Creating a NEWUSER Role
When a new user enters the system and you have implemented dynamic role rules, the user does not belong to any roles until your role rules execute. When you enter a new user into the system, the user has access only to the public pages you authorize for the NEWUSER role. When the dynamic role rules execute, the new user becomes a member of the roles that apply based on the user's employee position.
Note: The NEWUSER role is not a PeopleSoft-delivered role. You can name the role to suit your requirements.
To implement a NEWUSER role:
Create your NEWUSER role.
Add permission lists to the role so that members of this role have access to the pages that are appropriate for all users within the system, like My Profile and any other areas that are not a threat to your system security.
Apply the appropriate roles.
If you use dynamic role assignment, then wait until the batch program runs; if you use static role assignment, then you must wait until an administrator manually applies the appropriate roles.
If the role rules run only one once in a 24-hour period, new employees may not have access to the system until the next day. If the rules run more frequently, they may have access within a couple of hours. If a new user cannot wait until the next run of the dynamic role rule, you can use one of the following options:
Add required pages to one of the permission lists used by the NEWUSER role.
Reduce the time between the dynamic rule executions.
Note: Reducing the execution interval of the dynamic rules may affect performance, depending on how the rules are implemented.
Add a Signon PeopleCode script that detects that the user needs access to a certain role.
To do this, run a query against LDAP, the database, or the location where the information resides. Use the User Profile component interface to add the appropriate roles to the user, according to the query results.