17 vis
-
Upload
alvaro-alcocer-sotil -
Category
Business
-
view
41 -
download
1
description
Transcript of 17 vis
Siebel 2001 Configuration ©Accenture Visibility - 1
These training materials are confidential to Siebel. They may not be used to train anyone other than Accenture employees who have attended Siebel training.
If the materials are marked "Restricted Use Allowed" you may use the information to help clients who are evaluating vendors, one of which must be Siebel and you may use the information to help clients which are implementing Siebel.
If they are not so marked, then the information may only be used to help clients who are implementing Siebel.
In either case, you can not;(a) use the materials if you are involved developing or are likely to be involved in developing a product competitive to Siebel
(b)use the materials for a client who is a competitor of Siebel; or(c) provide the materials to any third party, whether it is a client or otherwise.
If you are going to be discussing Siebel with a client and using these training materials as the basis of information you provide to the client, you must also make sure Accenture has a nondisclosure agreement in place with the client (as part of a Consulting Services Agreement or otherwise).
Siebel 2001 Configuration ©Accenture Visibility - 2
Please adjust volume to hear audio.Audio will play automatically for each slide upon
advance.You may replay audio by clicking on the speaker icon in the upper right hand corner of each slide.
Siebel 2001 Configuration ©Accenture Visibility - 3
Visibility
Siebel 2001 Configuration ©Accenture Visibility - 4
Module Objectives
After completing this module you should be able to:
• Describe Access Control for Siebel eBusiness Applications
• Discuss Access Control and Views
• Describe the difference between view level Access Control and data level Access Control
• Identify the access control mechanisms used to restrict access to views in Siebel eBusiness Applications
• Describe the relationships between views, users, and responsibilities
• Identify the independent relationship between view access and data access
• Identify the different view types used to accommodate the Access Control needs of different users
• Determine the access control mechanism for a business component
• Configure views to control access to data based
Siebel 2001 Configuration ©Accenture Visibility - 5
What is Visibility?
• Forecasting
Visibility determines what data the employee sees. Visibility controls the records and view access.
Siebel 2001 Configuration ©Accenture Visibility - 6
Users
• Different users need access to different information
Siebel 2001 Configuration ©Accenture Visibility - 7
Types of Users
• Internal: Users who work for the company directly or indirectly Enterprise users have access to data such as accounts and
opportunities
• External: Users who do not work for the company External users (for example, customers) have access to data
such as orders
• Combination of both internal and external Partners have access to data such as certain accounts, products
and price lists, and orders
Siebel 2001 Configuration ©Accenture Visibility - 8
Access Control
• Restricts what is seen in the application according to: View Access
• Responsibilities that correlate to job tasks
Customer Data• Constantly changing data such as accounts and opportunities
• Visibility obtained through record ownership, positions and organizations
Master Data• Authored material such as literature and solutions
• Visibility obtained through Access Groups
Application Access• Security and authentication
Return to Knowledge Check
Siebel 2001 Configuration ©Accenture Visibility - 9
Access Control
Siebel 2001 Configuration ©Accenture Visibility - 10
Responsibility
Siebel 2001 Configuration ©Accenture Visibility - 11
Adding Views to Responsibility
• The same views can be added to one or more responsibilities
Siebel 2001 Configuration ©Accenture Visibility - 12
Assigning users to Responsibilities
• Users can be assigned to one or more responsibilities
Siebel 2001 Configuration ©Accenture Visibility - 13
Multiple Responsibilities
• When users log in, they see the union of all views for their assigned responsibilities
Siebel 2001 Configuration ©Accenture Visibility - 14
Review: Responsibilities, Views and Users
• Responsibilities determine the set of views to which a user has access
• Views are associated to one or more responsibilities
• Users are assigned to one or more responsibilities
• A user sees the union of all associated views when he or she logs in
Return to Knowledge Check
Siebel 2001 Configuration ©Accenture Visibility - 15
Restricted Access to Views
• If a view is not included in a user’s responsibility, the user will not see a reference to the view in the: Site map Show drop-down list Detail tabs
• If a user does not have access to any of the views in a screen: Screen tab is not displayed
Siebel 2001 Configuration ©Accenture Visibility - 16
Controlling Access to Customer Data
• Access to customer data can be restricted using the following access control mechanisms Personal Position-based Organization-based
Siebel 2001 Configuration ©Accenture Visibility - 17
Personal Access Control
• Access is limited to records a that user has created or to which a user has been assigned Records can be restricted to a single user or a team of users Access is controlled by user ID
• Examples In the My Service Requests view, a Web site visitor can see only
the service requests he or she has created In the My Expense Reports view, an employee can see only the
expense reports the employee has submitted for reimbursement In the My Activities view, a user can see only the activities the
user owns
Siebel 2001 Configuration ©Accenture Visibility - 18
Positions
• Position controls which records an employee can access
• Position represents a placeholder for a person or group of people that require visibility to set of data
Siebel 2001 Configuration ©Accenture Visibility - 19
Position-Based Access Control
• Record access is limited to users based on their position within an organization
• A position is: A job title in a hierarchical reporting structure of an internal
or partner organization Represents a person or group of people that require access
to a set of data Is more stable than an individual’s assignment to that
position• People might change, but a position is static
Siebel 2001 Configuration ©Accenture Visibility - 20
Employees Per Position
• Some positions have a single employee Typical toward the top of a reporting hierarchy where a job
is more specialized• For example, CEO, VPs
• Some positions have multiple employees Typical toward the bottom of a reporting hierarchy where a
job is less specialized• For example, a group of call center agents all doing the same
work
Siebel 2001 Configuration ©Accenture Visibility - 21
Primary Employee• When there are multiple employees per position, only one
employee is defined as the primary employee for a position When a position is assigned to a record, the primary employee’s
name appears in the primary field for the record, even if other users are associated with the same position
Siebel 2001 Configuration ©Accenture Visibility - 22
Positions Per Employee
• Employees can have multiple positions if they do different types of work or need to see different sets of data
Siebel 2001 Configuration ©Accenture Visibility - 23
Primary Position
• If an employee has multiple positions, one is marked as primary
Siebel 2001 Configuration ©Accenture Visibility - 24
Change Position
• Users can change position during a session by selecting ViewUser PreferencesChange Position
• Users can only log in as one position at a time
• By default, log in is based on the user’s primary position
Siebel 2001 Configuration ©Accenture Visibility - 25
Types of Position-Based Access Control
• One or more positions can be associated with customer data using the following types of position-based Access Control: Single position Team
Siebel 2001 Configuration ©Accenture Visibility - 26
Single Position Access Control
• Assigns a single position to an individual record All users associated with the position have access to the record
Siebel 2001 Configuration ©Accenture Visibility - 27
Team Access Control
• Assigns multiple positions, in the form of a team, to an individual record All users associated with positions on the team have access to
the record A team can include internal and partner positions
Siebel 2001 Configuration ©Accenture Visibility - 28
Team Fields
• Vary according to the view in which they appear
• Examples My Opportunities view has a Sales Team field
My Accounts view has an Account Team field
My Contacts view has a Contact Team field
Siebel 2001 Configuration ©Accenture Visibility - 29
Primary Position on a Team
• One position on a team is designated as primary
• By default, the position of the user who creates the record is automatically placed on the team as primary
• Primary position has additional privileges, such as: Merging and deleting records Forecasting an opportunity Designating another position as primary
Siebel 2001 Configuration ©Accenture Visibility - 30
Organization
• Represents a part of a business enterprise for purposes of restricting access to records Allows you to partition your company into logical groups, and then
display information appropriate to each of those groups
• For example, you can restrict access to records for: Part of your company (division, department, business unit) A partner company that assists you in your business (channel
partner) An external company that purchases your products (account)
Siebel 2001 Configuration ©Accenture Visibility - 31
Organization Based Access Control
• Record access is limited to the organization(s) to which a user’s positions are assigned
• Provides another level of Access Control at the level of business organizations rather than at the level of individual users
Siebel 2001 Configuration ©Accenture Visibility - 32
Types of Organization Based Access Control
• One or more organizations can be associated with data using the following types of organization-based access control Single organization Multiple organization
Siebel 2001 Configuration ©Accenture Visibility - 33
Single Organization Access Control
• Assigns a single organization to an individual record All users associated with the assigned organization have
access to the record
Siebel 2001 Configuration ©Accenture Visibility - 34
Multiple Organization Access Control
• Assigns multiple organizations to an individual record All users associated with the assigned organizations have access
to the record
Siebel 2001 Configuration ©Accenture Visibility - 35
Review: Access Control Mechanisms
• Personal Access Control Access is limited to records that a user has created or to
which a user has been assigned
• Position-based Access Control Record access is limited to users based on their position
within an organization
• Organization-based Access Control Record access is limited to the organization(s) to which a
user’s positions are assigned
• Mechanisms are not mutually exclusive A record can be restricted by more than one Access Control
mechanism
Siebel 2001 Configuration ©Accenture Visibility - 36
Relationship between Views and Data
• Access to views is independent of access to data For example, Mike Jones and Casey Cheng have access to the
same view based on their responsibilities, but see different data in the view based on their user ID, position, or organization
Siebel 2001 Configuration ©Accenture Visibility - 37
View Types
• Different view types accommodate different users My View Personal View My Team’s View All View All Across Organization View Administration
Return to Knowledge Check
Siebel 2001 Configuration ©Accenture Visibility - 38
View Modes
• View mode is configured by Setting the Visibility Applet property
• Identifies the business component
Setting the Visibility Applet Type• Determines the access control mechanism to use when retrieving
records
• Setting these properties makes the view appear with other access control views
Siebel 2001 Configuration ©Accenture Visibility - 39
My View (Sales Rep)
• Displays records for which a user has direct access Can use any Access Control mechanism Examples: My Opportunities, My Accounts
Siebel 2001 Configuration ©Accenture Visibility - 40
Retrieving My View Records
• Visibility Applet determines the business component
• Visibility Applet Type determines the access mechanism used to restrict records Looks for a BusComp View Mode with name Sales Rep Owner type must be Position or Personal
Siebel 2001 Configuration ©Accenture Visibility - 42
Personal View
• Displays all records for which user is the owner
• Is configured by Setting the Visibility Applet property to identify an applet in the view Setting the Visibility Applet Type property to Personal
• Looks for a BusComp View Mode with name Personal Owner type must be Position or Personal
Siebel 2001 Configuration ©Accenture Visibility - 43
My Team’s View
• Used by managers to display records for users who report to them Examples: My Team’s Opportunities, My Team’s Service Requests
• Displays all records For which direct and indirect reports are the primary or owner For which the user is the primary or owner
Siebel 2001 Configuration ©Accenture Visibility - 44
Retrieving My Team’s Records• Is configured by
Setting the Visibility Applet property to identify an applet in the view
Setting the Visibility Applet Type property to Manager
• Looks for a BusComp View Mode with name Sales Rep Owner type must be Position or Personal
Siebel 2001 Configuration ©Accenture Visibility - 45
All View
• Used by administrators within an organization to display records for the organization, where a valid owner has been assigned to the record Examples: All Accounts, All Opportunities, All Service Requests
• Displays all records (with a primary set) within a single organization Any sort specification in the business component is ignored
Siebel 2001 Configuration ©Accenture Visibility - 46
Retrieving All View Records
• Is configured by Setting the Visibility Applet property to identify an applet in the
view Setting the Visibility Applet Type property to Organization
• Looks for a BusComp View Mode with name Organization Owner type must be Organization
Siebel 2001 Configuration ©Accenture Visibility - 47
All Across Organizations View
• Used by executives to display records for all organizations, where a valid owner has been assigned to the record Examples: All Accounts Across Organizations, All Opportunities
Across Organizations
• Displays all records (with a primary set) across all organizations Does not use a BusComp View Mode definition
Siebel 2001 Configuration ©Accenture Visibility - 48
Retrieving All Across Organizations Records
• Displays all records (with a primary set) across all organizations Does not use a BusComp View Mode definition
• Is configured by Setting the Visibility Applet property to identify an applet in the
view Setting the Visibility Applet Type property to All
Siebel 2001 Configuration ©Accenture Visibility - 49
Administration Views
• Displays all records in the database, even those without a valid owner Navigate to Data Administration Because they shows all records in the database, access to these views
should be limited to very few people in your organization
• Is configured by setting the Admin Mode Flag
Siebel 2001 Configuration ©Accenture Visibility - 50
Summary
Now that you have completed this module you should be ableto:
• Describe Access Control for Siebel eBusiness Applications
• Discuss Access Control and Views
• Describe the difference between view level Access Control and data level Access Control
• Identify the access control mechanisms used to restrict access to views in Siebel eBusiness Applications
• Describe the relationships between views, users, and responsibilities
• Identify the independent relationship between view access and data access
• Identify the different view types used to accommodate the Access Control needs of different users
• Determine the access control mechanism for a business component
• Configure views to control access to data based
Siebel 2001 Configuration ©Accenture Visibility - 51
Knowledge Check
Question AnswerDescribe Access Control for Siebel eBusinessApplications.
Discuss Access Control and Views. Describe thedifference between view level access control and data level access control.
Identify the access control mechanisms used torestrict access to views
Access control restricts what is seen in the application according to view access, customer data, master data and application access.
We enable an employee or a user to be able to access different views through responsibilities and positions. The difference is that at the database level we also have encryption of the data.
The mechanisms are Responsibility and Positions.
Take this opportunity to check your knowledge of the concepts presented in this module. Try to answer the questions on the slide. The answer for each question will pop up as you advance the slide. Each answer may link back to the area within the presentation where that concept is presented. At the end of the section referenced you will find a ‘Return to Knowledge Check’ hyperlink, which will take you back to this slide.
Siebel 2001 Configuration ©Accenture Visibility - 52
Knowledge Check (cont’d)
Question AnswerDescribe the relationships between responsibilities, views, and users.
Identify the different view types used toaccommodate the Access Control needs ofdifferent users.
Determine the access control mechanism for abusiness component.
Responsibility determines the set of views to which a user has access.
My View
Personal View
My Team’s View
All View
All Across Organization View
Administration
The access control mechanism for a business component is the View Mode.
Take this opportunity to check your knowledge of the concepts presented in this module. Try to answer the questions on the slide. The answer for each question will pop up as you advance the slide. Each answer may link back to the area within the presentation where that concept is presented. At the end of the section referenced you will find a ‘Return to Knowledge Check’ hyperlink, which will take you back to this slide.