Implementing security by division

Use this high-level workflow to limit user access to one or more divisions within your company.

  1. Optionally, set up division groups in SA Table Code Value Setup-Division Group.
  2. Set up all divisions for your company in SA Table Code Value Setup-Division.
  3. Assign buyers to the appropriate division in SA Table Code Value Setup-Buyer.
  4. Assign customers and customer ship tos to the appropriate division in Customer Setup and Customer Ship To Setup.
  5. In Customer Setup or Customer Ship To Setup, select the Restricted Editing option if the customer or ship to should not be edited by users regardless of their allowed division, unless they have security to edit restricted customers.
  6. Assign customer groups to the appropriate division in Customer Master Group Setup.
  7. Assign vendors to the appropriate division in Vendor Setup.
  8. In Vendor Setup or Vendor Ship From Setup, select the Restricted Editing option if the vendor or ship from should not be edited by users regardless of their allowed division, unless they have security to edit restricted vendors.
  9. Assign warehouses to the appropriate division in Product Warehouse Description Setup.
  10. Assign salesreps to the appropriate division in Sales Salesrep Setup.
  11. Assign division numbers to GL and invoice groups in GL Batch Setup and Vendor Invoice Group Entry.
  12. Assign users to their allowed divisions:
    1. Select System Administrator > Setup > Operator.
    2. Select the operator or operator group to change.
    3. Click Edit.
    4. In the Other Options view, specify these values:
      Division Group
      Select a division group to assign to this user.
      This is an optional method of grouping operators to assist when maintaining operator records in SA Operator Setup. You can search for a group of operators by specifying the Division Group in the Search function.
      Allowed
      In the Allowed Division Numbers grid, select the box in the Allowed column for all division to which the operator is allowed access, then click Allow.
  13. Restrict the user's access to module data within their allowed divisions:
    1. In the Security Settings sections, specify Yes for each Restrict Data Access For [module] option if the user should be restricted to seeing only the data for that module within their allowed divisions.
    2. Specify No if the user should not be restricted to seeing data for the module for allowed divisions only. Users that are not restricted can see data for the selected module for all divisions in the company.
    3. Specify Yes for Allow Editing of 'Restricted Editing' AP Records if the user is allowed to edit Vendor Setup or Vendor Ship From Setup records where the Restricted Editing option is selected.
    4. Specify Yes for Allow Editing of 'Restricted Editing' AR Records if the user is allowed to edit Customer Setup or Customer Ship To Setup records where the Restricted Editing option is selected.
  14. To restrict users' access to Infor Document Management forms based on their assigned division or division group, include the Division # and Division Group as an attribute type in the XML output sent to IDM when a form is printed.
    1. Select System Administrator > Administration > Integrations > Document Management.
    2. Select Save Documents in Infor Document Management with Division.
    3. Click Save.
    4. Download and import the 11.20.1 or later version of the IDM_SX_Configuration.xml file.
      This file includes the updated forms that include the Division # and Division Group attributes. See the Infor CloudSuite Distribution Configuration Guide or the Infor Distribution SX.e Configuration Guide for Infor Operating Service for instructions.
    5. Access IDM to set up the Access Control List (ACL) to use the attributes to control your users' access to the forms.
      See the Infor Document Management Output Management User Guide for information on setting up ACL lists.