21 January 2008

GP 10 Security Upgrade Helpers

Ok, you should know by now that upgrading security in GP 10 from 8.0 or 9.0 has been a less than pleasant experience. The new security model is considerably better but has introduced pain into the upgrade.


Here's a small roundup of tips:

  • SP1 seems to have helped the process go from nada to something
  • Consider rebuilding security despite a working upgrade. You ultimately wont' be happy with the results long term results of the upgrade but it will get you live. Resist the urge to put a security rebuild in the terminally delayed Phase 2. Stick in the upgrade plan!
  • Turn on activity tracking for failed access to windows and reports. This will at least give you an indicator of what access failed post upgrade.
  • Update: I missed one! From Jim on our IBIS help desk, there is a TASK (not a role) a TASK called defaultuser. Out of the box, the defaultuser task has rights to enter and edit accounts in the chart of account. We've seen cases where folks are setting up roles and adding tasks. They add the defaultuser task not realizing that it has chart of account modification priviliges.
  • Update: Ok I missed two! There's no security settings import/export so you can't build your dream security in test and easily migrate it to live. At least not that I've seen yet.
I have a couple more but they've either come from priviledged sources or I need to verify more info.
Cindy Mikeworth was kind enough to pass along some of this info from the GP Private Newsgroup. I'm careful about what I post from there but her information was generic enough to be useful without violating any agreements. Thanks Cindy!