Wednesday, November 14, 2018

What is the administrator?

Admin Superuser is a built in global profile. “Administrator” would be a profile created by a user that may have similar rights. Use case for some customers is that profile only administers certain parts of the application, i.e. users…where the Admin Super users is doing it all.

What is the admin superuser?

A global security profile determines a user’s access to application-wide information and settings, such as resources, global codes, and the OBS. P6 requires that you assign a global security profile to each user.

You can define an unlimited number of global security profiles in P6. In addition, P6 provides two predefined global security profiles: Admin Superuser and No Global Privileges.
  • The Admin Superuser profile allows complete access to all global information and all projects. It also shows the full Administer menu, even when the currently assigned user interface view settings do not. For the pages and menus of the other sections, even for users with the Admin Superuser profile, the current user interface view settings still apply. The Admin Superuser profile is assigned to the application (administrative) user created during the P6 EPPM database installation.
    For security reasons, Oracle strongly recommends that on-premises users replace the default Admin Superuser (admin) immediately after a manual database installation or an upgrade from P6 version 7.0 and earlier. Also, limit the Admin Superuser assignment to only those individuals who require access to all data. At least one user must be assigned to the Admin Superuser profile. If only one user is assigned to this profile, P6 will not allow that user to be deleted.

  • The No Global Privileges profile restricts access to global data. Assign this profile to anyone who is strictly a P6 Team Member interfaces user and does not require access to P6 Professional or P6. If a user with rights to P6 Professional or P6 is assigned this profile, the user can log in to these applications but will not have access to project data and will have read-only access to global data. If a user is assigned this profile and is also assigned to an OBS element, the user will have access to project data as defined for the OBS element, but access to other global data is restricted.
The Admin Superuser can designate that users have the ability to add/delete, edit, assign, or view secure codes. Secure codes enable privileged users to hide Project, Activity, Resource, Role, and Issue codes from users that do not have security privileges to view them. Also, users with privileges to Edit Security Profiles can restrict other users to edit, assign, and view privileges. For example, management could track project approval processes through secure codes that others cannot edit or, in some cases, view.

Tip
When defining each global security profile, some privileges are structured hierarchically. In other words, if a user is granted add or delete privileges, that user automatically has edit, assign, and view privileges. If a user is granted edit privileges, that user is automatically granted assign and view privileges. If a user is granted assign privileges, that user is automatically assigned view privileges.

Thank you Joe L.