Managing Out-Of-The-Box SmartList Security

Recently I was asked to find a solution to the following SmartList reporting security issue.

Out-of-the-box, all SmartList folders are available to any user with access to the module data.  The user wanted to create restricted SmartLists so mangers could only see their Customer Class data.  However, when SmartList Favorites were created from an existing SmartList, it was placed, along with all the other SmartLists, into the existing folder.  Because Security is based on these folders and not on the individual SmartList favorite, we were faced with the question of how to take away security to all the out-of-the-box SmartLists and only grant access to a specific user on the new restricted SmartLists.

Here is the work-a-round.

In Microsoft Dynamics GP 2013 we were given a wonderful tool called SmartList Designer.  This allows us to create new SmartList Folders that we can control access to.  The goal is to create these new restricted SmartLists, in their own folder and remove access to all the out-of-the-box generic folders.

A. Create a New SmartList Folder

1. Open SmartList and click the New button.

SmartList Folder

2. Enter a List Name (this is the name that will show up as a favorite in SmartList), the Product and if required the Series where the new Folder/SmartList will be found in SmartList.
Note:  It is a good idea to keep your sales reports in Sales folders, purchasing reports in Purchasing folders, etc.

SmartList Designer

3. In the Database View list Expand +Views > +Company.
Note:  Each Out-of-the-box SmartList Favorite will be listed here (plus some additional ones which you can play with!)  You can also create your own views in SQL.

4. Tick the existing SmartList that holds your data.
Note:  Ticking the View will automatically tick ALL fields available in that view.  You may want to only tick the fields you require as this report will show ALL fields that are ticked.  Too many fields ticked will slow down the report.

5. Add a filter to this SmartList.
Note:  The field that requires the restriction must be listed on the report.

SmartList Filter

6. Click OK or Save the new SmartList.

B. Find the Security Tasks that Hold the Existing Folders/SmartLists

You can use Security Task Reports to find what tasks the existing SmartLists are in or you can use the Support Debugging Tool (this is my preference).
Note:  Support Debugging Tool can be downloaded from Encore’s website.  Click here.

1. Launch  Support Debugging Tool.

2. Choose Options > Resource Information.

3. Resource Type = Security Objects; Product Name = SmartList; Resource Type = SmartList Objects.

4. In the Object Name field, use the looking glass to find the SmartList you want to remove security from.

SmartList Security V4

5. Click the Security button.

SmartList Security 5

6. Expand the System Level nodes to reveal any tasks that include this SmartList Object.
Note:  By default this will open as Security Information for specified Resource.  If it doesn’t you may need to change the view by clicking the white drop down arrow.

C. Remove Security to the Selected Object and Add Security to the New Object.

1. Double click the first Security Task.
Note:  This will open the Security Task Setup window.  You will likely require your system password to access this window.

2. Find the report on the list and un-tick it.
Note:  You may be able to find more than one report at a time.  Un-tick all of them.

SmartLists Objext v6

CRITICAL NOTE:  Removing security from this Task will remove it from everyone that has this task assigned.  It is best practice to copy and create a new task, then remove the item from the new task, and reassign it to the role.  If different users have access to different reports then this will be mandatory.  Any role or task with an asterisk (indicating it is an out-of-the-box item) should not be modified but copied and modified.

3. Tick the new report.

4. Repeat this for any additional Tasks.

D. Test!

There may be some wrap up to consider.

a. If you have recreated the Task (which I would recommend you do), you must remove the original task from the Role and reassign the new task.  Remember this is NOT USER SPECIFIC!  If others are assigned to this role, the security will change for them too.

b. If you have removed additional objects from the task, you must test to ensure there is no other access to those objects.  The other objects may be in additional or different tasks.

For more information on how to Design a new SmartList, refer to your GP User Guides.

 

Webinar - Dynamics GP Coffee Break | Maintenance of SOP Tables

Find out what happens in SOP to cause orphan records, and why we care. Learn about removing these transactions and how that affects inventory allocations.

December 12
9:00 am – 9:25 am PST

Register Here

Webinar - Maintenance of SOP Tables in GP

Dec. 12
9:00 am – 9:25 am PST

Register