings to support signon security:

[SECURITY]
SecurityServer=server_name
User=JDE
Password=JDE
Default Role=*ALL
DefaultEnvironment=PD910 
DataSource=System - 910
History=0

After you modify the JDE.INI on the Enterprise Server, you must restart the JD Edwards EnterpriseOne Services so the settings can take effect.

Caution:

If you have changed the database password for the JDE user, the password you specify on Enterprise Server in jde.ini must be the new password.

12.4 Enabling Client-Side Signon Security

Locate the JD Edwards EnterpriseOne client JDE.INI that is deployed from the Deployment Server. Typically the file can be found at the following location:

x:\JDEdwards\E910\OneWorld Client Install\Misc\JDE.INI

where x: is the drive on which JD Edwards EnterpriseOne is installed.

Ensure that JD Edwards EnterpriseOne client JDE.INI has these settings:

[SECURITY]
SecurityServer=server_name
DataSource=System - 910
DefaultEnvironment=DV910
Default Role=*ALL
Row Security=NO_DEFAULT

12.5 Setting Up JD Edwards EnterpriseOne Single Sign-on

You must set up JD Edwards EnterpriseOne Single Signon Security using the procedures described in Chapter 13, Setting Up EnterpriseOne Single Sign-On of the JD Edwards EnterpriseOne Tools Security Administration Guide.

Caution:

Using default settings may expose a potential security risk. Thus, it is highly recommended to overwrite the single sign-on settings using the single sign-on configuration applications discussed in Chapter 13, Setting Up EnterpriseOne Single Sign-On of the JD Edwards EnterpriseOne Tools Security Administration Guide.