The Base Package Controls One User, One User Group, And Many Application Services

When the system is initially installed, the following information is delivered:

  • Application services for all secured transactions, maintenance objects, business objects, business services, scripts and zones in the base package.

  • A user identified by the user id SYSUSER.

  • A user group identified by the user group code ALL_​SERVICES. This user group is associated with all supported application services delivered with the base product. This user group is given access to all access modes for all application services (i.e., all actions on all transactions).

  • The user SYSUSER is linked to the ALL_​SERVICES user group. This means that this user has access to all transactions and all actions.

You cannot change or remove the information delivered for ALL_​SERVICES. This information is owned by the base package. It is provided so that an "initial user" has access to the entire system and can setup user groups and users as per your organization's business requirements. It is not recommended to provide your own users with access to the ALL_​SERVICES user group. Rather, create user groups that are appropriate for the organization's business requirements and define user access to these user groups. If you introduce new transactions, configure them for the appropriate custom user groups.

In addition, SYSUSER is provided to allow for an initial user to define appropriate users in your implementation. Once proper administrative users have been defined, it is recommended that SYSUSER is updated to set the User Enable setting to Disabled.

When you receive an upgrade:

  • New application services are delivered for the new transactions, business objects, zones introduced in the release. The release notes highlights the additions / changes.

  • Existing application services are updated with changes in their access modes (e.g., if a new action is added to a transaction, its application service is updated accordingly).

  • The ALL_​SERVICES user group is updated so it can access the new / changed application services.

  • Implementations should review the release notes and determine which user groups created for your implementation should be updated with the additions, if applicable.