You are on page 1of 30

Ministry of Company Affairs

Government of India

PeopleSoft User Security


Setup Guidelines v1.0

4th & 5th Floor, Press Trust of India Building,


4, Parliament Street, New Delhi-110001, India
April 2006

Contents
1

GENERAL........................................................................................................................................5

INTRODUCTION...........................................................................................................................5

PAGE LEVEL SECURITY.............................................................................................................5


3.1
3.2
3.3
3.4

DATA LEVEL SECURITY...........................................................................................................20


4.1
4.2
4.3
4.4
4.5
4.6

DEFINING PERMISSION LISTS.....................................................................................................5


DEFINING ROLES......................................................................................................................11
DEFINING USER PROFILES........................................................................................................14
FOLDER SECURITY....................................................................................................................17

CREATION OF DEPARTMENTS....................................................................................................21
CREATION OF DEPARTMENT TREE............................................................................................22
RUNNING APPLICATION ENGINE FOR UPDATING DEPARTMENT SECURITY.............................26
CREATION OF DATA PERMISSION LISTS.....................................................................................27
ATTACHING VARIOUS DEPARTMENTS TO DATA PERMISSION LISTS............................................28
ATTACHING DATA PERMISSION LIST TO USER PROFILE.............................................................29

ABBREVIATIONS........................................................................................................................30

Total number of pages: 30

Confidential

Confidentiality Statement
This document contains information that is proprietary and confidential to Tata Consultancy
Services Limited, which shall not be disclosed outside Tata Consultancy
Services Limited transmitted, or duplicated,
used in whole or in part for any purpose other than its intended purpose. Any use or
disclosure in
whole or in part of this information without express written permission of Tata Consultancy
Services Limited is prohibited.
Any other company and product names mentioned are used for identification purposes only,
and
may be trademarks of their respective owners.
Copyright 2006, Tata Consultancy Services (TCS) Limited.
Warning
This is a hard copy of a document maintained on electronic media. It may not be the latest
version. Kindly ascertain the latest version from the Document Master List available with the
Project Manager.

Confidential

Notice No.: 1
Customer: For Internal TCS usage
Project: PeopleSoft Implementation for Establishment Functions
Document details:
Name

Version No.

Description

PeopleSoft User Security


Setup Guidelines

1.0

PeopleSoft User Security


Setup Guidelines

New
page No.

Revision
Description

Revision details:
Action
taken
(add/del/ch

Preceding
page No.

Change Register serial numbers covered:


The documents or revised pages are subject to document control.
Please keep them up-to-date using the release notices from the distributor of the
document.
These are confidential documents. Unauthorised access or copying is prohibited.

Prepared by:

Priyanka Sharma

Date:

5-Apr-06

Approved by:

Sangeeta Anil

Date:

6-Apr-06

Authorized
by:

Peplesoft CoE

Date:

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

1 General
Process Id.
Process Name
Owner
TCS Consultant
Date

PS_SECURITY
PeopleSoft User Security Setup Guidelines
TCS
Ms. Priyanka Sharma
05/04/2006

Objectives of the Process

To outlines the procedure of setting up security at user


level.

2 Introduction
For any software application, sanctity of the data maintained is important. Not all users of the
application need to have access of all screens. It is important that right data is available to the
right person only. For this purpose, user security aspect comes into play. The PeopleSoft
User Security Setup Guidelines Document outlines the procedure of setting up security at
user level.
There are two levels of security in PeopleSoft application: First, what all screens a PS user
can access and, Second, whether user can see the data of other user or not .If yes, to what
extent. The first level of security is referred as Page level security and second level is called
Row level or data permission Security.

3 Page Level Security


Defining page level security has three important parts.
1. Defining Permission Lists.
2. Defining Roles.
3. Defining User Profile.

3.1 Defining Permission Lists


Permission List is the set of pages/component that an user can access. These permission
lists are functionality and usage specific (Full access/Read-only). For e.g. for accessing
personal information page, there can be two different permission lists for two different users.
First user can access and edit the information in the page, whether; second user can only
view the information.
In following part, procedure for defining the permission list will be explained.

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Navigation: PeopleTools > Security > Permission & Roles > Permission Lists

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

In General Tab, all components that user can access are defined.

One can either key in the name of menu or select the menu using the Prompt button. More
menu can be added using + button.

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Click on edit components link to give access of various components under the particular
Menu.

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Click on Edit pages to give access to various pages under the particular component.

Confidential

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Convention for naming a permission followed in MCA project has been following:
MCA_<Module Name>_<Role in that module>
For e.g. for a person having role of EIS admin, permission list name is MCA_EIS_ADMIN or
for an employee using loans functionality, permission list name is MCA_LOANS_EMP.
There are some basic permission lists (delivered by People Soft) to be given to all irrespective
of role. These are following.
HCSPCMPINT

Standard Comp Intf Permissions

HCSPMSGCHN

Standard Message Channels

HCSPMSSCHG

Standard Mass Change Perm

HCSPPERSON

Standard Personalizations

HCSPPRCS

Standard Process Permissions

HCSPQUERY

Standard Query Permissions

HCSPSIGNON

Standard Signon Times

HCSPWEBLIB

Standard WebLib Permissions

Apart from these, following are specific permission lists prepared for MCA:
1. MCA_WORKLIST: For an user accessing worklist
2. MCA_REPORTS: For an user who need to generate reports
3. MCA_PORTAL_PER: For accessing portal icons

Confidential

10

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

3.2 Defining Roles


A permission list cannot be directly to a PS user. It is attached to a role. A role can have
multiple permission lists attached to it. A PS user having a particular role will have access to
all pages given in the permission lists attached to it.
A role can be created using following navigation.
Navigation: PeopleTools > Security > Permission & Roles > Roles
Click on Add a New Value and key in the new role name and then click on Add button.

Following screen will open. By default, General tab will open. Give description of role in the
following tab.

Confidential

11

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

In Permission Lists tab, give various permission lists that this particular role can access.

Confidential

12

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

For roles also, convention followed has been same as permission list.
MCA_<Module Name>_<Role in MCA>
All employee permission list and basic permission lists have been given in one particular role:
MCA_ESS_BASIC

Confidential

13

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

3.3 Defining User Profiles


A PS user will login to PeopleSoft Application through some login ID.This Login ID is called User
Profile. Now, a user can have various roles in the organization i.e. person can have basic employee
role or role of training administrator or role of manager for approvals. Accordingly, various roles are
attached to the User Profile of a particular user.
Now, procedure for creating a new user profile will be explained.
Following is the navigation for creation of new user ID.
Navigation: PeopleTools > Security > User Profiles > User Profiles
Click on Add a new Value tab for the creation of new user profile. For creation of user profiles for the
employees of the organization, it is advisable to keep user ID same as Employee ID for easy
identification.
Give the required information on the General Tab.

Give Primary Permission List and Row Security permission list (these will be explained in detail in later
part) applicable to the user.

Confidential

14

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

In ID Tab, for defining user ID for the employee, select ID type as Employee. In EmpID field, give the
employee ID of the person for which user profile is being created.

In Description field, give the description of the user profile. (If you click on Set Description link then
name of the employee will appear for which ID has been created.)

In Role Tab, provide the relevant roles to the user.


Confidential

15

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

In MCA, User ID has been given same as Employee ID.

Confidential

16

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

3.4 Folder security


All links to the various screens in PeopleSoft Application all also called Folders. If we have given
access to a link through Permission List, It is important to check that particular permission list appears
in the folder security screen otherwise content of the link will not visible to the User. Following is the
navigation for folder security.
Navigation: PeopleTools > Portal> Structure and Content

Confidential

17

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

This can be checked through following navigation.


By default, permission list is attached to the parent folder.

Confidential

18

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Confidential

19

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

In case, permission list does not appear even if access has been given, then simply click on Save
button. The required Permission List will be incorporated in the folder.

Confidential

20

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

4 Data level Security


Here procedure of defining basic data level security through Department will be explained. For this
purpose, various offices or division of the organization can be defined as department and hierarchy of
these departments can be maintained to suit the organization structure.
Following are steps for setting data level security.
1. Creation of departments.
2. Creation of Department Tree.
3. Running Application Engine for updating department security.
4. Creation of data permission lists.
5. Attaching various departments to these permission lists.
6. Attaching data permission list to user profile.

4.1 Creation of departments


For this purpose, departments needed to be created.
Following is the navigation for the creation of the department.
Navigation: Setup HRMS > Foundation Tables > Organization > Department.
Click on Add a New Value to add a new department.

Confidential

21

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Enter the information relevant fields and save the page.

Convention followed for department naming in MCA project is following:


<Location code>-<department code>

4.2 Creation of Department Tree


For setting up department security, Department Tree needs to be created. Tree name has to be
DEPT_SECURITY as this name is hard coded in People code at various locations in PS application.
Tree will be built according to the hierarchy in the organization.

Confidential

22

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Following is the navigation of building department tree.


Navigation: Tree Manager > Tree Manager

Confidential

23

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

Confidential

24

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

It is mandatory to create one root department. All other departments will be covered under this
department.
In MCA, one main root department has been created and then all other departments have been created
according to hierarchical structure. Then, root departments are created for each office. Under the root
department for a particular office, all other departments for that office have been created. In technical
parlance, Root department of an office is the parent department and other departments in that office are
child departments for that office.

Confidential

25

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

4.3 Running Application Engine for updating department security


After department tree has been created, application engine for updating department security needed to
be run.
Navigation: Setup HRMS > Security > Department Security > Update Department Security.

Every time, there is some modification in department tree (Addition, modification or deletion of
departments from department tree), one has to run this application engine.

Confidential

26

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

4.4 Creation of data permission lists


Data permission list is created for the purpose of providing for row level security.
A PeopleSoft user having particular data permission list can have access to all departments given in
that particular permission list.
Navigation: PeopleTools > Security > Permission & Roles > Permission Lists

All data permission list have been prefixed with MCA_DP_<BU Name>_Additional description.

Confidential

27

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

4.5 Attaching various departments to data permission lists


Following is the navigation to for attaching department to a particular permission list.
Navigation: Setup HRMS > Security > Department Security > Set-up Security Access

Any employee having a particular permission list can access employees having departments (and child
departments of these departments) defined in that permission list.

Confidential

28

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

4.6 Attaching data permission list to user profile


Data permission list can be attached to a particular user profile in user profile page.
Navigation: PeopleTools > Security > User Profiles > User Profiles

The permission list is attached in Row Security field.


This step concludes the security set-up process. Now, a user can access only relevant pages and
relevant data of other users.

Confidential

29

MCA21 (Ministry of Company Affairs)

PS Security Setup Guidelines v1.0

5 Abbreviations
Sr. No.
1.
2.
3.
4.
5.

Abbreviation

Definition

MCA
BU
EIS
HRMS
PS

Ministry of Company Affairs


Business Unit
Employee Information System
Human Resources Management System
PeopleSoft User

Confidential

30