Concepts

Tasks

Restricting Access to Enterprise

If necessary, you can remove or restrict the ability of a user to navigate to the Enterprise object. This will prevent users from accessing enterprise-level settings such as security, asset hierarchy, accounting, and site type settings.

A user might still be able to access objects in classes that are related to enterprise if they have a shortcut to the object (such as a security profile), or if there are site views that contain lists of the object (such as GL accounts). For complete security, you will need to secure the classes of those objects (that is, the Security Profile or GL Account classes).

If you restrict access to the Sites view on enterprise, users will be prevented from navigating to other sites using the site hierarchy. However, if a user has a shortcut to a site, or knows the asset number from another site, they might still be able to open the site object.

Note: If you select a Hidden profile as a user’s profile for the top site, the user will be restricted from opening the Enterprise window.

To Prevent Access to Enterprise

1.	Open the security profile and enter Security Setup mode.

2.	Navigate to the Site window.

3.	Right-click on the tool bar and select Mark as Disabled.

This prevents users from ‘going up a level’ to the Enterprise window.

1.	From the Site window, click on the tool bar. The Enterprise window appears.

2.	If appropriate, you can change the security setting for the Enterprise class by right-clicking the banner and selecting Secure Class.

Note: If you set the Enterprise class to Not accessible, this will prevent attributes owned by Enterprise from appearing in the system. For example, the name of the enterprise and the names of the asset hierarchies are all attributes owned by the Enterprise class. Instead, you might want to set Enterprise class to Read-only, and then turn off access to specific enterprise-level items.

To Allow Partial Access to Enterprise

1.	Open the security profile and enter Security Setup mode.

1.	From the Site window, click on the tool bar. The Enterprise window appears.

2.	Edit the security settings for any of the views, tabs, actions, attributes, or relationships that you want to restrict or enable.

For example, you will probably want to remove access to the Security, Data Management, and Services views for many security profiles. However, some users might still need to access the Accounting view to work with GL accounts and other accounting settings.

3.	You should review all of the menus in the Enterprise window to verify which actions should be enabled or disabled for the profile.

To Secure Classes Related to Enterprise

1.	Open the security profile and enter Security Setup mode.

1.	From the Site window, click on the tool bar. The Enterprise window appears.

2.	Select the view that contains the related objects (for example, the Security view).

3.	Double-click one of the objects to open it.

4.	Right-click the banner or title bar of the object and select Secure Class, and then the appropriate Mark as option.