user management implementation at ucl mike haward april 2015 version 1.0
TRANSCRIPT
![Page 1: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/1.jpg)
User Management Implementationat UCL
Mike Haward
April 2015
Version 1.0
![Page 2: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/2.jpg)
User Management (UMX)(a new Oracle eBusiness Suite module that extends the standard FND security)
![Page 3: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/3.jpg)
User Management at UCL
UCL are using the following features:
1.Roles 2000 responsibilities -> 25 roles
Entry level role (UCL Staff, consists of 5 responsibilities) allocated automatically when employee record created
2.Devolved administration of users 400 paper requests for change per week -> NONE
DA in each department administers their users
3.Custom process for Auth Sig setup 100 paper requests for change -> NONE
![Page 4: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/4.jpg)
1) Roles
UCL have broadly split roles into the following categories:
![Page 5: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/5.jpg)
1) Roles
You can look at the Role definitions and hierarchy on User Management:
But to be honest it’s a lot easier to see in the spreadsheet!
Microsoft Excel Worksheet
![Page 6: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/6.jpg)
Each User Management role is configured to be restricted in 3 ways defining what:
a) Functions you are allowed to use
b) Users you are allowed to administer
c) Roles you are allowed to assign/revoke
As far as I can tell this is common functionality that could be used across any module!
2) Devolved administration of users
![Page 7: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/7.jpg)
2) Devolved administration of users
FIVE levels of User Management access have been configured:
1. User Management2. User Management for MyFinance Support3. User Management For Finance4. User Management for SFDs5. User Management for DAs
![Page 8: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/8.jpg)
a) Functions b) Users c) Roles
1. User Management Configuration & Setup of User Management
(User Management lead)
ALL ALL ALL
2. UCL Central User Management Administrator
Helpdesk and MyFinance support teams
User Admin Hierarchy* ALL UCL roles
3. UCL Finance Department User Management Administrator
Finance User Admin Hierarchy* Finance RolesDepartmental Roles
4. UCL SFD User Management Administrator
School Finance Directors User Admin Hierarchy* Departmental Roles(inc. DA role)
5. UCL Local Dept User Management Administrator
Departmental Administrator
User Admin Hierarchy* Departmental Roles(exc. DA role)
*Hierarchy - by default your starting point in the Hierarchy will be your position in the Org Hierarchy according to your employee (per_all_people_f) recordTo change a User Management user’s default starting position in the hierarchy then use the User Level Profile Value: UCL User Management Hierarchy Point
2) Devolved administration of users
![Page 9: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/9.jpg)
a) Functions you are allowed to use
•Role defn includes a ‘Grant’ called UCL Local User Admin Grant User Management UIs
2) Devolved administration of users
![Page 10: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/10.jpg)
We should have excluded those. But we left them there and then personalised them away. Doh!
2) Devolved administration of users
![Page 11: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/11.jpg)
b) Users you are allowed to administer
•Role defn includes a ‘Grant’ called User Administration Privileges
2) Devolved administration of users
![Page 12: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/12.jpg)
Your default hierarchy starting position
Or your profile value if you have one set
2) Devolved administration of users
![Page 13: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/13.jpg)
c) Roles you are allowed to assign/revoke
•Role defn includes a Security Wizard where you can set this up
2) Devolved administration of users
![Page 14: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/14.jpg)
2) Devolved administration of users
![Page 15: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/15.jpg)
3) Auth Sig Custom Process
![Page 16: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/16.jpg)
ImprovementsOracle
-record history
- On screen
- WF_LOCAL_ROLES
-inheritance trail
- On screen
- SQL
UCL
-AS cust screen vs role
-AS WF identifiers
-Personalisation vs Grants
![Page 17: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/17.jpg)
Questions?
![Page 18: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/18.jpg)
DEMOSCRATCH: https://ebsdev.adcom.ucl.ac.uk:8406/OA_HTML/AppsLogin
DEV: http://www.ucl.ac.uk/myfinance/dev
![Page 19: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/19.jpg)
Slides not used below here
![Page 20: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/20.jpg)
• Responsibility. But you cannot use it until you also have the “Security Administrator” role
• Gives you access to:
• All User Management Functions
• All Users
• All User Roles Assignments
2) Devolved administration of users
![Page 21: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/21.jpg)
• Roles.
• Give you access to:
• User administration only
• Only users in your part of the hierarchy or below
• Only restricted roles to assign/revoke
2) Devolved administration of users
![Page 22: User Management Implementation at UCL Mike Haward April 2015 Version 1.0](https://reader034.vdocuments.site/reader034/viewer/2022051315/56649ee45503460f94bf3b61/html5/thumbnails/22.jpg)
Default (DO NOT CHANGE THIS)
As an exception, put Nicola at the top of the hierarchy so that she can administer all users:
2) Devolved administration of users