In this third part of the series I will focus on the names of objects. As stated the goal is to create a security model that is simple and structured. The object names play a big part in this.
· This blog series is aimed at experienced BO administrators, which means there will be no how-to screenshots
· This blog series can be used as a guideline, it cannot be used as a manual
· This blog series only covers the internal BO stuff. No windows AD or SAP roles and no IAM software
User types
Let’s assume there are four types of users on your systems:- Endusers
- Analysts
- Reporters
- Designers
Per type there will be a user group and a CAL.
When I assign these user groups to folders it looks like this:
Although they are sorted alphabetically I don’t like that very much, So I make a little change to the user type user groups, to make use of the alphabetic sort:
After this little name change it’s much easier on the eye. And it’s making the model a bit more structured.
Organisation user groups
Lets add a department to the system, Sales. I create folders which represent the structure of the sales department and corresponding user groups. Theses folders and user groups are used to define access. Both have the same structure but the don't have the same names.
Doing this makes them appear neatly ordered when they are assigned to the folders:
 |
Total user security on folder Sales \ EMAE \ NL now looks like this:
 |
No comments:
Post a Comment