Question & Answer
Question
Cause
- This gives the administrative user the ability to check how many administrative/standard/inactive users the customer has:
Answer
- The information in this Technote only relates to licensing. In other words, we are defining the difference (between an 'administrator' and 'standard' user) purely on the basis of a Controller licence (not the usage of the product).
- The information in this Technote was correct at the time of writing.
- For most customers, the summary below is correct. However, please contact your IBM Sales representative for 100% confirmation of your specific contract with IBM.
Administrative User
A Controller administrative user is allowed access to any/all menu items (unrestricted).
Standard User
- Specifically, they are allowed to have access to all menus in Controller with the exception of any menu items in the 'Maintain' menu which give change/write access to financial configuration.
Details
A Standard User may have access to the following menus:
- Company - ALL
- Group - ALL
- Reports - ALL
- Transfer - ALL
- Help - ALL
- Maintain: only the following:
- Maintain/Configuration/Automatic Journals/Reports
- Maintain/Configuration/Reports
- Maintain/Accounts structure/Reports
- Maintain/Company Structure/Reports
- Maintain/Extended Dimension X Structure/Reports
- Maintain/Extended Dimension X Structure/Change Table - Reports
- Maintain/Linked Structure/Reports
- Maintain/Submission/Reports
- Maintain/Period locking/Change - Period locking by company
- Maintain/Period locking/Reports
- Maintain/Batch Queue/View
- Maintain/Installation/Local Preferences
- Maintain/User/Change Password
- Maintain/User/Personal Defaults
- Maintain/User/View Active Users
- Maintain/Rights/Reports
- Maintain/Database/Database Selection Mode
- Maintain/Status/Change Status
- Maintain/Special Utilities/Clear Local Cache
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* NOTE: The menu item 'Maintain/Rights/Users' allows a 'standard' user to perform changes (write access) to the logon/user/security configuration of an end user. However, it does not allow them to modify any financial information. For this reason ( from Controller 10.3.0 onwards) some of this menu items are allowed.
- For more details, see separate IBM Technote #620465.
TIP: The method to restrict users to only seeing some menu items, is by creating a 'security group' and restricting the rights as required.
For example:
1. Click "Maintain - Rights - Security Groups'
2. Click 'Menus' tab, and then create a new 'Menu Group' (for example called 'IT')
3. Modify the relevant menu items, so the 'Access Rights' are set to 'Not Available'
- In other words, lots of the menu items will now appear in red, for example:
Related Information
Was this topic helpful?
Document Information
Modified date:
26 February 2021
UID
swg22005771