Announcements
Hi
Is there a way of restricting users to only have access to specific employees?
For instance User A can only view employees in Department A and User B can only view employees in Department B.
I know this is possible using Record Level Security (RLS) and Extensible Data Security (XDS) but would like to know if there is another way that can be done via the front-end with no customisation.
I have seen an option to create separate Address Books and then to grant someone access via Teams to the Address Book but did not have any success in getting this to work.
Any suggestions on how to achieve this?
Thank you André, I managed to get this working using Address Books. Your last point regarding all workers without Address Books being visible is where I went wrong.
Thank you André, I will try the address book option again. Based on your comments the reason the address book option did not work for me when I tried it could be that I only linked some employees to an address book and thus the employees not linked were visible as well. I will try it again now.
Thank you for your prompt response Edward. Will this enable me to limit access by Department or only by Legal Entity?
[UPDATED] remark for Edward removed as it was related to other Security policies.
Hi Lourens,
In your question you mentioned all options. Also a specific customization is possible, but I would suggest XDS or Address books.
The address books option is working with two conditions:
- Enable 'Secure by address book' on the Global address book parameters. It will enable some out of the box XDS policies and a record is inserted in a certain table.
- Don't assign the System administrator role as this role bypasses all security, also XDS policies.
Then you can assign the address books to teams and the workers. A worker without Address book will also be visible.
The basic HCM XDS Policies are already available by default, only not activated in the AOT.
To do so you need to naviate in the AOT to the Security node, than the Policies node and than select one by one:
HcmEmploymentLegalEntity
HcmWorkerLegalEntity
Put the parameter "enabled" in the properties dialog to "yes".
Than you need to assign legal entities to the user roles where you want to have the limitations.
Kind Regards,
Edward Moll
Technical Consultant
FourVision HR Plus
www.fourvisionhrplus.nl
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
André Arnaud de Cal... 290,142 Super User 2024 Season 2
Martin Dráb 227,979 Super User 2024 Season 2
nmaenpaa 101,148