If you have NetSuite OneWorld, you can use subsidiary restrictions to restrict what users with this role can access.
When you restrict role access to subsidiaries, consider the following:
By default, the subsidiary restrictions is set to User Subsidiary.
Only a role with access to all subsidiaries assigned for a department can edit that department.
On the Role page, under Subsidiary Restrictions, choose one of the following options:
All – Grants the role access to all subsidiaries, including inactive subsidiaries.
Active – Grants the role access to the active subsidiaries only.
User Subsidiary – Restricts the role’s access to the user’s subsidiary only. When users log in with this role, they can only access their own subsidiary. A user’s subsidiary is set on the employee record. For more information, see Assigning a Subsidiary to an Employee.
Selected – You select the subsidiaries to which you want to restrict the role’s access. You must select at least one subsidiary from the list.
If you choose Selected, in the autogenerated list of active and inactive subsidiaries, select the subsidiaries that you want the role to have access to. To select multiple subsidiaries, hold down the Ctrl key while selecting subsidiaries.
To allow users logged in with this role to see, but not edit, records for subsidiaries to which the role does not have access, check the Allow Cross-Subsidiary Record Viewing box. You cannot use this setting to view employee payroll or commissions data.Note:
If the Book Record Restriction option is enabled for a user, this restriction overrides permissions granted by the Allow Cross-Subsidiary Record Viewing option.
- Customizing or Creating NetSuite Roles
- Customizing and Creating Roles
- Assigning Core Administration Permissions
- Administrator – No HR/Employee Access SuiteApp
- Restricting Role Access to Accounting Books
- Setting Employee Restrictions
- Setting Department, Class, and Location Restrictions
- Setting a Role as Issue Role for Issue Management
- Setting a Role as Web Services Only Role
- Setting a Role as Single Sign-On Only Role
- Restricting a Role by Device ID
- Restricting a Role by IP Address
- Setting Two-Factor Authentication Requirements
- Setting Permissions
- Setting Default and Restricted Forms
- Setting Search Defaults for a Role
- Setting Preferences for the Role
- Translating Custom Role Names
- Selecting a Dashboard for a Role