R12 MOAC (Multi-Org Access Control) Uncovered John Peters JRPJR, Inc.

Slides:



Advertisements
Similar presentations
AN INTRODUCTION TO PL/SQL Mehdi Azarmi 1. Introduction PL/SQL is Oracle's procedural language extension to SQL, the non-procedural relational database.
Advertisements

R12 New Features in QTC Track NCOAUG 22-Feb-08 Ravi Sagaram.
GP2013 (R2) New features in GP2013 (R2). New Ribbon for windows Edit List is the Print button on the right without the paper background Action pane can.
SQL This presentation will cover: A Brief History of DBMS View in database MySQL installation.
Practice Insight Instructional Webinar Series Reporting
NorCal OAUG Training Day, Paper01/21/ John Peters, JRPJR, Inc.1 Data Scrambling in Non-PROD Cloned Instances John Peters JRPJR, Inc.
NorCal OAUG Training Day, Pres 5.09John Peters, JRPJR, Inc.1 So you want Multiple Languages in your Oracle E-Business Suite John Peters JRPJR, Inc.
Copyright © 2009 Rolta International, Inc., All Rights Reserved a c c e l R12™ Upgrade Approach.
Salesforce.com Leads. Unit Name Leads The leads SF object provides the ability to track prospective students You can create new leads fm a variety of.
Cognos 8.4 Upgrade Business Intelligence. Why Cognos 8.4 Increased Performance on Database due to optimized SQL and more filters passed in native SQL.
System Administration Accounts privileges, users and roles
Introduction to Multi-Org-Access-Control (MOAC) R12
A Guide to MySQL 3. 2 Objectives Start MySQL and learn how to use the MySQL Reference Manual Create a database Change (activate) a database Create tables.
Slide 1 FastFacts Feature Presentation 12/16/2014 To dial in, use this phone number and participant code… Phone number: Participant code:
DB Audit Expert v1.1 for Oracle Copyright © SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.
07/19/04 NorCal OAUG Training Day, Paper 2.4 John Peters, JRPJR, Inc.1 Oracle Workflow Notifications John Peters JRPJR, Inc.
Presentation Title Mohan Dutt Hyperion Solutions Corporation
Custom Web ADI Integrators
FireRMS SQL Audit, Archiving & Purging Presented by Laura Small FireRMS Quality Assurance.
Database Design for DNN Developers Sebastian Leupold.
9/10/20151 Hyperion Enterprise 6.5 New Features & Functionality Robert Cybulski, CPA Finit Solutions.
01/17/07 NorCal OAUG Training Day, Paper 3.9 John Peters, JRPJR, Inc.1 Getting Started With Approvals Management Engine John Peters JRPJR, Inc.
IAM Online - Grouper Permissions Chris Hyzer University of Pennsylvania / Internet2 September 14, /14/20151.
Report Manager for FSGs in R12 Farewell ADI toolbar
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
CSIS 4310 – Advanced Databases Virtual Private Databases.
Copyright © 2007, Oracle. All rights reserved. Managing Concurrent Requests.
Unraveling the Mysteries in the System Administrator Responsibility NCOAUG Training Day February 22, 2008 Judy Vales.
Why Use The Denkh HTML Reporter Scott Auge Amduus Information Works, Inc.
A Guide to MySQL 3. 2 Introduction  Structured Query Language (SQL): Popular and widely used language for retrieving and manipulating database data Developed.
Dale Roberts 1 Department of Computer and Information Science, School of Science, IUPUI Dale Roberts, Lecturer Computer Science, IUPUI
What is a Package? A package is an Oracle object, which holds other objects within it. Objects commonly held within a package are procedures, functions,
Session Making Queries and Multiple Entry Work for You in Direct Loans (Hands-On) Session 21.
3 Copyright © 2004, Oracle. All rights reserved. Working in the Forms Developer Environment.
1 Intro stored procedures Declaring parameters Using in a sproc Intro to transactions Concurrency control & recovery States of transactions Desirable.
Dionex Corporation Designs, manufactures and sells chemical analysis equipment Based in Sunnyvale, California Employs more than 1,200 people worldwide.
A Guide to SQL, Eighth Edition Chapter Six Updating Data.
Chapter 6 Virtual Private Databases
Introduction to Teradata Client Tools. 2 Introduction to Teradata SQL  OBJECTIVES :  Teradata Product Components.  Accessing Teradata – Database /
Starting with Oracle SQL Plus. Today in the lab… Connect to SQL Plus – your schema. Set up two tables. Find the tables in the catalog. Insert four rows.
IMS 4212: Constraints & Triggers 1 Dr. Lawrence West, Management Dept., University of Central Florida Stored Procedures in SQL Server.
Using Workflow With Dataforms Tim Borntreger, Director of Client Services.
Oracle Business Intelligence Foundation – Testing and Deploying OBI Repository.
Cash Management Security. Objectives After completing this lesson, you should be able to do the following: Describe Cash Management security Create security.
Oracle Apps 11i/ R12 Financials Training Online | classroom| Corporate Training | certifications | placements| support CONTACT US: MAGNIFIC TRAINING INDIA.
MICROSOFT ACCESS – CHAPTER 5 MICROSOFT ACCESS – CHAPTER 6 MICROSOFT ACCESS – CHAPTER 7 Sravanthi Lakkimsety Mar 14,2016.
Oracle Query VBA Tool (OQVT)
 CONACT UC:  Magnific training   
Enterprise Oracle Solutions Oracle Report Manager The New ADI and More Revised:June 20091Report Manager/SROAUG Presentation.
Oracle Apps Financials Online Training With Placement CONTACT US: USA: , INDIA: ,
BTM 382 Database Management Chapter 8 Advanced SQL Chitu Okoli Associate Professor in Business Technology Management John Molson School of Business, Concordia.
Click here to download this powerpoint template : Green Floral Background Powerpoint TemplateGreen Floral Background Powerpoint Template For more templates.
Oracle apps financial functional training Contact us: Magnific training Training | placement|Certificaions.
Oracle 11g: SQL Chapter 5 Data Manipulation and Transaction Control.
1 Copyright © 2005, Oracle. All rights reserved. Oracle Database Administration: Overview.
CONTACT US: USA: , INDIA: ,
3 A Guide to MySQL.
Stop the madness - How to balance to the GL
Project Management: Messages
Adastra v3 Reporting & National Quality Requirements
Working in the Forms Developer Environment
Custom Profile Options
Building Regression Tests With PeopleSoft Test Framework
Oracle Subledger Accounting
Oracle Apps Technical online Training at GoLogica
Practice Insight Instructional Webinar Series Reporting
SQL This presentation will cover: View in database MySQL installation
NAVIGATING THE MINEFIELD
Financials in Microsoft Dynamics SL 2015.
Presentation transcript:

R12 MOAC (Multi-Org Access Control) Uncovered John Peters JRPJR, Inc.

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.2 How many of you are on 11.0, 11i, 12? How many of you plan to upgrade to R12 in the next 18 months? Before We Start A Quick Audience Survey

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.3 This presentation has been composed from my experiences with several R12 clients The most recent exposure has been with an upgrade from to Client has: –Full Financials (AP, AR, GL, FA, HR) –Operations (OM, INV, BOM, QA) –CRM (CS, CSI, OKC/OKS, FS) This Presentations Version Info

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.4 Why MOAC (Mult-Org Access Control) Comparison of the Pre-R12 and R12 Multi-Org Architectures What you need to know now when using tools against an R12 MOAC DB MOAC Setups Some potential flaws What I am going to cover

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.5 R12 Offers True Multi-Org Access Responsibilities are assigned a Security Profile which is a group of Operating Units Assignment is through the profile option ‘MO: Security Profile’ set at the Responsibility Level. True Multi-Org Access Control Responsibility Operating Units

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.6 So from one responsibility you can perform transactions and report on transactions from multiple operating units Desirable in a share services environment Users have to be very careful and disciplined while using MOAC Even though MOAC is available changing responsibilities to change operating units has some benefits True Multi-Org Access Control (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.7 R12 implements MOAC through DB Synonyms that replace the old Multi-Org Views Lets take the example of Order Management Hey …. where did the views go? OE_ORDER_HEADERS_ALLOE_ORDER_HEADERS ONT DB UserAPPS DB User

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.8 Base data tables exist in the product schema with a naming convention of %_ALL. The data in this table is striped by ORG_ID (Operating Unit). A view in the APPS schema provides the Multi-Org filtering based on the statement below in the where clause. SUBSTRB(USERENV ('CLIENT_INFO'), 1, 10) Pre-R12 Multi-Org Architecture Base Table OE_ORDER_HEADERS_ALL View OE_ORDER_HEADERS ONT DB UserAPPS DB User

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.9 Base data tables exist in the product schema with a naming convention of %_ALL. The data in this table is striped by ORG_ID (Operating Unit). A synonym in the APPS schema provides the Multi- Org filtering based the Virtual Private Database feature of the Oracle 10G DB Server. R12 Multi-Org Architecture Base Table OE_ORDER_HEADERS_ALL Synonym OE_ORDER_HEADERS ONT DB UserAPPS DB User VPD

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.10 Security Profile and Operating Units 62 – 299 (Canada) 63 – 2 (US) 64 – 299, 2 (North America) Sample Query select ORG_ID, count(*) from OE_ORDER_HEADERS group by ORG_ID; Security Profile = 62 (Canada) 299, 1000 Security Profile = 63 (US) 2, 7000 Security Profile = 64 (North America) 299, , 7000 Real World Example

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.11 This is a security feature of the Oracle Database Server 10G Security Policies can be applied to database object to control access to specific rows and columns in the object Security Policies can be different for each DML action –Select –Insert –Update –Delete What is a Virtual Private Database

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.12 Since Security Policies can be restrictive you might not be able to insert or update records through them. The Security Policies are not easily viewable using tools like TOAD. You need to be careful if you drop a Synonym because you won’t always know if a Security Policy is applied to the Synonym and more importantly how to reapply it. Virtual Private Database Gotchas

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.13 Pre-R12 you could set your SQL session context for multi-org with the following: BEGIN dbms_application_info.set_client_info(2); END; In this example 2 is the ORG_ID for the Operating Unit I am interested in. Or you could have used FND_GLOBAL.APPS_INITIALIZE to set your context. In SQL Pre-R12

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.14 This is a handy little SQL routine to dump out the ORG_ID’s and Operating Unit Names. select ORGANIZATION_ID, NAME from HR_OPERATING_UNITS; This still works in R12 How do you get the ORG_ID

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.15 In R12 you can set your SQL session context for a single OU with the following: BEGIN execute mo_global.set_policy_context('S',2); END; The ‘S’ means Single Org Context 2 is the ORG_ID I want set In SQL R12

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.16 In R12 you can set your SQL session context for multiple OU’s with the following: BEGIN execute mo_global.set_org_access(NULL,64,‘ONT'); END; 64 is the Security Profile you want to use ‘ONT’ is the application short name associated with the responsibility you will be using R12 Preferred Method

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.17 The following SQL will dump out the Security Profiles and Operating Unit Names assigned to them select psp.SECURITY_PROFILE_NAME, psp.SECURITY_PROFILE_ID, hou.NAME, hou.ORGANIZATION_ID from PER_SECURITY_PROFILES psp, PER_SECURITY_ORGANIZATIONS pso, HR_OPERATING_UNITS hou where pso.SECURITY_PROFILE_ID = psp.SECURITY_PROFILE_ID and pso.ORGANIZATION_ID = hou.ORGANIZATION_ID; How to find the Security Profiles

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.18 The following SQL will dump out the Security Profiles assigned in via the Profile Options select fnd_profile.value_specific('XLA_MO_SECURITY_PROFILE_LEVEL', user_id, resp_id, appl_id) from dual; Where: user_id: FND_USER.USER_ID resp_id: FND_RESPONSIBILITY_TL.RESPONSIBILITY_ID appl_id: FND_APPLICATIONS.APPLICATION_ID Security Profile From Profile Option

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.19 Based on what I have shown above it is obvious that this will change how you develop: –Reports –PL/SQL and SQL Concurrent Programs –Workflows –Forms For more details please see: ML Note: Oracle Applications Multiple Organizations Access Control for Custom Code Custom Development

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.20 After upgrading to R12 you will find that some Multi- Org tables will now have rows with ORG_ID = These are seed data template rows that are essentially values for “All Orgs” This can cause issues when Oracle Applications functionality requires unique names because these get are unioned in to results in many cases: –RA_BATCH_SOURCES_ALL.NAME What’s ORG_ID -3113

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.21 There are other related steps, I am only showing true ‘MOAC’ related ones Create Oracle Apps Security Profiles (no not the same as the VPD Security Profiles) Assign Security Profiles to Responsibilities through the Profile Option ‘MO: Security Profile’ Other Profile Options Concurrent Programs Setups Summary

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.22 A good reference is the manual: ‘Oracle Applications Multiple Organizations’ Implementation Guide Release 12 Part No. B Setup Steps Documentation

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.23 The Security Profiles form allows you to group together Operating Units Setups: Security Profiles

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.24 The Security List Maintenance concurrent program must be run each time you add or change Security Profiles. Run Security List Maintenance

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.25 There are three Profile Options you need to be aware of related to Multi-Org that should be set at the Responsibility Level. The R12 profile option ‘MO: Security Profile’ is always evaluated first. The pre-R12 profile option ‘MO: Operating Unit’ still works in R12. It is just a secondary priority being evaluated after ‘MO: Security Profile’. The R12 profile option ‘MO: Default Operating Unit’ sets the default Operating Unit for transactions when running under a Security Profile. Setups: Profile Options

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.26 Setups: Profile Options (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.27 Many R12 applications modules do not work with ‘MO: Security Profile’ set for a given responsibility. They must only use ‘MO: Operating Unit’. Some even require all three Profile Options set. Examples: –CRM Modules –Certain GL Drill Down Functions (trial and error determination of setups, no clear direction) Pre-R12 ‘MO: Operating Unit’

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.28 Oracle has implemented a new parameter on the System Administration : Concurrent Parameters form to control how to handle Operating Units. Concurrent Programs

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.29 Yes that’s the System Administration Responsibility Concurrent Programs (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.30 The Operating Unit Mode parameter does not show up in the System Administor : Define Concurrent Programs form. Concurrent Programs (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.31 The Operating Unit Mode parameter is not always set properly by Oracle Development during an upgrade. This setting has three values: NULL – default setting Single – run only for a specific Operating Unit specified by ‘MO: Operating Unit’ profile option Multi – run for multiple Operating Units based on the ‘MO: Security Profile’ profile option Change this setting from the default NULL setting to Single to see if this resolves report execution errors. Concurrent Programs (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.32 This Operating Unit Mode parameter is used to identify: –How the program executes the multiple organizations initialization –When to display Operating Unit prompt in the Submit Requests window and Schedule Requests window. This impacts how the Submit Requests form evaluates Concurrent Request Parameter List of Values. If you don’t see what you want try changing this setting. Concurrent Programs (cont)

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.33 GL Segment Value Set Security Rules do not allow you to restrict usage based on Operating Unit Example: You have a North America responsibility (CA & US) You have selected a transaction for the US OU You can enter GL Segment values for both CA & US on the transaction based on your MOAC Security Profile From Brian Kotch, PinPoint Consulting MOAC Flaws? – GL Segments

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.34 As I mentioned before upgraded R12 instances can run into uniqueness issues when data is copied over to ORG_ID RA_BATCH_SOURCES_ALL.NAME MOAC Flaws? – ORG_ID -3113

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.35 We still need to set this for some strange reason in GL and CRM Modules? No clear documentation describing when you need to set this Put up an SR with hints of MOAC issues and the analyst will ask you to probably try this first MOAC Flaws? – MO: Operating Unit

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.36 Sometimes they don’t appear to always work properly. How do you know when this is applied to a database object? How do you reapply this should the object need to be recreated? MOAC Flaws? – VPD Security Profile

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.37 ML Note: Oracle Applications Multiple Organizations Access Control for Custom Code ML Note: SQL Queries and Multi-Org Architecture in Release 12 ML Note: Oracle Applications Multiple Organizations Release 12 Roadmap Document Oracle Applications Multiple Organizations Implementation Guide Release 12 Part No. B Further Reading

NorCal OAUG Training Day, 01/21/09 Paper 4.01 John Peters, JRPJR, Inc.38 My contact information: John Peters Additional reference papers can be found at:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.