EBS:

1. Responsibilities a. A responsibility is a collection of authorizations that allow access to: i. A specific application or applications ii. A set of books iii. A restricted list of windows, functions, and reports b. Create a responsibility - Navigational Path: System Administrator>Security>Responsibility>Define i. Responsibility Name 1. Unique name given to your responsibility a. RECOMMENDATION: Use unique identifier (e.g. MB) to distinguish your custom responsibilities from Oracle seeded responsibilities ii. Application 1. The owning application for the responsibility. 2. This application name does not prevent the user of this responsibility from accessing other applications' forms and functions if you define the menu to access other applications. iii. Responsibility Key 1. This is the internal key for the responsibility that is used by loader programs, (concurrent programs that load messages, user profiles, user profile values, and other information into Oracle Applications tables). The responsibility key is unique per application. i. RECOMMENDATION: Make it the same as responsibility Name iv. Description (Optional) 1. Informational only v. Effective Dates 1. Allows you to expire the responsibility vi. Available From 1. This is the navigator from which the responsibility will be available (Oracle Applications forms navigator, mobile navigator). 2. A responsibility may be associated with only one Applications system. vii. Data Group 1. Name: Standard 2. Application a. Should be set to same application as b.ii viii. Menu 1. This is the menu which you want to have in your responsibility at the highest level

ix. Manage Exclusions 1. Excludes parts of the menu defined earlier 2. Excludes by function or by sub menu a. When you exclude a function from a responsibility, all occurrences of that function throughout the responsibility's menu structure are excluded. b. When you exclude a menu, all of its menu entries, that is, all the functions and menus of functions that it selects, are excluded. x. SAVE

2. Users a. Person who accesses the oracle application b. Create a user - Navigational Path: System Administrator>Security>User>Define i. Create Unique Username 1. An application user enters this username to sign on to Oracle Applications.

2. The username should only contain characters allowed by Oracle Single Sign-On. 3. Define meaningful usernames, such as the employee's first initial followed by their last name.

a. RECOMMENDATION: Use current company naming

convention ii. Assign Initial Password 1. User will be required to change his or her password at first login

2. Must be entered twice to ensure you did not make a typing error 3. System Administrator can set an initial password or change an existing password, but you cannot access the user's chosen password.

iii. Password Expiration 1. Days Allows user to login for a certain number of days 2. Accesses Allows user to login to system a limited amount of times 3. Person a. Linked to HR b. Email & Fax default from person c. Needed for notification emails and workflows 4. iv. Assign Responsibilities 1. A responsibility is a collection of authorizations that allow access to: a. A specific application or applications b. A set of books c. A restricted list of windows, functions, and reports

2. Each user has one or more responsibilities, and several users can share the same responsibility. 3. A system administrator can assign users any of the standard responsibilities provided with Oracle Applications or create new custom responsibilities as needed. v. SAVE

3. Custom Menus a. You have the ability to create a menu and change the order of the menu you create. i. NOT advised to change seeded responsibility may get overridden through upgrades. b. Create a Menu - Navigational Path: System Administrator>Application>Menu i. MENU: Choose a name that describes the purpose of the menu. Users do not see this menu name. ii. User Menu Name: You use the user menu name when a responsibility calls a menu or when one menu calls another. iii. Menu Type: Specify a menu type to describe the purpose of your menu. Options include: 1. Standard - for menus that would be used in the Navigator form 2. Tab - for menus used in self service applications tabs 3. Security - for menus that are used to aggregate functions for data security or specific function security purposes, but would not be used in the Navigator form iv. Description (Optional) 1. Informational Only v. Sequence 1. Enter a sequence number to specify where a menu entry appears relative to other menu entries in a menu. The default value for this field is the next whole sequence number. 2. Attention: You can only use integers as sequence numbers. 3. A menu entry with a lower sequence number appears before a menu entry with a higher sequence number.

vi.

vii. viii.

ix. x.

xi.

a. You cannot replace a menu entry sequence number with another sequence number that already exists. If you want to add menu entries to a menu entry sequence, carefully renumber your menu entries to a sequence range well outside the sequence range you want, ensuring that you do not use existing sequence numbers. Once you save this work, you can go back and renumber each entry to have the final sequence number you want. Navigator Prompt 1. Enter a user-friendly, intuitive prompt your menu displays for this menu entry. You see this menu prompt in the hierarchy list of the Navigator window. 2. Suggestion: Enter menu prompts that have unique first letters so that power users can type the first letter of the menu prompt to choose a menu entry. Submenu 1. Call another menu and allow your user to select menu entries from that menu. Function 1. Call a function you wish to include in the menu. A form function (form) appears in the Navigate window and allows access to that form. Other non-form functions (subfunctions) allow access to a particular subset of form functionality from this menu. Description 1. Descriptions appear in a field at the top of the Navigate window when a menu entry is highlighted. Grant 1. The Grant check box should usually be checked. Checking this box indicates that this menu entry is automatically enabled for the user. If this is not checked then the menu entry must be enabled using additional data security rules SAVE

OTM:
Access

Public Domain: dba.admim o DBAs/Superusers only o Cannot change or edit unless you have access OWN domain: mbci.admin / LGC.admin o MBCI Static data/Masterdata Customers/locations(address) Carriers/service provider Carriers rates Items LGC Domain Order Releases Shipments (Loads) Integration EBS Domain Domains Access Grants User specific View (readonly) Write(Edit) View/Write NEVER CHANGE PUBLIC DOMAIN STUFF ..create copy and edit

o o

Creating a user o Each user ID has access to one domain o Need to be at admin level for domain to create user o o Login to desired domain with domain.Admin account Navigational Path: Configurations and Administration>User Management>User Manager Click NEW User Name User names default to upper case characters. User information can be created and updated only for users in the current domain. Do not make the ID the same as a domain name, access control list, or entry point. Naming convention is first initial + last name Login Username o MBCI.username /LGC.username/Nickname NICKNAME: optional You can record a nickname for any user to use as an alternate user ID for a login that bypasses the need to type a domain name. o For example, a standard user name is comprised of the domain.user ID.

o o

if you assign a nickname, a user can enter that nickname without a domain name. Policy checks consider User ID and nickname as being the same. If you type in a bad password for a User ID or a nickname it counts against the total number of incorrect logins allowed.

Password: Case Sensitive

Change password is not prompted, but you can change it in user preferences o Note: The Change Password option in User Preference enables users without ADMIN user level access to change their own passwords. o Only users with ADMIN user level access can change passwords other than their own. Retype your password to verify accuracy.

Assigning a Role: o A user role controls the data visibility and functional security for a user. By assigning a role, you can control the data that a user can see as well as the functions that the person can perform. o If the user is an external user, select the External User check box. o User Role ID: Default o Transportation Intelligence Role : NO Access until given a reporting role Account Policy ID o Control the user login and password expiration attributes. o To delete an account policy already assigned to a user, remove the entry in the Account Policy ID field. o When a password is reset by an ADMIN user, the following is reset for the user:

Password Expiration Date is set to the current time, if the Change after Reset option is selected. Account Lockout Time is set to null restore a lockout account. Last Login Date Note: You should not assign an account policy to any domain administrator.

Document Use Profile o Document use profile defines upload security for users. This profile can be set for all users in a particular domain and overridden by particular users in the domain. Adding a Document Use Profile:

Enter a unique Profile ID. If you want to allow the user to upload documents, select the Uploads Allowed check box. If you want to indicate that the user is trusted to upload documents, select the Uploads Trusted check box. If you want to specify the maximum upload size, enter the number in the Maximum Upload field. If this is left empty, a document can be large. If the user's browser supports virus checking, select the Browser Virus Protected check box. Transporation Intelligence Role o Transportation intelligence roles determine user access for Fusion Transportation Intelligence (FTI). Roles are then associated with users via the Manage User page. By default, users have no access, so users must be given rights to access FTI. If a new Transportation Intelligence Role is added in the system, it also needs to be added to the Oracle Business Intelligence Enterprise Edition (OBI EE) layer. The FTI Role provides the functional security. Thus, after adding the new FTI Role in the OBI EE layer, you should manually add the access that this role has to Dashboards, Reports and so on. o Adding Roles Enter a unique Transportation Intelligence Role ID. Enter a Domain or accept the default. Click Finished Access Control List o Access granted/denied to a user take precedence over the access granted through user roles. o Enter an Access Control List.

If you want to grant the permissions stated in the access control list to the user, select the Granted check box. If you wish to deny access to the permissions granted by the access control list, clear the Granted check box. Click Save for each access control list you enter. Click Finished.

FINISHED

Creating a new role Name

Vpd (virtual private data) profile

MBCI.~ static data LGC. ~Transactional/Orders-Shipments

OBIEE Authentication: At login, the OBIEE server queries EBS OLTP Schema table for authentication of user ID and password (EBS user ID and password must be provided at login)