Security access needed for Infor Process Automation users

When Infor Process Automation (IPA) is installed, the security classes and roles in the following table are delivered. Other applications might deliver their own classes and roles that provide similar access to those described here. Your application documentation should explain the behavior of security classes and roles it delivers.

You can assign the delivered roles to users or create your own roles by mixing and matching the available security classes to meet your needs. (Doing this requires knowledge of Infor Landmark Technology Runtime security tools.)

You can also, if you are expert at working with the Infor Landmark Technology Runtime security tools, create your own security classes and assign them to roles that you create.

Note: 

In the table below "_ST" indicates "Standard Template" and is intended to help you recognize a delivered security class or role (as opposed to one you might have created yourself).

Delivered role Intended for use by Contains these security classes
InbasketUser_ST Normal end-users who receive work items in the Inbasket

BasicProductLineAccess_ST

ProductLineAccess_ST

InbasketUser_ST

Lpa_ST

ProcessSchedulingAllAccess_ST

JobQueueServer_ST Users who must perform actions on the Landmark job queue.

BasicProductLineAccess_ST

ProductLineAccess_ST

JobQueueAccess_ST

ProcessDesigner_ST Process developers

BasicProductLineAccess_ST

ProductLineAccess_ST

Lpa_ST

ProcessDesigner_ST

ProcessSchedulingAllAccess_ST

ProcessServerAllAccess_ST IPA system administrators

BasicProductLineAccess_ST

ProductLineAccess_ST

Lpa_ST

LpaAdmin_ST

ProcessServerAllAccess_ST

ProcessSchedulingAllAccess_ST

ScheduledActionsAccess_ST

ProcessServerReadAccess_ST IPA assistant administrators, power users, developers (depending on policies at your site)

ProductLineAccess_ST

ProcessServerReadAccess_ST

Not delivered through a role. Assign the class to any role for users who need to assign proxies. Users who need to assign Tasks to other users to cover for them. ProcessAutomationProxy_ST
ConfigConsoleSecurityAdmin_ST Users who need full access to the Configuration Console.

ConfigAdminAccess_ST

SecurityConfigAccess_ST

ConfigConsoleSecurityAdmin_ST

Security class details

As delivered by IPA, the security classes listed in the above table provide access to the following.

  • BasicProductLineAccess_ST: In conjunction with ProductLineAccess_ST, provides general product line access that all Landmark actors need.

  • InbasketUser_ST: Access to user's own Inbasket for reviewing and taking action on work items.

  • Lpa_ST: Access to the Infor Process Automation system, including menus in the Landmark user interface. All IPA users need this.

  • LpaAdmin_ST: Access to Infor Process Automation administration menu options in the Landmark user interface.

  • JobQueueAccess_ST: Access to the Landmark job queue.

  • ProcessAutomationProxy_ST: Access to business classes related to proxy assignments.

  • ProcessDesigner_ST: Access to the business classes that the Infor Process Designer tool needs.

  • ProcessSchedulingAllAccess_ST: Provides read, write access to IPA triggering features.

  • ProcessServerAllAccess_ST: Provides read, write access to all IPA features.

  • ProcessServerReadAccess_ST: Provides read access to all IPA features.

  • ProductLineAccess_ST: In conjunction with BasicProductLineAccess_ST, provides general product line access that all Landmark actors need.

  • ScheduledActionsAccess_ST: Provides the ability to schedule Landmark actions.

  • ConfigConsoleSecurityAdmin_ST: Provides all access to the Landmark Configuration Console.

Is Run As Enabled access

The actor designated as the Infor Process Automation user must have Is Run As Enabled checked in order to write to users' Inbaskets. This allows the actor to run system programs.