PeopleSoft Application Fundamentals - Securing Chartfields

Hi,

Its been a while since I updated this blog, but I was busy with other things. Well, here is the next post in which we will see how to secure chartfields.

The first question is - what is the need to secure them?

The answer is that different users in the organization will have different needs and different levels of data access. To conform to this scenario, PeopleSoft allows administrators to configure data access to different users based on their roles and needs.

To implement this security feature efficiently, PeopleSoft allows security to be set by roles, user or permission list. This feature is enabled only for those pages that have amount fields and other sensitive information. Sensitive data could be categorized as assets, inventory and other expense related items.

Chartfield Security feature allows :

• Enabling & disabling access based on product, component, user, role or permission list.
• Restricting access to transactions containing unauthorized Chartfield values, distribution code values in relevant components, financial data containing unauthorized Chartfield values in Inquiry components, unauthorized Chartfield values during data entry.
• Specify components as exceptions for users, role or permission list.

Following are the ways with which one can implement Chartfield security :

• From Component search lists
• From Inquiry Page lists
• From Inquiry results
• From Drills to transaction components
• From Prompt edit table values
• From Distribution codes

The following pictures describe which pages are enabled for chartfield security for each PeopleSoft product.

To set up Chartfield security, you have to follow the steps below :

1. Define security options and products
2. Identify security requirements
3. Define and assign security rules
4. (Optional step) Copy security rules for users, roles or permission lists

The following should be in place before chartfield security can be implemented :

1. Identified chartfields that meet the security requirements
2. Security levels that are needed

The above is all that is needed to implement chartfield security. Of course, each individual product will have its own components to be secured. This is something that is being left to the reader to explore.

The next posts will move out of PS Application Fundamentals and will focus on implementation steps for PS FSCM modules.

PeopleSoft Application Fundamentals - Security

Hi,

First of all, wishing all the Indian viewers a very Happy Gudi Padwa / Ugadi / New Year.

This post will describe the various security features available in PeopleSoft and their uses. We will see how to -

• Specify System Security Options
• Define Row-level security
• Grant access to users
• Define Security Views - This is an optional step.

PeopleSoft provides various security levels to better manage the shared data. One can define multiple entry points and the best path to access data across different groups, departments, etc.

Security Access covers three areas :

1. Network - covers the overall entry point to the system
2. Database - covers the scope of users' access to information
3. Application - covers the field level security

Row-level security in PS FSCM

Before setting up the row-level security, one must decide the level of security, the fields that need to be secured and how the security is to be defined, i.e., either through Permission Lists or through User Ids.

Note : If the number of users is too high and they have identical security access, the Permission List method is more suited.

PeopleSoft security can be implemented on data controlled by the following key fields :

• BU
• SetID
• Ledger
• Ledger Group
• Book
• Project
• Pay Cycle
• Planning Instance

Specifying Security Options

Navigation : Setup Financials/Supply Chain -> Security -> Security Options -> Security Options

Type of Security

No Security - PS application security disabled. All users having access to a page can select any SETID, BU or Ledger.

User ID Level Security - PS security enabled by User ID. Users can access pages or prompt values associated with the SETIDs, BUs, Projects & Ledgers associated with their User ID.

Permission List Level Security - PS security enabled by Permission List. Users are restricted to key fields specified by the primary permission list to which their User IDs are assigned.

Note - This selection is not for a particular product but for all the FSCM products installed.

Secured Fields

One can select which fields to secure. Each field has a separate use. These are as follows :

1. BU - controls the transaction data.
2. SETID - controls accounting structure and rules tables.
3. Ledger - controls the ledger balances.
4. Book - specific to BU. Refers to Book in AM.
5. Pay Cycle - controls Pay cycle security.
6. Project - controls Project Costing data.
7. Planning Instance - controls the Planning Instance field.
8. Proj Security Type - choose Use List to select from list of Projects, choose Use Tree to select from a tree detailing projects.

Define Row-Level Security

The following components are used to define row-level security.

• Unit Security by Perm List (unit security by permission list) (SEC_BU_CLS)
• Unit Security by User ID (SEC_BU_OPR)
• TableSet Security by Perm List (tableset security by permission list) (SEC_SETID_CLS)
• TableSet Security by User ID (SEC_SETID_OPR)
• Ledger Security by Perm List (SEC_LEDGER_CLS)
• Ledger Security by User ID (SEC_LEDGER_OPR)
• nVision Ledger Security (LEDGER_SECURITY)
• Pay Cycle by user ID (SEC_PYCYCL_OPR)
• Pay Cycle by permission list (SEC_PYCYCL_CLS)
• Project Security (SEC_PROJECT)

Grant Access To Users

One has to access the individual component and grant requisite access.

E.g. For each primary Permission List or User ID, select the accessible BUs.

Define Security Views

Views are SQL statements that filter out those rows whose key values are not accessible by some users. This way users can access data spread over multiple tables and see only the relevant subset.

PS applications come without any security views built on prompt tables of the key fields. One has to enable or build their own views. Once these are set up, User IDs or Permission Lists can be granted access. However, setting up Security Views is an optional step.

Security view names have the following extentions to reflect the type of security views :

• NONVW - Indicates that no security is chosen for the field using this view as the prompt table.
• OPRVW - Indicates that user ID security is chosen for the field using this view as the prompt table.
• CLSVW - Indicates that Permission List security is chosen for the field using this view as the prompt table.

Thus, using the above, one can secure their PS system.

In the next post, I'll describe how to secure the PS chartfields.

PeopleSoft Application Fundamentals - User Preferences

Hi,

As promised, this post will discuss setting up User Preferences for the PeopleSoft system.

Before PeopleSoft users can be defined, one must set up User IDs for those who will set up default codes and values. Once that is done, one can access the User Preferences page to set up default values for PeopleSoft users.

Just like the Installation Options, here too we have to set up the Cross Application and the Application Specific user preferences.

Cross Application User Preferences

This is further broken into the following :

• Overall User Preferences - to define overall default user preferences for individual PS user. The impacted table is OPR_DEF_TABLE_FS1.

Navigation : Setup Financials/Supply Chain -> Common Definitions -> User Preferences -> Define User Preferences -> Overall Preferences

• Object Linking and Embedding (OLE) information - to define the users' web browser and client OS. The impacted table is OPR_DEF_TABLE_OLE1.

Navigation : Setup Financials/Supply Chain -> Common Definitions -> User Preferences -> Define User Preferences -> OLE Information -> OLE Information

• Process Group Preferences - to define the process groups, by transaction, that a user can use for on-demand processing. The impacted table is OPR_DEF_TBL_RTM.

Navigation : Setup Financials/Supply Chain -> Common Definitions -> User Preferences -> Define User Preferences -> Process Group -> Process Group

Application Specific User Preferences

Application specific User Preferences also have to be defined for the following Applications :

1. AM - Establish date default values, transaction loader processing options, interface table transaction edit options, and property pagelet defaults for a user.
2. BI - Server Name, Job Run option, Print Listing, Invoice Destination, Output Destination, Currency Code
3. Contracts - BU, Beginning Sequence, Region Code, Contract Status Authorizations
4. GL - Ledger, Ledger Group, Source, Journal Entry Options
5. IN - Demand Source, Source BU, Auto Numbering
6. Lease Administration - BU, Currency, Region
7. Manufacturing - Server Name
8. Sales Order - Order Management BU, Default Order Source Code, Beginning Sequence, Default Order Quantity
9. Pay Cycle - Server File Destination, Server Destination Printer, Server, Email ID
10. Supply Planning - Default Planning Instance, Order Key Operator
11. Project Costing - Data Entry Defaults, Date Defaults Values
12. Procurement - Location, Origin, Requester, Buyer
13. AP - Origin, Operator Voucher Authorities, Online Voucher Processing, Quick Invoice Configuration
14. Promotions Management - Bank Defaults, Prefixes
15. AR - Default BU
16. Strategic Sourcing - Departments, Permissions and Defaults, Event Authorizations
17. Staffing - Branch, As of Date, Currency Code, National ID Type
18. Maintenance Management - User Defaults, User Options, User Authorizations

Apart from the above, there are also a few other User Preferences that can be set - Vendor Rebate Agreements, Supplier Contract Management User, etc.

Leaving those for the readers to explore and find themselves.

My next post will discuss the security features provided by PeopleSoft.

Note - Feels good to publish two posts today. :)

PeopleSoft Application Fundamentals - Installation Options

Hi,

It gives me a lot of pleasure on releasing my new post on the day Oracle is to release the newest version of PeopleSoft - 9.2.

The complete oracle release news can be viewed here.

Coming to the next step - Setting up Installation Options.

Setting up these options can be broken into the following points :

• Setting up Cross Application Installation Options
• Defining Tax Provider Installation Options
• Setting up Application specific Installation Options

Setting Up Cross Application Installation Options

Under this section, we set up the -

1. Overall Installation Options
2. Options for installed Applications
3. Financial Sanctions Options
4. Login information for D&B interface
5. Documentum Installation Options
6. Commitment Control Installation Option

The overall Installation Options can be accessed by the following navigation :

Setup Financials/Supply Chain -> Install -> Installation Options -> Overall

The page looks as below.

On this page, one can set up various parameters like Default Country, Last Journal Id used, Tax Vendor, etc.

Defining Tax Provider Installation Options

This is a simple setting as it requires setting up just the one parameter - Tax Vendor.

The first part is specifying the Tax Vendor in Overall Options. Second and last part is providing the Tax Vendor details on the Tax Provider Installation Options page.

Navigation : Setup Financials/Supply Chain -> Install -> Tax Provider Installation -> Tax Provider Inst

Setting up Application specific Installation Options

This section allows one to set up installation options specific to each application. The applications are :

• AM - Asset Management
• BI - Billing
• Contracts
• eSettlements
• Expenses
• GL - General Ledger
• Grants
• IN - Inventory
• Real Estate Management
• Manufacturing

In the next post, we'll talk about setting up User Preferences.

PeopleSoft Application Fundamentals - FSCM Common Definitions 3

Hi,

In this post we'll see how to Define Sales & Use Tax Autorities and Codes, other Common components and Workflow Transactions.

 

Tax Authorities and Codes

PeopleSoft delivers simple tax tables but it requires the organizations to define and maintain Tax Authorities and Tax Codes themselves.

 

Tax Authorities - is defined as an agency allowed to set taxes. It contains individual tax rates and accounting information used to post taxes to GL.

 

Navigation : Setup Financials/Supply Chain -> Common Definitions -> Sales and use Tax -> Authorities -> Tax Authorities

 

Tax Codes - is a group of tax authorities. If a certain region has multiple taxes, then multiple tax authorities have to be defined and included in a single tax code. The sum of all taxes becomes the rate of tax code.

 

Navigation : Setup Financials/Supply Chain -> Common Definitions -> Sales and use Tax -> Codes -> Tax Codes

 

Apart from the above, there are other Common definitions that may be set up. These are Accounting Entry Template, Unit of Measure, Ship-To Locations, Ultimate Use Codes, etc.

 

Workflow

 

We'll see how to define workflow transactions in the following paragraphs.

 

In PeopleSoft, the following components are used for setting up workflow transactions :

1. Workflow Transaction Categories (EO_TRAN_CATS)
2. Workflow Transactions (EO_TRANSACTIONS)
3. Workflow System Rule (EO_SYS_WF_RULES)

The categories allow grouping the transactions with a workflow function that trigger the notification process. The workflow rules are associated with categories hence they apply to each transaction present in the category.

 

The workflow rules specify how the notifications will be sent out to the users whenever there is an even that needs their attention. The options are :

 

• Worklist - An entry is placed in the user's worklist
• Email - Users are notified by an email
• Both - Users are notified by both email and an entry in the worklist
• None - No notification
• User - The actual notification method is defined in the User Preferences page

Navigation is as below :

 

Workflow Category : Setup Financials/Supply Chain -> Common Definitions -> Workflow -> Categories -> Workflow Transaction Categories

 

Workflow Transaction : Setup Financials/Supply Chain-> Common Definitions -> Workflow -> Transactions

 

Workflow Rules : Setup Financials/Supply Chain -> Common Definitions -> Workflow -> System Rules -> Workflow System Rules

PeopleSoft Application Fundamentals - FSCM Common Definitions 2

In this post, we'll have a look at setting up Locations, Regions and Region Codes, Distribution Rules and Sets.

 

Location

 

An organization's business may be spread over multiple cities in a country or even multiple cities in different countries. Each place it does its business from is termed as a location.

 

PeopleSoft uses the components - Country, State, Location and Country Statistics to set up locations. The associated tables are - COUNTRY_TABLE, STATE_DEFN, LOCATION_TBL and COUNTRY_STAT. It uses the LOCATION_TBL_CI component interface to load data into these tables.

 

PeopleSoft allows reviewing country descriptions, selecting address formats by country, reviewing state & province descriptions, defining locations, adding location details and countries for reporting.

 

All the countries and their states / provinces are provided out of the box by PeopleSoft, so one does not have to set that up. One only has to set up the individual locations where his organization has its business presence.

 

Navigation : Set up Financials/Supply Chain -> Common Definitions -> Location -> Location -> Location Definition

 

Regions and Region Codes

Generally, organizations club multiple locations into a single group and that is called as a Region, e.g., NORTH, EAST, WEST, SOUTH, CENTRAL, etc.

 

Within PeopleSoft, Region may or may not be a physical / geographical area. It uses the Region Type Codes (REGION_TYPE) and Region Codes (REGION_CD) components to establish regions and region codes. The component interface used to load data here is REGION_CD_CI and REGION_TYPE_CI.

 

Regions have the following three categorization levels :

 

• Category - are system defined and determine the function of the region code.
• Type - are used for defining the various function of a business or to identify a region in a reporting hierarchy.

Navigation : Set up Financials/Supply Chain -> Common Definitions -> Location -> Region Type Codes -> Region Type Codes

• Code -  are the actual codes used to multiple purposes - defining territories, pricing, etc.

Navigation : Set up Financials/Supply Chain -> Common Definitions -> Location -> Region Codes -> Region Codes

 

Distribution Rules and Sets

 

Distribution Rules and Sets are used to identify the account distribution by product, customer, regions, Order groups, etc. on a sales order, RMA or contract. Any combination of these elements will also suffice.

 

Distribution sets page 

 

Navigation : Set up Financials/Supply Chain -> Common Definitions -> Distribution Accounting -> Distribution Sets

 

Distribution rules page

 

Navigation : Set up Financials/Supply Chain -> Common Definitions -> Distribution Accounting -> Distribution Rules

PeopleSoft Application Fundamentals - FSCM Common Definitions 1

This and a couple of other posts will describe setting up of Common Definitions required to implement various PeopleSoft modules.

 

We'll be covering the following :

• Setting up Audit Logging
• Setting up Document Management Options
• Setting up Locations
• Set up Regions and Region Codes
• Set up Distribution Rules and Sets
• Define Sales & Use Tax autorities and Codes
• Set up Workflow transactions

Setting up Audit Logging

 

Audit logging is required for clear & transparent tracking of transaction processing. This results in detailed audit trails. The framework allows one to track the status of tracked transactions. The audit log results can be searched by source, transaction or user. There is a provision also to archive or purge the audit logs.

To set up the Audit Logging or Financial Audit Framework, we use the following components :

1. FS_AUDITLOG_ENABLE to enable audit logging
2. FS_AUDITLOG_SEARCH for searching the audit logs
3. FS_AUDITLOG_PURGE for purging the audit logs

 Audit logging is available, out of the box, for the following transactions :

 

Module                             Audit Record                                     Transaction Flow

 

AM                                   AM_ASST_AUD_TBL                    Asset Adds and Copy

                                                                                                    Adjustments and Transfers

                                                                                                    Depreciation

                                                                                                    Interunit Transfers

                                                                                                    Re-categorizations

                                                                                                    Retirements and Reinstatements

                                                                                                    Revaluation

 

GL                                    GL_AUD_JRNL                               Journal Processing

 

AP                                    AP_VCHR_AUD_TBL                    Vouchers

                                         AP_PYMT_AUD_TBL                     Payments

                                         AP_CNTL_GRP_TBL                     Control Group

 

AR                                   AR_AUD_DEPOSIT                        Deposits

                                        AR_AUD_DRAFT                             Drafts

                                        AR_AUD_ITEM                                 Items

                                        AR_AUD_PND_ITEM                      Pending Items

                                        AR_AUD_PYMNT                            Payments

 

Enable Audit Logging

Audit logging can be enabled by :

•  Navigating to Set Up Financial/Supply Chain->Common Definitions->Audit Logging->Enable Audit Logging->Enable Audit Logging
• Choosing the Module (Application) that needs audit logging
• Choosing the audit record and events needing audit logging
   

Search on Audit Logging

Search Audit Logs Page displays only those events of the modules that have been audit enabled. These events are stored in the audit records. One only has to fill in the search criteria and then click the "Search" button to get the results. The search criteria and the search results depend on the the module and the application and the document (audit record) selected.

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Audit Logging->Search Audit Logs->Search Audit Logs

 

Purge Audit Logs

Audit logs need to be purged or archived from time to time as they do grow to large proportions. This is primarily due to the fact that there are multiple events for each document and any document can be updated multiple times.

 

Just like searching, one only has to enter the criteria to retrieve the audit logs that need to be purged. Once the logs are selected, just the "Purge" button needs to be clicked.

 

As a security feature, PeopleSoft does not allow purging of the Purge Log.

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Audit Logging->Purge Audit Logs->Purge Audit Logs

 

Setting up Document Management Options

 

To set up the Document Management Options, we use the following components :

• DC_PRODUCT sets up the document product options
• DC_PNLGRP sets up the document component options
• DC_PNL_OPT sets up the document page options

To select the Documentum-Enabled Applications, one has to access the Documentum Product Options page.

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Documentum->Product Options->Product Options

 

PeopleSoft delivers the following values out-of-the-box :

1. Engineering / Manufacturing - for Engineering, Manufacturing and Contract documentum-enabled pages
2. Enterprise - for all other documentum-enabled components.

 

To set up the Document Management Option by Application, one has to navigate to the Documentum Component Options Page and then decide what level of access capabilities need to be provided for each component.

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Documentum->Component Options->Component Options

 

The valid actions are :

1. View Document Details
2. Query the Documentum Database
3. View Document Content
4. Launch Documentum
5. Fix or Unfix versions
6. Copy Associations

 

One thing to note here is that the maintenance components will have all the above valid actions accessible, the inquiry components will only have View Document Details and View Document Content actions accessible.

 

To determine the Documentum Page Actions, we have to navigate to the following :

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Documentum->Page Options->Page Options

 

Over here, we can set which documentum enabled page to keep within a component. This page also displays the record containing the cumentum document information for that page. This field is non-editable. One has to provide a UNIQUE name for each documentum enabled page. The primary purpose is to share this page across different components.

 

For defining the Documentum Page Copy Options, we have to navigate to the following :

 

Navigation : Set Up Financial/Supply Chain->Common Definitions->Documentum->Page Options->Copy Properties

 

What one selects on this page determines what one can see while clicking the Copy Document Associations button on a Documentum enabled page.

 

However, one should normally use the preset properties for all existing Documentum-enabled pages as incorrect values can give rise to unpredictable results while copying document associations.

PeopleSoft Application Fundamentals - Overview

Hi,

From this post on, we'll be entering the world of PeopleSoft FSCM starting with the very basics from where we'll move on to the functionalities of each module.

The post will cover the following :

• Defining FSCM common definitions
• The installation options for PS applications
• Defining user preferences and security options
• Defining and using chartfields
• Editing chartfield combinations and configuring chartfields
• Using trees, entry events and alternate accounts
• Defining calendars
• Setting up ledgers
• Using journal generator, intra-/inter-unit accounting and chartfield inheritance
• Processing allocations
• Setting reporting options and reports

Apart from the above, we'll also be reviewing the setup tasks for each of the PeopleSoft module.

 

PeopleSoft Architecture

Hi,

This post will describe the PeopleSoft's internet architecture and the various ways one can connect to the PeopleSoft application.

PeopleSoft provides multiple ways to connect to the underlying application. These are :

• 2-Tier : Typical client-server based model
• 3-Tier : Client-server model
• 4-Tier : Web-based model

2-Tier

This is a typical client-server model mostly used by the developers.

The two tiers are the local machine where PSIDE.exe + the connectivity software is installed and the database server. The connectivity software is the database client. This method needs a ConnectID to be provided in the configuration manager.

This model is mostly used by the developers who connect to the database directly from Application Designer.

The obvious drawback of this method is that it puts a load of pressure on the DB server whenever there is a large development team.

Other drawbacks are :

• every developer machine needs to have the database client installed
• since all the machines will need a ConnectID - essentially a database user id - it allows all the users to have direct access to the underlying database

3-Tier

To address the drawbacks of the 2-Tier model, PeopleSoft offers the 3-tier mode.

In this method, the client application connects to the App Server that is already connected to the DB server. Thus, this method does not require the ConnectID and associated password.

Here, the three tiers are the local machine where the PSIDE.exe is installed, the App Server and the DB server.

Under this model, most of the communication is between the App Server and the DB server thereby releasing the load on the latter. Hence, this model is suitable for larger development teams.

Other advantages of this model are :

• database client need not be installed on each of the client machines
• reduced network traffic between the client and the App server

4-Tier

PeopleSoft's 4-Tier mode is its Pure Internet Architecture that is popularly called the PIA. This is entirely a web-based solution. It was introduced with PeopleTools 8. There are no PeopleSoft executables on the client.

The four tiers here are the web browser, Web Server, App Server and the DB server.

Under this model, the client - web browser - connects to the Web server that is connected to the App server that ultimately is connected to the DB server.

 So, how does it really work?

 The following diagrams explains it.

1. The web client contacts the web server via http or xml
2. The web server, using JOLT, connects to the App server
3. The App server, using SQL, connects to the DB server, retrieves the information and sends the result back to the client via the web server

Note : The final image is taken from here.

The diagram also shows that this method allows integration with third-party / legacy applications as well as enterprise directory. Additionally, it provides the user with the flexibility of connecting to the PeopleSoft application through wired / wireless / mobile devices.

The above architecture is application independent, i.e., all PeopleSoft applications like HCM, FSCM, etc. follow the same architecture.

A more detailed explanation of the PIA can be found here.

Introduction

Hi,

With a series of posts on this blog, I wish to explain the basics of PeopleSoft Financials, i.e., PeopleSoft FSCM and what is available in the current version - 9.1

Loosely, the flow of posts would be as follows :

• PeopleSoft Architecture
• PeopleSoft Application Fundamentals
• PeopleSoft FSCM Modules like General Ledger, Accounts Payables, etc.

This blog aims for the following :

• provide basic understanding of the PeopleSoft FSCM application to beginners
• provide experts a place to share their experiences and knowledge
• assist experienced professionals in any manner to resolve functional queries
• be a knowledge hub for PeopleSoft FSCM professionals to connect and mutually learn

 Looking forward to your reviews, comments and well wishes to help grow this blog to a PeopleSoft FSCM knowledge repository.