User Roles
Form ID: (SM201005)
You can use this form to create new roles and to assign roles to users. For each existing role, you can view the list of users assigned to it. If your system is integrated with Active Directory (AD), Azure Active Directory (Azure AD), or Active Directory Federation Services (AD FS), you can map the roles configured in MYOB Acumatica to the groups configured in the Active Directory domain. For more information, see Managing User Access.
A role is a set of access rights to specific modules or other system entities. Some users are assigned only one role, while others are assigned multiple roles in accordance with different sets of employee responsibilities. For more information about roles, see Configuring User Roles.
A guest role is a role that you configure to give restricted access to the website and to only particular modules. Roles marked as guest roles can be associated with contact-related user types, which are intended for users who are external to the company, such as partners or contacts. For more information, see User Access: Linked Entities and User Types.
Form Toolbar
The form toolbar includes standard and form-specific buttons and commands. For the list of standard buttons, see Form Toolbar and More Menu. The form-specific commands are listed in the following table.
| Button | Description |
|---|---|
| Reload AD Groups | Updates the list of user groups in MYOB Acumatica with current information from AD. This button appears only if the Active Directory and Other External SSO feature is enabled on the Enable/Disable Features (CS100000) form and you integrated MYOB Acumatica instance with AD, AD FS, or Azure AD, and when the number of users in AD or Azure AD is greater than or equal to 1000. |
Summary Area
This area contains the summary elements of the role you are creating or viewing.
| Element | Description |
|---|---|
| Role Name | The unique identifier of the role. Type the name of the new role, or select a role from the list of available roles. |
| Role Description | A detailed description of the role. |
| Guest Role | A check box that you select to indicate that the selected role is a guest role. |
Membership Tab
On this tab, you can view and update the list of users to whom the role selected (or entered, for a newly added role) in the Summary area is assigned.
The table toolbar includes only standard buttons. For the list of standard buttons, see Table Toolbar.
| Column | Description |
|---|---|
| Username | The login name of the user to whom this role is assigned. |
| Display Name | The combination of the First Name and Last Name on the Users (SM201010) form of the user selected in the Username column. |
| Status | The current status of the selected user (Active, Online, Disabled, Temporarily Locked). |
| Comment | Any comment that was provided for the selected user on the Users (SM201010) form. |
| Domain | The domain the user belongs to. This column appears if integration with Active Directory is enabled. |
| Inherited | A check box that shows (if selected) that the roles assigned to the user are defined by the AD group the user belongs to. If the check box is cleared, the roles were assigned specifically to the user. This column appears if integration with Active Directory is enabled. |
Active Directory Tab
This tab provides information about Active Directory domain groups mapped to MYOB Acumatica roles. The tab appears only if the Active Directory and Other External SSO feature is enabled on the Enable/Disable Features (CS100000) form and the integration of MYOB Acumatica with Active Directory or Microsoft Azure Active Directory has been enabled in the web.config file. For more information, see Integration with Active Directory and Integration with Azure Active Directory.
The table toolbar includes only standard buttons. For the list of standard buttons, see Table Toolbar.
| Column | Description |
|---|---|
| Group | The name of the domain group mapped to the role selected in the summary area. |
| Domain | The domain with which MYOB Acumatica is integrated. |
| Description | A more detailed description of the domain group from Active Directory. |
Claims Tab
This tab provides information about claims specified during the integration of MYOB Acumatica with Active Directory Federation Services (AD FS) which are mapped to MYOB Acumatica roles. This tab appears only if the Active Directory and Other External SSO feature is enabled on the Enable/Disable Features (CS100000) form and the integration of MYOB Acumatica with AD FS has been enabled in the web.config file. For more information, see Integration with AD FS.
The table toolbar includes only standard buttons. For the list of standard buttons, see Table Toolbar.
| Column | Description |
|---|---|
| Group |
The name of the domain group mapped to the role selected in the summary area. You must use the following format to enter the domain groups: <Domain>\<Domain Group>. |