Defining authorizations

For normal users, authorizations are defined for the use of sessions, databases, and libraries. These authorizations are defined in roles that you can link to the user profiles. In addition, you can define authorizations that are not dependent on a role, such as development parameters and device preferences. These authorizations are defined in templates that you can link to the user profiles. Super users do not have any restrictions and therefore are not linked to roles.

The result of this procedure is that users have authorizations relevant to the software and data that they need.

The authorizations are defined by using the Authorization Management System (AMS), which is an integrated part of the User Management module.

The system manager can use the AMS module to:

  • Define roles and subroles.
  • Connect a user to roles.
  • Define the various types of authorizations, for example, session authorizations, database authorizations, text group authorizations, and library authorizations.
  • Connect the various authorizations to roles.
  • Group some of the user data by using templates.

This makes it possible to define the authorizations for a group of related users that are identified by their role in an organization. The users can be connected to more than one role and a role can have subroles. For example, the manager of a department must have the same authorizations as his employees, but also needs additional authorizations.

The roles are defined in the Role Data (ttams2100m000) session. You can define the several authorizations by using the appropriate commands on the appropriate menu in this session.

If the mandatory data is entered, a conversion to the run-time data dictionary must take place to activate the new or revised authorizations.

Related topics