Assign Security Profile window

Similar Messages

• Global Security Profiles

  Can somebody list out the steps to be done to create a Global security profiles. Is any document available. Please let me know.
  Tks.

  Hi,
  Im trying to change the standard securtiy to security using Security Groups.We are having multiple BG's (3). This what I did:
  1. Enable the profile Enable Security Groups at application level to YES
  2. I ran the concurrent Enable Multiple Security Groups.
  3. I was now able to open the Assign Security Profiles window.
  I created a new user under sys admin with no resp attached. For this user I attached the HRMS Manager resp thrice with different BG & Securtiy profile combinations under Assign Security Profiles window. When I log in as the new user, I dont see all the three resp I defined. I can see only two resp with suffix standard and name of one BG appended to HRMS Manager. The resp with other BG's as suffix are not appearing.
  Kindly advise.

• Create security profile based on different payroll

  we have two payrolls, I want to assign different responsibilities based on the two apyrolls. I tried to do that by creating a new security profile but it is not working. can anubody tell me in detail steps what to do, please..

  tvikramsingh,
  Just want to confirm here --- I thought the check to see if multiple security groups is enabled is to go to US Super HRMS Manager => Security => Assign Security Profiles. If that windows open up, that means security groups are enabled.
  Plus in our instance we dont have Security List Maintenance scheduled which adds to my confusion....
  Can someone clarify?
  Thanks

• How to attch the Security Profile

  Hi all
  I have created sec profile. The next step will be Step 3. Attach this security profile as a profile option to our responsibility named “XX HRMS IT Technical Resp”.
  Question: Which responsibility i mus habe, because if i use the responsibility of: Super HRMS Manager, than i can't Super HRMS Manager - Security - Assign Security Profile. I get the error message: APP-PER-52928: You cant use this form when useing Standard HRMS Secruity.
  Please advice.
  Thanks

  Assign it from system administrator.... HR:Security Profile Profile option

• 11.5.9 - Security profile

  Hi,
  A HR user is having full access to view employees from all organization, but now, we have to exclude one of the department, so tht this user should not view employees from the excluded department (say 'Development' org).
  Is it possible to do it without creating a new responsibility (because only one user is going to use this) ? Can we do it thru custom security profile (restict this user to view employees from all departments except 'Development' department).?
  Thanks in advance.

  In later releases you have 'User-based' security which would allow you write a Custom Restriction that does something like:
  ((fnd_profile.value('USER_NAME') = 'ONE_USER' and ASSIGNMENT.organization_id <> 123) OR fnd_profile.value('USER_NAME') <> 'ONE_USER')
  However, in 11.5.9 user-based custom security doesn't exist so I think you're out of luck.
  If you're enabled Multiple Security Groups - and it sounds like you haven't - you assignment Responsibilities and Security Profiles to individual users, rather than assigning Security Profiles to Responsibilities. With Multiple Security Groups you could simply create a new Security Profile for this one user and assign that.
  However, if you don't have Multiple Security Groups - and I don't recommend you implement it for this because it has many implications - then it's a new responsibility I'm afraid.

• Security Profile with Assignment-level Security limitations

  Hi, We are on an R12 installation, and have a security profile based on Organization Hierarchy (With Assignment-Level Security - i.e. 'Restrict on Individual Assignments' checkbox is ticked); this is based on a specific organisation as the 'Top Org' rather than the User's own Assignment.
  The profile option "HR: Access Non-Current Employee Data" is set to 'Yes', but the security profile still restricts access to Future-Dated Assignments and Ended Assignments. Is this expected behaviour, and is the only solution to develop a Custom security profile, and is this even feasible (to replicate organisation hierarchy security using SQL in the custom security tab), or would we have to use a different criteria, such as Payroll?
  Regards, Chris

  Further investigation reveals this is a limitation of the product - within security, the selection criteria which determines which individuals (or assignments) is handled seperately to Assignment-level security (i.e. whether individual assignments are restricted), it is not possible to get around this issue even using custom security, as that does not give one the power to determine how individual assignments are handled. Thus if assignment-level security is implemented, the user cannot see Ended or Future-Dated assignments, even if the profile option "HR: Access Non-Current Employee Data" is set to 'Yes'.
  The only workaround we have found for this is to:
  a) remove assignment-level security, and
  b) ensure that where an employee has multiple assignments that cross security groups, this individual is set up twice, as two separate employees.

• Urgent!! How to make Security Profile Based on Payrolls???

  Dear Everyone,
  I am facing this urgent case which is:
  * My company have 2 payrolls, they need to make security based on payrolls, and the case is our HR team can access all employees data including elements except managers elements or managers data at all ( so they cant find them while querying on them from people enter and maintain window)
  * I tried to make a separate payroll for managers (third payroll) and then making security profile includes all payrolls so they can access all payrolls element and data, then I make another security profile with the original 2 payrolls for other HR team so they can access employees assigned to these payrolls only, but I had to choose which is restricted ( employees or contingent workers or applicants or contacts), I tried to restrict employees in both security options, then I assigned the first security profile which includes the 3 payrolls to their responsibility in profile options, also did that with the second security profile and assigned to the profile option for the responsibility of HR team.
  after choosing restrict employees in security profiles, in both responsibilities I cant find any employees( because I restricted them).
  Please tell me how to make some of the top management cannot be find within search in people enter and maintain, only top management responsibilities can access all employees data and information.
  thanks for your time
  Mohamed Mannaa
  [email protected]

  to use custom you can write something like
  ASSIGNMENT.grade_id in (select g.grade_id
  from
  per_grade_definitions gd,
  per_grades g
  where
  g.grade_definition_id=gd.grade_definition_id (+)
  and gd.segment1 <= 12
  this is showing all employees having grade less than or equal to 12; you can use any other criteria based on your needs.

• PDF form with buttons opens up URL with security warning window

  I have a short-lived process that renders PDF form with data merged. The data is in XML format. 
  The form buttons are assigned URL values when the form is opened. When I click on them,I get a Security warning prompting me to allow/block that site. When I click on 'Allow', I get a window of download statistics of the website that in the URL.
  This would be annoying to the end user. How I do I suppress the Security warning window as well as the download statistics window before the PDF is opened ? Can this be done either at the process design, form design stage or using Java APIs ?
  Thanks,
  Jyothi

  I have a short-lived process that renders PDF form with data merged. The data is in XML format. 
  The form buttons are assigned URL values when the form is opened. When I click on them,I get a Security warning prompting me to allow/block that site. When I click on 'Allow', I get a window of download statistics of the website that in the URL.
  This would be annoying to the end user. How I do I suppress the Security warning window as well as the download statistics window before the PDF is opened ? Can this be done either at the process design, form design stage or using Java APIs ?
  Thanks,
  Jyothi

• Lost Security Profile Password

  I'm using Acrobat Pro 7.0 and have misplaced the password on a security profile.  When I originally set it up, I checked the box that said "Save Passwords with Policy".  Is there a way I can retrieve the password from my Windows XP system?

  If the user account is associated with an Apple ID, and you know the Apple ID password, then maybe the Apple ID can be used to reset your user account password.
  Otherwise*, boot into Recovery mode. When the OS X Utilities screen appears, select
  Utilities ▹ Terminal
  from the menu bar. In the window that opens, type this:
  res
  Press the tab key. The partial command you typed will automatically be completed to this:
  resetpassword
  Press return. A Reset Password window opens. Close the Terminal window to get it out of the way.
  Select your boot volume ("Macintosh HD," unless you gave it a different name) if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Follow the prompts to reset the password. It's safest to choose a password that includes only the characters a-z, A-Z, and 0-9.
  Select
   ▹ Restart
  from the menu bar.
  You should now be able to log in with the new password, but your Keychain will be reset (empty.) If you've forgotten the Keychain password (which is ordinarily the same as your login password), there's no way to recover it.
  *Note: If you've activated FileVault, this procedure doesn't apply. Follow instead these instructions.

• How to restrict employees from accessing managers data using custom security profile

  Hi,
  I am using custom security profile for restricting the employees from accessing supervisors details(PG.SEGMENT2=4). I have written the custom code as below :
  Responsibility :US Super HRMS Manager
  ASSIGNMENT.PERSON_ID
  IN
  (SELECT PAF.PERSON_ID FROM PER_ALL_PEOPLE_F PAF,
  PER_ALL_ASSIGNMENTS_F PF,
  PAY_PEOPLE_GROUPS PG,
  PER_PERSON_TYPE_USAGES_F PPU,
  FND_USER FNU
  WHERE PAF.PERSON_ID=PF.PERSON_ID
  AND :EFFECTIVE_DATE BETWEEN PAF.EFFECTIVE_START_DATE
  AND PAF.EFFECTIVE_END_DATE
  AND PF.PEOPLE_GROUP_ID=PG.PEOPLE_GROUP_ID
  AND :EFFECTIVE_DATE BETWEEN PF.EFFECTIVE_START_DATE AND PF.EFFECTIVE_END_DATE
  AND PPU.PERSON_ID=PAF.PERSON_ID
  AND PPU.PERSON_ID=PF.PERSON_ID
  AND :EFFECTIVE_DATE BETWEEN PPU.EFFECTIVE_START_daTE AND PPU.EFFECTIVE_END_DATE
  AND PAF.PERSON_ID=FNU.EMPLOYEE_ID
  AND PAF.PERSON_TYPE_ID =2
  AND PPU.PERSON_TYPE_ID
  IN(2,62)
  and PAF.person_id = FND_PROFILE.value('user_id')
  AND PG.SEGMENT2=8)
  and using "restrict the people visible to each other using this profile".
  I have assigned the security profile to HR user responsibility
  But when I query the supervisor name in HR User responsibility , it is not restricting me from viewing supervisor details.
  When I query for first time, its restricting me to view others details, but when I close that click on torch button and try searching, its allowing me to access manages details.
  Can any one please let me know what setups need to be done for restricting employees from viewing supervisors data.
  I have gone through the document "Understanding and Using HRMS Security in Oracle HRMS" but didn't got any idea.
  Please suggest.
  Thanks & Regards,
  Anusha.

  Hi All ,
  i solved the problem by using event 01 of header view and using the table "Extract" .
  Regards,
  Neha

• Mapping Apps security profiles in Discoverer

  Hello
  We wish to implement a 2-tiered security architecture. We already have the 1st tier in place in Disco Admin by assigning specific Business Areas to responsibilities.
  However, we also want to use the Apps custom Security Profiles to restrict access to tables and views through Discoverer Admin.
  How can this be implemented? Any examples would be most welcome.
  Thanks
  Sanjib Manna
  Oracle Practice
  IBM Business Consulting

  You can use the following query to look for all the security profiles. You can join the hr_operating_units to fnd_profile_option_values.level_value to get the desired result.
  SELECT psp.security_profile_name,
         psp.security_profile_id,
         hou.NAME,
         hou.organization_id
    FROM per_security_profiles psp,
         per_security_organizations pso,
         hr_operating_units hou
  WHERE pso.security_profile_id = psp.security_profile_id
     AND pso.organization_id = hou.organization_id;Additionally, you can also have a look at the below MOS docs.
  How To Check If a Profile Option Is Set In Oracle Applications? [ID 470102.1]
  How to Search all of the Profile Options for a Specific Value [ID 282382.1]
  How To List E-Business Suite Profile Option Values For All Levels Using SQLPlus [ID 201945.1]
  Script To List The Values Of A Profile Option At All Levels [ID 803587.1]
  How to Search all of the Profile Options for a Specific Value [ID 282382.1]
  How To Find All Users With A Particular Profile Option Set? [ID 367926.1]
  How to Change Profile Option Value Without Forms? [ID 943710.1]
  Cheers,
  ND
  Use the "helpful" or "correct" buttons to award points to replies.

• R12 Security Profiles

  Hi- novice here. I do this: select security_profile_id, security_profile_name
  from per_security_profiles
  If I do the above query, I get values like:
  1508 SECCPF5O
  1509 SECCPF5P
  1510 SECCPF5R
  1511 SECCPF5T
  1512 SECCPF5V
  1513 SECCPF5W
  1514 SECCPF5X
  These are security profile names. My client uses these to decide what data a user can see when they log in. What the custom code is doing is comparing that security profile name (formerly secure_oracle_username in 10.7) with the user that is logged in and lets the user see specific data based on this.
  The thing is, user names are not the above SECC% name. I need to know where in the database (tables or forms) I can find the relation between who is logged in (user name) and the security profile for each. Is there a table to coorolate the two? I assume all users have a security profile attached to them correct? Is there a form I can navigate to in order to see/assign this? If so, I can examine that form and find the tables.
  Thanks in advance for your input.

  Pl post details of OS, database and EBS versions.
  Pl see if these MOS Docs can help
  Understanding and Using HRMS Security in Oracle HRMS          (Doc ID 394083.1)
  Secure Users Functionality in Release 11          (Doc ID 50850.1)
  You Have Installed, Now Before You Setup, Read This! - HR Shared          (Doc ID 116376.1)
  More information is in the "Oracle HRMS Configuring, Reporting, and System Administration Guide" for your release at http://www.oracle.com/technetwork/documentation/applications-167706.html
  HTH
  Srini

• How to make Custom Discoverer workbook use Custom Security profile of Apps

  We use Discoverer in Oracle Apps setup. We have added Custom security in our HR People Form of Apps.
  This Custom Security restricts one HR Emplpoyee not view other HR employee record except for himself/herself. Also maintining that they should be able to view all other employee's records.
  The following code was put under the Security Profile Form -- > Custom Security Tab
  exists (select 1
  from per_jobs b
  where ASSIGNMENT.job_id = b.job_id
  and (b.name not like '%HR%')
  and (b.name not like '%Human%')
  and ASSIGNMENT.assignment_number is not null
  union
  select 1
  from fnd_user fu
  where fu.user_name = fnd_global.user_name
  and fu.employee_id = PERSON.person_id
  and ASSIGNMENT.assignment_number is not null)
  Above security profile works fine for HR People Form.
  However, It does not work for our Discoverer Workbooks. I found a note on Metalink 422841.1 which talks about leveraging the Custom Security of Apps in Discoverer Report. I read it, but did not get much clue.
  Can Anyone help.
  Thanks

  Hi,
  If you want to use custom HR security with Discoverer you have to ensure that the correct security filters are applied when the Discoverer reports are run. These filters can use the supplied HR_SECURITY package or you can develop your own conditions using table lookups or functions. To get the filters applied to your reports you have a number of options:
  1. Build the security into custom folders using additional conditions
  2. Use custom database views in Discoverer and build the security into the views
  3. Use mandatory conditions in you Discoverer folders using either a function call or database contexts set at login time
  4. Use VPD (Virtual Private Database)
  I am not sure which of these options you are using to implement your HR security in Discoverer. The last option, VPD, is the most flexible and can give the best performance but maybe it is more complex to set up.
  Rod West

• Security Profile Not Working

  Hi,
  I want to restrict persons records based on their assignment - organizations.
  Approach 1:
  For this i have created a new custom security profile in Organizatin Security tab
  Security Type : Secure organizations by organization hierarchy and / or org list
  Organization Hierarchy : <gave our primary reporting here>
  selected radio button - use the org on the users's assingemnts as the top org
  In the next block under organization name, gave org 1 and selected Include radio button and next 5 orgs (org 2 to org 6 ) and choosed Exclude radio button (Classification column left blank for all orgs).
  Assigned this Security profile to resposbility (for HR:Security profile)
  When i login to this responsbility and query in enter & maintain form; I am able to see all persons belong to org 2 to org 6; My expectation i should see only those persons whose assignment has org 1;
  Approach 2:
  I have created one more new security profile (in the custom security tab); selected Restrict the people visible to this profile , and gave in command box
  ASSIGNMENT.organization_id = 100 (org id 100 is for Org 1)
  and assigned this to responsbility; When i login to this resp , my expectaion is it will show only persons who assignments having org1. But it shows all other persons, whose assignment having differents orgs (org 2 to org 6)
  In both the above two approaches, I am not getting what i am looking for.
  I have even ran Secuirty List Maintanence program also
  I am doing some thing wrong? Please help on this?
  We are on 11.5.10
  Thanks!!

  Hi
  Is this still aproblem or has Gaurav sorted it out for you. His explanation looks like it will solve the problem, but there might also be a problem in the coding of the custom code. You should be able to achieve what you want without the custom code, by using the organisation tab instead.
  Regards
  Tim

• HR: Security Profile at User Level

  Hi
  As HR: Security Profile is not enabled for user level, but sometime we need it for some users. Workaround is set up a different responsibility for the same.
  Also We can go to Application Developer Responsibility and set enable user level for HR: Security Profile option. Is it Ok to do it or this may break the system at some point.
  Suggestions Please.

  Gaurav,
  I am not an expert in this area, but I do not think enabling the profile at the user level will cause any issues. In our site, what we have done is to create a security profile specific to that user and assigned it in the HR module (not sure of the specifics, but I can find out if you are interested) - we did not enable the profile option at the user level as you are wanting to do. SR can provide you with another opinion :-)
  HTH
  Srini