In order to allow me to focus on Consulting (click here) and Courses (click here), I continue to review all posts here in the Forums, but, in general, I'm only personally responding to posts that I mark as #AcumaticaTnT (click here). For Questions (click here), others may respond, or you can post over at Community.Acumatica.com (click here).
Questions Setting up User Security
I am about to tackle the issue of user security. In our company, no 2 users perform the same role and every role is unique. This probably nullifies the benefit of any role based security. It's probably going to be simple to setup security at the user level. I would like to test the setup in our test system before migration to pre-live environment. I don't see any means of copy function for the "Access Rights by User" screen.
Looking for advice from anyone whose gone through this process, in particular, migration of security settings. I guess i could look at building an Import Scenario.
If your user security is really based on the user rather than on the role, my recommendation is to name your User Roles the same as your Usernames. Then just assign one User Role to each Username.
As for testing, are you looking for a way to setup security in a Test environment, then import over to Production?
I've tried the import scenario, but I never got exporting to work the last time I tried it.
I find it's easier just to use a Customization Project to grab all of the security, then deploy it to a new tenant.
I don't know of a way to export/import.
But depending on how many roles you have, what i have done is use the clip board function. So you copy a role, switch tenant and paste, switch back, copy etc.
Obviously this is worth it only if you don't have too many roles.
Ellie, the Copy Role button prompts for a new role name. It cannot be used to copy roles between Tenants.
There is also no Clipboard copy button on the either User Roles, or Access Rights by Role (where the Copy Role button lives).
Are you sure you used this method to copy Security Roles? I really can't see how!
oops, i was thinking user types when reading this. Apologies for the false hope i gave...
would love to hear what solution you find eventually.
Manual copying by hand. Dual monitors comparing source to target Tenant. Using Access Rights by Role report as a guide of the nodes to check and then manually applying the config (used my own filters to group the report data by the Roles I defined). I have done pretty granular security as well, so this makes it even more time consuming.
3 days so far on this but will finish today. There really needs to be an export / import function for this!
Have you tried using a Customization Project for this? I find it works pretty well. The only issue is that you have to check-off all of the screens which takes a little time, but less time than copying everything manually.
That might have worked.... had i not already configured it by hand!
But anyway, it wasn't a complete waste of time as I did find a few small inconsistencies in the security of our main Tenant through this process.
Hey Tim, I have to do this all again thanks to a Partner mishap. I really don't want to clone the security manually again. Using your suggested method of Access Rights via Publish, does this bring over all associated User Groups as well?
Yes, unfortunately it's by Screen and not by User Role. But as long as you want all User Roles, that's not a problem.
It's a little tedious having to check off every screen, but it's not too bad. I used an AutoHotKey macro to arrow down, spacebar, arrow down, spacebar, repeated hundreds of times.
Here are details on how to do User Security with a Customization Project:
Did you try the steps outlined here?