(703) 860-6945

The “Pessimistic” Security Model for Microsoft Dynamics GP

The “Pessimistic” Security Model for Microsoft Dynamics GP

Security in Microsoft Dynamics GP is completely different beginning with Dynamics GP10. It’s much stronger, but requires understanding to take advantage of the new capabilities.

Prior to Microsoft Dynamics GP10, user security took an “optimistic” approach. In other words, a user had access to everything, unless it was taken away. Microsoft Dynamics GP10 takes a “pessimistic” approach, meaning that you have access to nothing, until permissions are granted.

Let’s take a few minutes to understand how user security flows in Microsoft Dynamics GP. This will help you understand if your setup is working effectively in your organization.

The flow of security works like this:

Security is a multi-layered process. Using the images below, I will show you how to set up a new user and grant them security access.

 


1. Create a User by selecting User under System > Setup


   

2. Users are assigned access to companies by selecting User Access under System > Setup. Users will only be able to access the companies to which they are granted access.

1. Users can be given access to some companies

2. Users can be given access to ALL companies

 

 

 3. Assign Security Roles to users by selecting User Security under System > Setup 

1. GP has many default Security Roles created that can be selected. See below how Security Roles work.

2. You can also create custom Roles.

3. A role must be assigned to each user and company combination.

3a. If a user has access to more than one company, they can be granted different Roles for each company.

4. Assign an Alternate/Modified reports ID to each user on the User Security window as seen above.

1. If all modified reports and forms can or should be used by ALL users, you can use one ID for ALL users.

2. If there is a modified report or form that should NOT be accessed by ALL users (ie modified checks or invoices), then you can create more than one ID.

How do Security Roles work?

Security Roles are created from tasks. Tasks are grouped together to create a role. Tasks are groups of windows required to perform a function.

For example, the AR Clerk Role will give access to all windows within Microsoft Dynamics GP that an AR user would need to perform their job. It would include creating customers, updating addresses, creating invoices, credit memos, and returns. It would also allow them to apply payments and post batches. If, within your organization, you wanted your AR clerk to create invoices but did not want them to be able to apply payments, you can create a custom Role that allows them to do only the tasks you want. To do this you would go to Security Roles under System Setup and select only the tasks you want the user to be able to perform.

Below is a list of the default Security Roles setup for you in Dynamics GP.

Security Role ID Role Description
Accounting Manager Tasks include reviewing and approving accounts payables, accounts receivables, payroll and bank transactions, processing general ledger transactions, managing the accounting department including month-end and year-end processes.
AP Clerk Tasks include processing vendor invoices, paying bills, reconciling bank accounts, working with vendors, and assisting with payables month-end and year-end closing procedures.
AR Clerk Tasks include entering sales invoices, processing cash receipts, preparing collection letters, and assisting with receivables month-end and year-end closing procedures.
Bookkeeper Tasks include creating and paying vendor invoices, creating sales invoices, billing customers, receiving payments, reconciling bank statements, printing financial statements, and closing the books at the end of the month.
CA Agent (Contract Agent) Responsible for contract entry, maintenance and billing.
CA Manager (Contract Administrator) Responsible for all of the Contract Administration Management. Everything from setup to daily transactions and maintenance to period end closing and reporting.
CA Stakeholder (Contract Stakeholder) Can view and report on Contract Administration information.
Certified Accountant Tasks include managing and maintaining the general ledger, managing fixed assets, managing bank accounts, and performing auditing services.
CL Agent (Service Call Agent) Responsible for entering service calls, updating and completing service calls.
CL Dispatcher (Service Call Dispatcher) Responsible for entering, dispatching, updating and completing service calls.
CL Manager (Service Call Administrator) Responsible for all of the Service Call Management. Everything from setup to daily transactions and maintenance to period end closing and reporting.
CL Stakeholder (Service Call Stakeholder) Can view and report on Service Call Management information.
CM Manager (Collections Manager) Manager of the Collections Department.
CM Stakeholder (Collections Stakeholder) Ability to view and report on Collections information.
Collector Performs daily Collections tasks.
Customer Service Rep Tasks include answering customer service calls, verifying the status of stock items, processing and entering sales orders, authorizing customer returns, and returning goods to a supplier.
DP Manager (Depot Management Manager) Responsible for all of the Depot Management. Everything from detup to daily transactions and maintenance to period end closing and reporting.
DP Stakeholder (Depot Management Stakeholder) Can view and report on Depot Management information.
DP Technician (Depot Management Technician) Responsible for applying parts and labor to existing service calls.
FA Manager (Fixed Assets Manager) Responsible for all of the Fixed Asset management. Everything from setup to daily transactions and maintenance to period end closing and reporting.
FA Stakeholder (Fixed Assets Stakeholders) Ability to view and report on Fixed Assets information.
IT Operations Manager Tasks include managing network and server applications, creating reports in the enterprise resource planning system, and determining when new software and hardware is needed.
MFG Admin (Manufacturing Administrator) Manager of the Manufacturing Department access to set up, data archive, and view information.
MFG Inquiry (Manufacturing Reporting & Inquiry) Access to all reporting and inquiry windows and reports.
Operations Manager Tasks include ensuring the timely and cost-effective delivery of products, and managing the operations of the inventory, engineering, production, plant management, shipping, and receiving departments.
Order Processor Tasks include verifying that there is sufficient inventory for an order, sending new orders to production, verifying orders so that they are shipped correctly and completely, and collaborating with other departments on product issues.
Payroll Clerk Tasks include entering employee information, collecting time sheets, processing payroll checks for employees, and managing income tax reporting.
PM Agent (Preventive Maintenance Agent) Responsible for entering Preventive Maintenance schedules and events. Also, responsible for generating preventive maintenance service calls.
PM Manager (Preventive Maintenance Manager) Responsible for all of the Preventive Maintenance. Everything from setup to daily transactions and maintenance to period end closing and reporting.
PM Stakeholder (Preventive Maintenance Stakeholder) Can view and report on Preventive Maintenance information.
PowerUser Access to all tasks.
Purchasing Agent Tasks include reviewing minimum and maximum inventory levels, entering purchase orders, monitoring purchase order statuses, entering contact information for new suppliers, and inspecting bills for overcharged items.
Purchasing Manager Tasks include entering contact information for new suppliers, negotiating and maintaining contracts with suppliers, determining future production needs, and placing purchase orders.
RT Agent (Returns Management Administrator) Responsible for entering, receiving, processing and closing Return Material Authorizations and Return To Vendor transactions.
RT Manager (Returns Management Administrator) Responsible for all of the Returns Management. Everything from setup to daily transactions and maintenance to period end closing and reporting.
RT Stakeholder (Returns Management Stakeholder) Can view and report on Returns Management information.    
Shipping and Receiving Tasks include receiving shipments from vendors, verifying received shipments against purchase orders, monitoring late shipments and receipts, ensuring that goods are stored properly, and shipping orders to customers.
Warehouse Manager Tasks include managing periodic physical inventory counts, verifying the status of sales orders, managing inventory transfers, and overseeing the pick/pack/ship process.

0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*