By using this website, you agree to our Terms of Use (click here)
In order to allow me to focus on Consulting (click here) and Courses (click here), I continue to review all posts here in the Forums, but, in general, I'm only personally responding to posts that I mark as #AcumaticaTnT (click here). For Questions (click here), others may respond, or you can post over at Community.Acumatica.com (click here).
Sincerely,
Tim Rodman
I am about to tackle the issue of user security. In our company, no 2 users perform the same role and every role is unique. This probably nullifies the benefit of any role based security. It's probably going to be simple to setup security at the user level. I would like to test the setup in our test system before migration to pre-live environment. I don't see any means of copy function for the "Access Rights by User" screen.
Looking for advice from anyone whose gone through this process, in particular, migration of security settings. I guess i could look at building an Import Scenario.
If your user security is really based on the user rather than on the role, my recommendation is to name your User Roles the same as your Usernames. Then just assign one User Role to each Username.
As for testing, are you looking for a way to setup security in a Test environment, then import over to Production?
So in the end I did set up role based security but the roles were limited to specific areas of the system. I then granted each user one or more roles depending on what access they needed. It worked out really well.
Now the issue is we are working out deployment of our next Tenant and i don't want to have to setup all of the roles manually as a lot of effort went in to it. Has anyone tried migrating Security Roles via Export / Import scenario?
I've tried the import scenario, but I never got exporting to work the last time I tried it.
I find it's easier just to use a Customization Project to grab all of the security, then deploy it to a new tenant.
@timrodman Hi I am in the process to export user roles and User types to the test server, I am interested to use the recommended Customization Project to grab all of the security - Please advise what Customize entity will be selected to select the custom designed User Role?
Note: I selected the Access Rights by Role on screen SM201025 - selected the Customization > Select Project > created a new Project
When I view the Project created it is empty, hence the expected User Role was not copied to the project.
Retha
I don't know of a way to export/import.
But depending on how many roles you have, what i have done is use the clip board function. So you copy a role, switch tenant and paste, switch back, copy etc.
Obviously this is worth it only if you don't have too many roles.
Ellie, the Copy Role button prompts for a new role name. It cannot be used to copy roles between Tenants.
There is also no Clipboard copy button on the either User Roles, or Access Rights by Role (where the Copy Role button lives).
Are you sure you used this method to copy Security Roles? I really can't see how!
oops, i was thinking user types when reading this. Apologies for the false hope i gave...
would love to hear what solution you find eventually.
Manual copying by hand. Dual monitors comparing source to target Tenant. Using Access Rights by Role report as a guide of the nodes to check and then manually applying the config (used my own filters to group the report data by the Roles I defined). I have done pretty granular security as well, so this makes it even more time consuming.
3 days so far on this but will finish today. There really needs to be an export / import function for this!
😮
Good luck!
Royce,
Have you tried using a Customization Project for this? I find it works pretty well. The only issue is that you have to check-off all of the screens which takes a little time, but less time than copying everything manually.
That might have worked.... had i not already configured it by hand!
But anyway, it wasn't a complete waste of time as I did find a few small inconsistencies in the security of our main Tenant through this process.
Hey Tim, I have to do this all again thanks to a Partner mishap. I really don't want to clone the security manually again. Using your suggested method of Access Rights via Publish, does this bring over all associated User Groups as well?
Yes, unfortunately it's by Screen and not by User Role. But as long as you want all User Roles, that's not a problem.
It's a little tedious having to check off every screen, but it's not too bad. I used an AutoHotKey macro to arrow down, spacebar, arrow down, spacebar, repeated hundreds of times.
Here are details on how to do User Security with a Customization Project:
Online Members
