日期:2014-05-16 浏览次数:20966 次
MOAC(Multi-Org Access Control)为多组织访问控制,是Oracle EBS R12的重要新功能,它可以实现在一个Responsibility下对多个Operation Unit(OU)进行操作。MOAC允许用户在不切换responsibility的情况下,在一个responsibility下处理多个OU组织的事务。
User --> Responsibilities --> Single Operation Unit Mode / Multiple Operation Unit Mode
一个应用场景:
某集团公司下边主要分为三个区域(北美,欧洲,亚太),亚太区你是一采购部经理,负责所有七个Operation Unit。
这种情况下,系统管理员可以创建一个security profile,这个security profile设置成可以访问这七个亚太组织,并把这个security profile赋予到你的responsibility下,这样你就能在同一个职责下访问这七个OU了,就不用不停地切换职责来访问不同OU了。
另外如果你要经常处理中国OU下的事务,那么你可以设置Profile:MO: Default Operating Unit到中国,那么业务默认的OU就是中国了。
有三个主要的Profile
MO: Security Profile :provides access to multiple operating units from a single responsibility.If the MO: Security Profile is set, then the MO: Operating Unit profile will be ignored.
MO: Default Operating Unit :If you set the MO: Security Profile profile option, you can also set an operating unit as the default operating unit using the MO: Default Operating Unit profile option. This is useful when you transact in multiple
operating unit but frequently transact in one operating unit.
MO: Operating Unit :MO: Operating Unit profile option only provides access to one operating unit.
1) If the profile option “MO: Security Profile” is not set, then “MO: Operating Unit” value is used as the default Operating Unit even if “MO: Default Operating Unit” profile is set to a different value.
2) If the profile option “MO: Security Profile” is set and gives access to only one Operating Unit, the default Operating Unit will return this value even if “MO: Default Operating Unit” is set to a different value.
3) If the profile option “MO: Security Profile” is set and gives access to multiple Operating Units :
- If the profile value “MO: Default Operating Unit” is set, it is validated against the list of Operating Units in “MO: Security Profile”.
+ If the Operating Unit is included in the security profile then it is returned as the default value.
+ Else there is no defaulted Operating Unit .
- If the Profile Option “MO: Default Operating Unit” is not set, then there is zero (no) default Operating Unit.
单组织即一个Responsibility只访问一个OU,设置情况大体如下,对于职责:Manufacturing and Distribution Manager,
MO: Operating Unit=Vision Operations
MO: Security Profile=空
这样我们在使用职责:Manufacturing and Distribution Manager的时候,就只能访问到Vision Operations的数据,比如创建的PO,这个PO只能处于OU:Vision Operations下,另外所选取的供货商也只能是Vision Operations下的。
首先定义一个Security Profile,路径:HRMS Super User Responsibility > Security > Define Security Profile,Business Group:Vision Corporation,'Security Type'选择'Secure organizations by organization hierarchy and/or organization list',并且我们把在Organization Name列表中添加三个OU:Vision
Operations,Vision Corporation ,Vision Services.