Professional Documents
Culture Documents
System Security
Users and Role
Batch Processing and Daemons
Reports and Utilities
Configurable Screen
Browse
CIMLoad
QAD Proprietary
System Security
Defining General Security Settings
Use the two frames of Security Control (36.3.24) to:
• Establish basic security parameters for your environment
• Define the way you want to set up and control passwords
QAD Proprietary
Timeout Minutes. Specify a number of minutes after which the system should
automatically log out inactive sessions. Set a value in this field to minimize
unnecessary overhead on busy systems.
Enforce Licensed User Count. Use this option to implement enforcement of the
total number of users, sessions, or transactions allowed based on your license
agreement.
Enforce OS User ID. Specify whether the system allows users to access character
sessions for the application based on their operating system login
Single Sign-On Enabled. Specify whether the system allows users to enter their
user ID and password once to log in to the operating system without entering
additional user credentials to log in to a .NET UI application session.
QAD Proprietary
Minimum Length. Enter the minimum number of characters allowed for new passwords.
Min Numeric Characters. Enter the minimum number of numeric characters required for new
passwords.
Min Non-Numeric Characters. Enter the number of non-numeric characters required for new
passwords.
QAD Proprietary
Minimum Reuse Days. Indicate the number of days a user must wait before a password can
be reused.
Minimum Reuse Changes. Indicate the number of password changes required before a
password can be reused.
Password Creation Method. Specify the method you want to implement for creating new
temporary passwords.
Expiration Days. Specify the number of days users can use the same password before the
system prompts them for a new one.
Warning Days. Enter the number of days before a password will expire when users are
warned of the upcoming expiration date.
QAD Proprietary
Security Menu Programs
QAD Proprietary
Users and Roles
Overview
Role-based access control is a security mechanism that is designed to
work with two basic user-defined elements: users and roles. Role-based
access control limits users to executing only the system menu items
belonging to their assigned role or roles.
QAD Proprietary
Role Based Security
Restricts user access to domains, entities and menu
level functions
Roles
– Logical subset of activities
– A user can have one or more roles
– Example roles
• sysadmin, AR, accountant, shopfloor
Role Permissions
– Allowed functionality within a role
• Access to Menus
• Ability to create / update / view / delete data
• Access to specific fields
QAD Proprietary
Figure below, illustrates the interaction of system users, role permissions,
and role membership to determine the resources that are available to a
user.
QAD Proprietary
Users and Roles setup flow
QAD Proprietary
1. Create system users in User Maintenance (36.3.1). This step identifies each user to the
system by providing them with a unique ID. You also provide basic user information to ensure
that system data for each user is correctly displayed and processed, as well as specify
securityrelated access settings and licensed applications.
2. Specify user access to domains and entities in User Domain/Entity Access Maintain (36.3.4).
3. If you plan to implement segregation of duties, it is best to implement this internal control
prior to defining roles and role permissions. Once associations between application resources
and SOD categories have been defined, role permission definitions are constrained by your
SOD policy. Implementing segregation of duties is optional.
Note Segregation of duties is not supported in this initial release.
5. After creating user roles, define role permissions using Role Permissions Maintain (36.3.6.5).
Role permissions determine which menu-level programs and activities a user can execute; they
also determine a small number of non-menu level permissions.
6. Then use Role Membership Maintain (36.3.6.6) to assign users to roles and specify the role
context—that is, how the role operates within domains and entities.
QAD Proprietary
Defining Users
Use User Maintenance (36.3.1) to assign a unique ID to a system user and
define related application and security details.
QAD Proprietary
User ID. Enter a code (maximum 8 characters) identifying a user in this database.
Country Code. Enter a valid, active country code defined in Country Create
(36.1.3.1.1).
Time Zone. Enter a time zone to associate with this user. Time zones must be
predefined in Multiple Time Zones Maintenance (36.16.22.1).
Access Location. Enter a code that associates the user with a major business
facility or major business location.
QAD Proprietary
Initials. Enter initials for the user (maximum 20 characters). Initials can be used in
references and when performing searches.
Associate a valid e-mail address and definition with each user who receives system-
generated messages by entering values into the E-Mail Address and E-Mail
Definition fields.
QAD Proprietary
User Maintenance (36.3.1)
QAD Proprietary
Enabled. Select the check box to indicate that this user ID can be used to log in to
the system. To disable an existing user ID, clear the check box.
Enabled Reason. Enter a reason code that indicates the reason for modifying the
setting of Enabled. This reason code must be associated with reason type USER_ACT.
Force Password Change. Indicate whether the system should force this user to
create and validate a new password the next time they log in to the system using the
current password
Update Password. Specify whether this user requires a new password. For new
users, the system selects this check box by default, and you cannot change it.
QAD Proprietary
Use the Application List frame in User Maintenance to define the
software applications that a user can access.
QAD Proprietary
User domain/entity access maintain (36.3.4)
QAD Proprietary
To view access privileges for domains and entities, use User
Domain/Entity Access View (36.3.5).
QAD Proprietary
Setting Up Roles
Roles are used to model the business processes that exist within a
business enterprise. Roles determine the set of application resources
that display for that user when they access their permitted workspaces.
QAD Proprietary
Defining Roles
QAD Proprietary
Defining Role Permissions
Use Role Permissions Maintain (36.3.6.5) to define the role permissions
in your system. You define permissions for both resources on the menu
and resources that are not on the menu.
QAD Proprietary
Defining Role Membership
Use Role Membership Maintain (36.3.6.6) to define an association between
a role defined in the system and a system user and to indicate which role is
the user’s default role
QAD Proprietary
Viewing Access Information
QAD Proprietary
User Access View is an overall view of all dimensions: user, role,
entity, domain, and resource.
QAD Proprietary
Batch Processing and Daemons
Batch Processing
A batch process is a group of processes run simultaneously. You can use
batch functions to defer processing and report printing for reasons such as
the following:
QAD Proprietary
Define Batch IDs
To set up a batch process, system administrators first create batch IDs in
Batch ID Maintenance (36.14.1).
Use ID names that are descriptive and easy to remember, such as Paycheck,
Monthly, or After5.
You also assign the batch a priority that determines when it will run. Requests
with the highest priority are run first.
Users then submit reports or programs that can be run in batch mode and
specify the batch ID.
QAD Proprietary
Setting up the batch process consists of implementing a pre-compiled batch.p
program to be called by mbpro scripts.
The following is an overview of the activities required to create this program.
Create batrun.p
QAD Proprietary
Define Batch ID and Output File
QAD Proprietary
QAD Proprietary
Created Batchrun.p
Sample batrun.p File
QAD Proprietary
Created input.in
Sample input.in File
QAD Proprietary
Created Scripts File Executable
Sample Batch File
QAD Proprietary
Scheduled Tasks Utilities
System will run this script (/usr/mfgeb2.test.sh) every 23.10 o’clock , Date : 7 ;
Month : October ; Day: Monday
QAD Proprietary
Defining Users
Use Batch Request Detail Maintenance (36.14.3) to review batch details.
QAD Proprietary
Process Batch Request
Use Batch Request Processor (36.14.13) to run reports and/or
programs submitted by users with a batch ID. You can process up to
10 batch IDs in a single run.
Each batch ID can be associated with a different domain.
This lets you manage batch requests for multiple domains within one
database without having to change your current working domain.
QAD Proprietary
Daemons
Daemons are server-based processes that let you run background tasks.
The user has no direct input with the daemon processes.
Daemon processes apply only to component-based functions. They can be
run on the same application server as QAD Financials, or you can specify
a different appserver for each daemon. You should define the appservers
to be used for daemon processing during system implementation.
Important
Some daemon processes must be running to ensure the integrity of
your application. You should ensure that these processes are
configured to start when the database is started.
QAD Proprietary
The system has the following daemons:
• Balance daemon
• Budget daemon
• Cross-Company daemon
• Event Daemon
• History daemon
• Replication daemon
• Report daemon
• Scan daemon
• Time Out daemon
• XML daemon
QAD Proprietary
Daemon Functions
Use the following activities to maintain and control daemons:
• Configure
• Clear Queue
• Monitor
• Start
• Stop
• Unconditional Stop
QAD Proprietary
Configure
The Configure activity lets you configure maintenance information for the daemon, such as
the login ID and password, in addition to the log file and start directory. For security
reasons, you should use a dedicated daemon user name. The user name must have access
to all domains and entities have role permissions to all component activities in the database.
QAD Proprietary
Start
The Start activity starts the daemon. The system displays a message that
indicates that the daemon has started successfully.
Stop
The Stop activity stops the daemon.
The daemon stops after it completes its current task. Depending on the
type of daemon and the amount of time it takes to complete an operation,
some time may pass before the daemon detects the stop request and shuts down.
The system displays a message that indicates that the daemon has stopped
successfully.
Unconditional Stop
If you cannot stop the daemon using the Stop activity, the Unconditional Stop
activity stops the daemon. This task should only be performed by the system
administrator.
Monitor
The Monitor screen lets you view the start and stop dates for the daemons
and the requests that are processed, waiting, in progress, or incorrectly processed.
QAD Proprietary
Reports and Utilities
QAD Proprietary
Generating Master Data Reports
Use the Master Data Reports (36.17) menu to generate audit trail reports
showing modifications to master tables, as well as reports showing master
comments and control program settings.
Auditing Reports
Use audit trails to track and log which users have made changes to fields
in master tables. The system tracks high-level information for changes to
all master tables.
QAD Proprietary
To maintain detailed information for a critical subset of master tables,
select Audit Trail in Domain/Account Control (36.9.24). Table 9.1 lists
the database tables that the system tracks.
Table Description
-------- --------------
ad_mstr Addresses
cm_mstr Customer Data
eu_mstr End User
eud_det End User Contacts
flpw_mstr Field Security
slr_mstr Site Linking Rules
slrd_mstr Site Linking Rule Details
usr_mstr Users
vd_mstr Suppliers
The audit record contains the user ID, table name, field name, and old
and new data values.
QAD Proprietary
Review modifications to tracked master tables with either
of the following:
- Use Master Data Audit Detail Report (36.17.2) to show details about
audited changes when Audit Trail is selected in Domain/Account
Control (36.9.24). The report includes current and previous versions
of the record, with the time and date of any changes.
QAD Proprietary
QAD Proprietary
Using Operating System Commands
The Operating System Commands menu provides four ways to access
the operating system and execute commands directly from your QAD
application. Use them as a convenient way of viewing and manipulating
information.
QAD Proprietary
Exit to Operating System (36.22.1)
QAD Proprietary
Program/Text File Display
QAD Proprietary
Disk Space Inquiry (36.22.13)
QAD Proprietary
Using Delete/Archive Utilities
QAD Proprietary
GL Transaction Delete/Archive
General ledger transactions created in operational functions such as
purchasing, inventory control, manufacturing, and fixed assets are
stored in the unposted transaction table until they are posted. Review
unposted transactions using Unposted Transaction Inquiry (25.13.13).
QAD Proprietary
For a standard implementation, GL Transaction Delete/Archive is used
only during early stages of implementation. After transactions of a
particular type (PO, IC, WO, or FA) have been posted to the general
ledger, no further transactions of that type can be deleted or reloaded.
QAD Proprietary
Configurable Screens
QAD provides a design tool for configuring selected
screens.
QAD Proprietary
Setting up Configurable Screens
QAD Proprietary
You must specify values for the following fields:
QAD Proprietary
Creating a Template
QAD Proprietary
To create a new template, follow these steps:
QAD Proprietary
4. If this is not a generic template, select one or more user groups to
assign to this template.
The Select Groups list displays all defined groups in the system.
Select one or multiple user groups to which to assign the template.
QAD Proprietary
Configuring Program Screens
Once you click Configure, you view the program screen in configurable mode. The
fields in the current frame are highlighted when you mouse over their borders.
Grab this highlighted area to move fields around the screen.
QAD Proprietary
Browse
Browses display selected data in the form of a table. Column headings are field
labels; rows are field values. The field values in a browse come from any table in
the QAD Enterprise Applications schema. A browse includes selected values from
one table or several joined tables , below the browse example.
QAD Proprietary
There are two types of browses
Power Browses. A power browse can filter, graph, and print data. Any
column can be sorted, and the first ten columns can be filtered.
When attached to a field, power browses are called drill-downs. Drill-
downs return a selected value to the active field of a calling program.
QAD Proprietary
Use Browse Maintenance (36.4.8.13) to create custom browses or modify
system-supplied browses.
QAD Proprietary
Creating Browses and Lookups in the QAD
.NET UI
QAD Proprietary
You create a power browse and name it xx010; the system names the code
xxbr010.p. If you selected both power and lookup browses, the system generates
two source-code files: xxbr010.p and xxlu010.p.
QAD Proprietary
Click on the “Query” tab then choose Add Tables(Ctrl+T)
QAD Proprietary
Select the Table to use on the Browse by choosing Table Name then click Add
(or you can select using double click on Table Name), you can use filter to
search the table
QAD Proprietary
Drag the fields to query grid area for field you want to display on your Browse
QAD Proprietary
To Create Browse “more than one table” choose Add Tables again, select the table
you wish to link/join
QAD Proprietary
To link between 2 tables, click field from left table then drag to match with field on
right table, exp: po_nbr(left table) with pod_nbr(right table)
QAD Proprietary
Right click, choose Join Properties to see the join/link information
QAD Proprietary
add local variable(local-var01), exp: to put calculated value
QAD Proprietary
The pattern for local variable is local-varNN, NN is 2 digit numeric, exp :
local-var01
Below example show that local-var01 with data type “decimal”, contain
the value of pod_qty_ord(qty order) – pod_qty_rcvd(qty received)
QAD Proprietary
To Run the Browse, “SAVE” it first, then click Run Browse.
QAD Proprietary
See the result below
QAD Proprietary
Copy from Existing Browse
Open an existing browse
QAD Proprietary
After open the intention browse, click “Save As” to save it to new Browse
name, then click Save.
QAD Proprietary
New Browse(xx234) with the same Definition as existing Browse (ad014) created
QAD Proprietary
Although you do not need to compile the source code of the browse, you should
for better performance. If other users on your network want to use your browse,
you must compile it and move it to the network directory.
QAD Proprietary
The program generated on users “working directory”
QAD Proprietary
CIM
Computer Integrated Manufacturing
QAD Proprietary
CIM Data Formatting
Single line of data for each input request
Use ~ for continuation of lines
Fields are separated by spaces
Character fields surrounded by quotes (“ “)
Make sure the date format in the CIM file matches the date format
specified in the Progress session startup parameters (-d parameter).
Use a hypen (-) to tab over fields
End of input line is the same as the GO key
A single period (.) is processed as END key
In DOS files, there should be no (CTRL Z) EOF embedded in the file
@@batchload <program-name.p>
[input-data …]
@@end
@@batchload <program-name.p>
[input-data …]
@@end
…
QAD Proprietary
CIM Data Interface
Internally, the CIM Interface operates in two stages:
1. CIM Data Load (36.15.1) places data in CIM
database tables.
2. CIM Data Load Processor (36.15.2) sends data
stored in CIM database tables through the
appropriate input screen.
Database
Externally
Generated,
CIM
Data CIM CIM Data
Formatted Data
Data Load Load
Application Standard
Data Program
QAD Proprietary
Creating a CIM Input File
To create a data input file, first determine the program to
be used and fields to be updated. The basic steps are as
follows:
1. Run the program that is to receive the data and determine the
program name.
2. Determine the program’s key fields. These are typically the first fields,
and always let you advance to the next field by pressing Go. A good
test is to position the cursor in a field, and press Go. Note where the
cursor goes.
3. Choose non-key fields you want to populate and in what sequence.
Note whether Go or Return is required after each entry.
4. Record a template of the CIM input file entries for the first window.
Remember, all CIM files start with @@batchload <Program Name>
and ended with @@end
QAD Proprietary
Creating a CIM Input File
Manually
– Create text file using notepad or MS-DOS Prompt, type the data with
the correct convention.
Programmatically
– Create a program for creating CIM Input file.
– The program will read input data such as .csv file and translate the
data into CIM Input file. This way is more easy and effective if you
have many data to be loaded.
@@batchload ppptmt04.p
“10-10000”
“EA” “Oasis(TM) Cooling System” “Home/Indust Model”
“1000” “5/28/1992” - - “Config” “AC” “DISCRETE” “10-
10000” “AB”
.
@@end
QAD Proprietary
Error Handling
When the CIM load is completed, CIM Data Load Processor
(36.15.2) creates a report showing the groups successfully
processed and any processing errors. Groups containing an error
are not processed.
Troubleshoot errors using the following guidelines:
– Are the values appropriate?
– Is there a line reading: (@@batchload <program name> or
@@end)?
– Are the data in the correct order?
– Are there any blank lines?
– Are there any misplaced spaces?
– Does it complete the record?
QAD Proprietary
Deleting Records through CIM
You can use CIM to delete records created with any of the
MFG/PRO programs listed below:
– Customer Maintenance – adcsmt.p
– Customer Ship-To Maintenance – adstmt.p
– Customer Item Maintenance - ppcpmt.p
– Generalized Code Maintenance - mgcodemt.p
– Site Maintenance - icsimt.p
– Entity Code Maintenance - glenmt.p
– Account Code Maintenance - glacmt.p
– Sub-Account Code Maintenance - glsbmt.p
– Cost Center Code Maintenance - glccmt.p
– Currency Maintenance - mccumt.p
– Price List Maintenance - pppimt.p
– Price List Maintenance - pppcmt.p
– Item Master Maintenance – ppptmt.p
QAD Proprietary
Creating Input Files to Delete Records
To determine if batchdelete is enabled in a particular program,
check the list.
Follow the key frame with a blank line consisting of a single hyphen
so that the program executes the code that would be executed if an
F5 or Ctrl+D has been pressed in the first frame after the key
frame.
QAD Proprietary
Example of CIM Delete
Add or modify a GL sub-account record with three lines.
@@batchload glsbmt.p
sbtest
“test sub-account”-
1040 1041
1050 1051
1060 1061
@@end
Delete the second sub-account line.
@@batchload glsbmt.p
sbtest
--
1050 x
-
yes
@@end
QAD Proprietary
Example of CIM Delete
Delete the entire GL sub-account record with all of its lines.
@@batchload glsbmt.p
sbtest x
-
yes
@@end
QAD Proprietary
Killing CIM Sessions
Although a CIM session runs under the operating system and can
be stopped using operating system commands, this is not advised.
When the operating system kills a session, MFG/PRO is not notified
and a record of the session may still display in the CIM Data Load
Process Monitor (36.15.4).
The best way to kill a CIM session is to use the CIM Data Load
Process Monitor (36.15.4). To kill a session, identify the session
using the Type and Session fields then press the F5 key in the
Session field. A prompt asks you to confirm that you want to delete
this record.
QAD Proprietary
CIM Summary
QAD Proprietary