Ensuring entry in the correct company by warning about Test Companies
Most
companies using Dynamics GP set up a test company. This is normally a
copy of the live, production GP database and may reside on its own
server. A test company may be used for testing things such as new
processes, modules, or even test upgrades if it resides on a separate
server.
A test company is used in
addition to the sample company because it contains a copy of the firm's
actual data. Consequently, they have different uses. For instance, the
sample company is great for learning about new modules that a firm is
not yet licensed for since unlicensed modules aren't available in a test
company. A test company is great for trying out the process to close a
year or providing training to new users.
A common problem occurs
when a user mistakenly logs into the test company and enters a
transaction. When they find their mistake they have to enter it again in
the production database. Even more problems can occur if a user
mistakenly enters a test transaction in the production company.
Dynamics GP provides a
feature to help prevent these scenarios from occurring. There is a small
trick that can be used to warn users when they log in to a test
company. This is similar to the message that users get when they open
the sample company. Warning users when entering a test company is the
focus of this recipe.
How to do it...
To warn users that they are opening a test company:
1.
Sign in to a test company in Microsoft Dynamics GP. This recipe will
not work with the sample company because of the way it is set up.
2. In Dynamics GP select Administration from the Navigation Pane. Select Company under the Setup and Company headings on the Administration Area Page.
3. Next to the company name in the Company Name field type<TEST> in all caps:
4. Click on Save to save the setting.
5. Restart Microsoft Dynamics GP and log in to the same test company.
6. A warning message will appear alerting the user that this is a test company:
How it works...
Warning
users about test companies is a great way to prevent errors. I've seen
it be a real life saver when a user realized that they didn't see the
warning and were entering test data in the production company. This
recipe is so simple to implement that everyone should use it.
Protecting Dynamics GP with key security settings
Security is an important
part of any ERP system and Dynamics GP provides a robust security model
that rolls up individual item access into tasks and tasks into roles.
Roles can then be applied to individual users, providing fine grain
control of security with minimal work after the initial setup.
Dynamics
GP security contains a master switch that turns all security on or off.
The original purpose of this switch was to allow setup and testing of
the system while security was still being configured. Then, like Chevy
Chase's Christmas lights in the movie National Lampoon's Christmas
Vacation, a master switch could be flipped and security would be active.
As Dynamics GP has matured it has become easier to add users to a Power
User role, giving them access to everything in the system during setup
and testing while leaving security active. The master security switch
still remains and administrators need to ensure that it is on.
Located below the
security master switch is an Account Security switch. Often users think
that if security is on, turning on account security must mean more
security. What account security does is it limits access to accounts
based on an organizational structure that needs to be set up first. If
an organization structure is not set up all users are denied access to
the chart of accounts and it appears that the chart of accounts has been
deleted. Few checkboxes in Dynamics GP can induce the stomach-dropping
fear that comes with inadvertently selecting the Account Security checkbox. This is easily one of the most panicky support calls I see and certainly it is the one with the easiest fix.
Setting up security and
account security aren't recipes, they are more like Thanksgiving
dinners. For this recipe, we'll trim it down to a snack and show how to
ensure that security is on and account security is off.
How to do it...
To activate security and deactivate account security in Dynamics GP:
1. Select Administration from the Navigation Pane. Select Company under the Setup and Company headers on the Administration Area Page.
2. Select the Security checkbox on the lower right to activate security. If it is already marked, security is on; congratulations!
3. Below that is the Account Security checkbox. Simply deselect the checkbox to ensure that account security is off.
How it works...
These are two very basic
settings that often trip up administrators. It's maddening to see a very
detailed security model with a lot of work put into it and then find
the Security
checkbox deselected. Don't even think about the effect on an
administrator's career if an auditor finds this checkbox deselected.
It's also career limiting to have the CFO asking where the chart of
accounts has disappeared to because someone accidently turned on account
security. Don't misunderstand, account security is a great feature;
it's just not one that should be turned on lightly.
There's more...
Given the power of these
checkboxes, access to them should be secured as well. For complicated
security setups and additional security features consider third-party
solutions.
Security for Security
The Security and Account Security checkboxes are powerful. Once they are set up correctly, it is important that security be restricted to the Company Setup window to prevent a user from disabling security entirely by simply deselecting a checkbox.
Security Solutions
There
are several third-party solutions that build on Dynamics GP security
making security management easier and adding additional features. For
example, FastPath's Config AD product synchronizes user passwords with
Windows Active Directory passwords to allow multiple single sign on
options. Additionally, Config AD provides an interface outside of
Dynamics GP to assign security roles to users. This allows a central
security manager to assign Dynamics GP security to users without using
up a Dynamics GP license or providing excessive access to the security
manager.
