User administration is required not only to regulate access to the system but also to define user profiles. Users need to be associated to specific entities in order to define their relevant work environment, data access, release rights, printers to be used, etc. This information is then stored in the database for each user. A selected profile assigns access and release rights to each user. These profiles are administered using “Maintaining Office Menu”.
To assign/withdraw release rights to release transactions, 'Authorized' and 'Not authorized' can be selected in the user profile transactions. In addition to the authorization to render a signature and to release transactions, a release limit (currency and amount) needs to be added to the profile. Should users be granted the right to release their own transactions, the “Own amount” field also needs to be completed. “Own amount” may not exceed the limit of other users. Respective release amounts in other currencies are calculated by using the current exchange rate for the currency in question. If 'Not authorized' has been selected, this user has no rights to sign and to release transactions.
If the application is used in the “multi-entity mode”, a user working with more than one entity needs to be added to each of these entities. Of course, the user may have different rights for each entity assigned to him. One of the entities has to be defined as the default entity.
If the printers used to print the correspondence are the same for the whole entity, it is only necessary to define these printers during system implementation and to leave the respective entry fields empty. If user groups are defined and all correspondence is to be printed on printers associated to the user group, there is no need to define printers for each user as well. The standard search sequence for printers is as follows:
A default printer needs to be defined, otherwise printing would not be possible.
The authorization for administrators and designers are controlled via the “Security Administrator” and “Designer” checkboxes that are available in the “Maintaining User Profiles” transaction.
Basically, checking the “Security Administrator” checkbox means that the user may edit user profiles.
The user may also delete pending items (SPT) pertaining to other users. Furthermore, when routing pending items the user can define the printer configuration to determine whether, or how, routed pending items are to be printed. Moreover, only a Security Administrator has access to the “Clean-up of Historical Data” transaction.
If this checkbox is checked, the user can use the designer functions in the development environment (working with TRADE2 by pressing the F9 key or clicking the button [Toggle Designmode] in the Debugging Toolbar).
Help texts, rules and XML templates can be defined via this access authorization, for example.
The following transactions can only be used with Designer authorization:
The additional Debug and Designer functions are also enabled for the user. Furthermore, technical messages are only displayed to users with Designer authorization.
Important Notice:
User administration requires “Security Administrator” status in the appliaction. It is not possible to edit the user's own user profile.
The “User Authorization” panel is used to display or to modify user authorizations. User authorizations can be modified using the “Adding a User Profile” and “Modifying User Profile” transactions.
Clicking the [+] button allows a new authorization to be defined for the currently selected user. The release type, release currency, release amount, and the own amount (amount that can be released for oneself) can be defined for each business sector or transaction.
The [-] button can be used to remove authorizations.
When administering users that are subject to the respective requirements of the bank, it is possible to create user groups which work together in the same business sector, for example. Creating such a group can simplify printer handling, if specific business transactions are always printed on same printer and users are not associated to their own personal printer. Once a user group has been created, users can be assigned to the group. User groups have to be unique throughout the system.
Furthermore, it is possible to associate a specific mailing address to a user group (entity address), which is then used in correspondence.