Creating roles and authorizations

Initially, normal users do not have any authorizations for LN. Therefore, you must define the role-dependent authorizations for their function. You can use LN ’s Authorization Management System (AMS) to create roles for normal users and the associated role-dependent authorizations and create templates.

The authorization management procedures create a user environment with clearly defined tasks and duties for the normal users in a company.

Prerequisites

These prerequisites are required to create roles and authorizations:

  • The functions and associated tasks are clearly defined for the employees.
  • The software components to which access is required for the functions are clearly defined.

The case study explains how to create roles and authorizations and helps you understand the functions and features of LN ’s AMS. The case study also describes the role concept in the context of a real situation.

The case study describes authorization management at Global Enterprises, which has offices in The Netherlands and the United States. These offices are designated as the Holland Company and the USA Company. Enable employees of Global Enterprises to use the company’s data dictionary and the databases of both offices.

For detailed instructions see the online help of the sessions

Procedure introduction

The authorization management procedure is split up into several smaller procedures. The system administrator can use them as stand-alone procedures to maintain the authorizations at the various levels. The additional roles, which define additional authorizations on top of the standard role, can also be created with this procedure.

Case study - Authorization management at Global Enterprises

The system administration department at Global Enterprises is responsible for management of the employees’ authorizations. Authorization management involves the definition of the role-dependent authorizations for the employees in roles. To ensure that the user authorizations are maintainable, the system administrator defines one standard role with the most basic authorization, and additional roles for specific tasks.

The authorizations that are defined in the standard role are required by the users to use Global Enterprises’ general data dictionary and the data of the offices in the Netherlands and the USA.

In the standard role, the system administrator defines the session authorizations and library authorizations at the various levels. In addition, the system administrator ensures that the users cannot change their own user data.

Procedure summary

This list shows the procedure steps and the corresponding sessions.

  1. Take inventory of the roles in your organization
  2. Define the authorizations per role in the session.

    Through the appropriate menu in this session, you can:

    • Define session authorizations.
    • Define database authorizations, table and table field authorizations.
    • Define library authorizations.
    • Define company authorizations.
    • Optionally: define authorizations in sub-roles and link these sub-roles to the main role in the session.
  3. Convert the user file to the runtime data dictionary with the session.
  4. The relevant users must log off and log on again.