Hi All,
In this post, i'll brief how to revoke access from users to add/modify/delete any permission lists, roles or user profiles ?
This is vital to the PeopleSoft application, if not done, users can change any profiles abd get any access you have emplyed security upon .
I'll discuss how to revoke access so that users will have display only access while opening any permission list, role or user profile. Also they wont see delete or copy permission list/role and user profiles .
The security related pages are added to Maintain_Security menu. Our aim is to give display only access on these pages.
Approach:
1) We need to identify which permission lists give access to these pages.The name and number of PL's differ from one application to other.Navigate to PeopleTools->Portal->Structure and Content.
2) Navigate to any page contained in Maintain_Security eg. delete user profile, click on security tab and see what all permission lists are added over there.
3)oracle delivers the applications in such a way that access to all these pages are given to few permission lists. So now our aim is to revoke access from these permission list.
4) There can be multiple approaches from here,one could be to find through which roles users are having access to these permission lists and remove the actual permission list/Roles from users and give a duplicate of these permission lists with pages under Maintain_Security made display only. Other way is to change these delivered permission list and make the pages display only. If taken second approach, read the point 5.
5) Then create a new permission list, give full access on these pages and attach it to a new created role. Add this role to admins user profile.
After doing this, users will have read only access on these pages maintaining security of People soft system while admins will get full access.
Write me for any query/confusion ....
In this post, i'll brief how to revoke access from users to add/modify/delete any permission lists, roles or user profiles ?
This is vital to the PeopleSoft application, if not done, users can change any profiles abd get any access you have emplyed security upon .
I'll discuss how to revoke access so that users will have display only access while opening any permission list, role or user profile. Also they wont see delete or copy permission list/role and user profiles .
The security related pages are added to Maintain_Security menu. Our aim is to give display only access on these pages.
Approach:
1) We need to identify which permission lists give access to these pages.The name and number of PL's differ from one application to other.Navigate to PeopleTools->Portal->Structure and Content.
2) Navigate to any page contained in Maintain_Security eg. delete user profile, click on security tab and see what all permission lists are added over there.
3)oracle delivers the applications in such a way that access to all these pages are given to few permission lists. So now our aim is to revoke access from these permission list.
4) There can be multiple approaches from here,one could be to find through which roles users are having access to these permission lists and remove the actual permission list/Roles from users and give a duplicate of these permission lists with pages under Maintain_Security made display only. Other way is to change these delivered permission list and make the pages display only. If taken second approach, read the point 5.
5) Then create a new permission list, give full access on these pages and attach it to a new created role. Add this role to admins user profile.
After doing this, users will have read only access on these pages maintaining security of People soft system while admins will get full access.
Write me for any query/confusion ....
No comments:
Post a Comment