AutoSynch and Synch OrgUnit Permissions Article

AutoSynch and Synch OrgUnit Permissions Article

When new Account Numbers are setup in Great Plains Accounts ("ERP") software it is necessary to maintain a mirror image of those Account Numbers in Dynamic Budgets.  This process is managed through the Synchronize Chart of Accounts and its related "Yellow Brick Road" Wizard.


Step 4 of the "Yellow Brick Road" requires the manual/customized setting of Assign User Permissions to users.  Users need to be assigned access to OrgUnits including related Read, Write and Approve functionalities and, if applicable, Sensitive Levels (which is setup at the Object level and assigned at the OrgUnit level), Sensitive Summary/Detail (which is setup at the Account Number level and assigned at the OrgUnit level), and Accounts permissions (which is setup and assigned at the Account Number level).  Please see How Do I Setup a User Profile, Company and OrgUnit Permissions for a New User Or Edit An Existing User?


A) AutoSynch is an administrative tool which automatically gives users permission to:


i) New Budget Account Number/s for both CompanyDB/s and OrgUnit/s for which a User already has permission/s.  Please see Assign User Permissions for an explanation of the security hierarchy.

Existing OrgUnit security is not changed by the AutoSynch and if Account level security is activated (How Do I Activate and Use Account Level Security?)  the new Account will automatically be selected and therefore visible to the User.  For example, a user has access to OrgUnit 100 and a new account was added to the OrgUnit, 100-4500-01, the user will receive permissions to the new account. However if the user did not have access to OrgUnit 100, they would not receive permissions.


ii) All New Budget Account Numbers for newly added OrgUnit/s (see Add OrgUnits) for CompanyDB/s for which the User has permission/s;  the AutoSynch automatically gives the User permission to the newly added OrgUnit/s.  These permissions are standardized by the User's Role as follows:


System Manager


The standard permissions for the System Manager role is Read, Write, Approve, Sensitive Summary, Sensitive Details, Sensitive Level 5 and all Accounts are selected.


Administrator - Unrestricted


The standard permissions for the Administrator - Unrestricted role is Read, Write, Approve, Sensitive Summary, Sensitive Details, Sensitive Level 5 and all Accounts are selected.


Administrator - Restricted


The standard permissions for the Administrator - Restricted role is Read, Write, Approve, Sensitive Summary, Sensitive Level 1 and all Accounts are selected.



Application User


The standard permissions for the Application User role is Read, Write, Sensitive Summary, Sensitive Level 1 and all Accounts are selected.




A User is assigned the AutoSynch either on Map Users to Companies or Assign User Permissions/Company Permissions tab by checking the AutoSynch box for the required CompanyDB and then clicking


.




B) Synch OrgUnit Permissions is an administrative tool to give users standardized permissions to OrgUnit/s for CompanyDB/s for which they have access.

For OrgUnit/s that the User already has access to this tool does not override existing Read, Write, Approve, Sensitive Summary, Sensitive Details, Sensitive Level  permissions but will select all Accounts for viewing.  These permissions are also standardized according to the Role assigned to each user.  The standardize permissions are the same as outlined above  in A) ii).

In order for the Synch OrgUnit Permissions tool to work, both the "ACCESS" and "AUTOSYNC" boxes need to be checked for the required CompanyDB.


1) Select the UserID for which you wish to Synch OrgUnit Permissions;

2) Click the "Sync OrgUnit Permissions" button.  Once the process is complete, a success message will appear.



Below is an example of permissions for user1 before Synch OrgUnit Permissions:




And below are user1 permissions after Synch OrgUnit Permissions.  The permissions highlighted in yellow have not changed from before.  As discussed all the Accounts are now selected for viewing (please see OrgUnit 300 below as an example).  Finally OrgUnits 400, 500, 600 and 999 were added and the permissions given are the standardized permissions for the Administrator-Restricted role.  Please see A) ii) above.


All accounts are selected and therefore can be viewed.

    • Related Articles

    • OrgUnit Article

      This term refers to base unit of budgeting.  It was selected as a neutral definition because organizations use varies terms including Departments, Cost Centers etc. OrgUnits are defined in System Management / Companies / Manage Company Databases *Do ...
    • Duplicate OrgUnit Assumptions Article

      Duplicate OrgUnit Assumptions is a flexible utility to allow you to duplicate either the line item details of entire Orgunits or certain Objects within Orgunits. The data can be duplicated within the same company and budget or across companies and ...
    • Assign User Permissions Article

      PDF Tutorials  Interactive Tutorial Cropped Screenshots Full Page Screenshots           Step By Step Tutorial - Assign User Permissions CLICK ON THE BLUE LINK ABOVE TO VIEW TUTORIAL See attached PDF's, and Other Tutorials & Knowledge Base Page Links ...
    • Can I Delete Granted OrgUnit Permissions? Article

      1. To delete granted OrgUnit/s Permissions for a given User select their User Profile on the Assign User Permissions Select the OrgUnit by checking the box. Click on Delete Selected Permissions. Then Click on Save User. Below illustrates the deletion ...
    • How Do I Setup a User Profile, Company and OrgUnit Permissions for a New User Or Edit An Existing User? Article

      Once a User has been created (please see How Do I Create New User/s Using the Windows Corporate Directory? or How Do I Create A New User Using Dynamic Budget's Security? for more information), the next steps are to assign them with Profile elements, ...