Company and Division Security
This document describes the programs and methods used to define users in M3 Business Engine and to control user access to companies and divisions.
User definitions
In order to use M3, each user must be defined in 'User. Open' (MNS150). This program contains all the environmental information that is assigned to each user to set up the correct environment when the user starts a new session. The user can override some, but not all the settings within the session.
User definitions are created on the E panel. They include the default values for the company and division, language, date format, and so on, for a user.
On the F panel, the Menu version prompts to 'Menu Version. Open' (MNS080). A menu version must be entered.
Menu versions are variants of a menu that can be created in M3 Business Engine and attached to copies of existing menus. Any menu can have several versions. All menus are created with a blank menu version by default. The version of a menu carries the original menu name and the version name. It can be an identical copy of the original menu or a variant of the original. In practice, it is often a complete copy.
The Start menu is defined in 'Function. Open' (MNS110).
Controlling user access to companies and divisions
Since M3 is delivered as an open system, users have access to all companies and divisions. In order for users to have restricted access to companies and divisions, they must be defined in 'User. Open' (MNS150) and must also be authorized to use the companies and divisions in question. This authorization is specified in the function 'Authorization. Specify for Company' (MNS151).
A list of user access can be printed through 'User Access Report. Print' (SES500).
Option 11='User permissions to Cmp/Div' displays 'User. Access per Company Division' (MNS151), allowing you to selectively control user access. It is used for interactive maintenance of the list of companies and divisions to which the user is authorized.
Option 21='Update User Access all Cmp/Div' grants the user access to all companies and divisions. It is used as a reset. This option is often followed by option 11 to trim the list. There is no display panel with option 21. As soon as you press Enter the data is updated.
Authorization to company
Information entered in 'User. Open' (MNS150) can be overridden by information entered in 'User. Access per Company Division' (MNS151) for the specific combination of user, company, and division. This can be helpful if one division operates under a different date format or another language, for example.
In 'User. Open' (MNS150), select option 11='User permissions to Cmp/Div'. This starts 'User. Access per Company Division' (MNS151).
To grant access to a company/division, enter the name of the company/division and select New. On the E panel, you can override some of the fields specified in 'User. Open' (MNS150), such as start menu or user group.
To remove access to a company/division, select Delete.
Differences between option 1 and option 3 when creating user
When you create a new user in 'User. Open' (MNS150), the user is initially only authorized to the company/division defined in 'User. Open' (MNS150/E). Authorizing a user to other companies and/or divisions must be done manually in (MNS151). In addition, option 21='Update User Access all Cmp/Div' on the 'User. Open' (MNS150)/B panel for a certain user will authorize the user to all companies/divisions in the database.
If you use option 3='Copy' to create a new user based on an existing one, only the responsibilities (defined in MNS151) of the based-on user are assigned to the new user.