Understanding How to Create and Revise User Sign-in Security

A user profile must already exist for a user before you can create user security records for that user. You can create security records one at a time for each of the users, you can set security for a role, or you can set security for all users.

Typically, users within a specific role use similar security information. Oracle recommends that you create a model user with security information that you can copy to create security records for other users. The P98OWSEC application provides a copy function that simplifies the creation of security records.

Note: When you copy security records to a user, security records must not already exist for that user. If you try to copy user security to a user with existing user security records, you will receive an error message.

You should keep user security simple. Managing EnterpriseOne user IDs and system (database) user IDs can become complicated quickly. The simplest way to set up user security is to have all data sources share the same system user ID and password by leaving the data source field blank when you initially create user security records for users or roles on the Security Revisions form.

When you leave the data source field blank, the P98OWSEC application automatically enters DEFAULT in the field. The DEFAULT data source enables you to create one security record for all users. Each time a user accesses a table through an EnterpriseOne application, the software searches for a security record for that user and the specific data source where the table resides. If the software does not find a specific record, then it uses the default data source, which is the security record that you created with the DEFAULT data source field.

You use system user IDs to manage user access to databases. Although you should try to maintain as few system user IDs as you can, occasions arise that require you to set up database security in addition to the EnterpriseOne object and user security for specific users and specific tables. For example, you might need to create system users with additional authority to what the typical system user needs.

See also:

• "Setting Up Data Sources" in the JD Edwards EnterpriseOne Tools System Administration Guide.

It is difficult to monitor and administer accounts that are not in use. An administrator should disable these accounts to stop unauthorized access to EnterpriseOne. See Creating User Sign-in Security in this section for information on how to disable an account.