Message Image

Skip main navigation (Press Enter).

Maximo Open Forum

View Only

Back to discussions

Expand all | Collapse all

Make all users have readonly access except for maxadmin

Trisha S02-14-2024 13:22

Hi, Can anyone help me with this? I have to make all active users have only readonly access( so that ...

Trisha S02-15-2024 05:31

Can anyone share their suggestion please? ------------------------------ Trisha S Tcs ------------------------------ ...

kendall wilson02-15-2024 09:16

Change the Security Group settings. If your people are not in Security Groups, you should ...

Adam Bearden02-16-2024 08:25

I agree with Kendall in a sense that if users only have read only access, why allow them in the system? ...

Adam Bearden02-16-2024 08:29

Make sure you change the settings to each security group for each application users have access to. ...

Biplab Choudhury02-16-2024 08:43

If you access to DB and Websphere then the simplest way to achieve this is by running the below steps: ...

Martin Fabra26 days ago

Hi @Trisha S ! This query will give you a list of security groups that have active users who are ...

1. Make all users have readonly access except for maxadmin

0 Like
Trisha S
Posted 02-14-2024 13:22

Reply Reply Privately
Hi,

Can anyone help me with this?

I have to make all active users have only readonly access( so that they do not make any changes) except for Maxadmins?

If i do manually it will take huge time, what are the other ways but which i make sure they have only read only access

Thanks

#Administration
#Analytics
#Architecture
#Assets
#CivilInfrastructure
#Customizations
#EndUser
#EverythingMaximo
#HSE/OilandGas
#Infrastructure
#Integrations
#Inventory
#IoT
#LifeScience/Calibration
#Linear
#MaximoApplicationSuite
#MaximoForAviation
#MaximoUserGroups
#Mobility
#Nuclear
#Procurement
#Reporting
#Scheduling
#Security
#ServiceProvider
#Spatial
#Transportation
#Utilities
#WorkCenters
#WorkManagement
#MaximoVisualInspection
#Predict
#Monitor
#Health
#Assist
#Safety

------------------------------
Trisha S
Tcs
------------------------------
2. RE: Make all users have readonly access except for maxadmin

0 Like
Trisha S
Posted 02-15-2024 05:31

Reply Reply Privately
Can anyone share their suggestion please?

------------------------------
Trisha S
Tcs
------------------------------

Original Message
3. RE: Make all users have readonly access except for maxadmin

0 Like
kendall wilson
Posted 02-15-2024 09:16

Reply Reply Privately
Change the Security Group settings.

If your people are not in Security Groups, you should look into using these.

Imagine you have 40 electricians, and they are all in the Electrician Security Group. You make the read only change once to the Electrician Security Group. Now all 40 of the electricians automatically receive the read only permission change.

Kendall Wilson

Maintenance Coordinator

Lucky Peak Power Plant

Original Message
4. RE: Make all users have readonly access except for maxadmin

0 Like
Adam Bearden
Posted 02-16-2024 08:25

Reply Reply Privately
I agree with Kendall in a sense that if users only have read only access, why allow them in the system? It would also potentially overload the administrators with data input when many administrators have other roles outside of the system. However, not everyone is the same understandably. In the security settings you can give read access to each group for each application. Really, if these groups only have read only, easiest to do is have two groups. MAXADMIN and EVERYONE else.

As Kendall mentioned, if you create a security group of Electricians, the change to read only is just one action. All personnel in that security group now is restricted from any function other than read only. What version are you working?

------------------------------
A.S. Bearden, GDIT
'ADAM'
------------------------------

Original Message
5. RE: Make all users have readonly access except for maxadmin

0 Like
Adam Bearden
Posted 02-16-2024 08:29

Reply Reply Privately
Make sure you change the settings to each security group for each application users have access to. So it will be a bit time consuming however not knowing your version and the amount of applications you have is a bit difficult to steer you in the direction you need to go.

------------------------------
A.S. Bearden, GDIT
'ADAM'
------------------------------

Original Message
6. RE: Make all users have readonly access except for maxadmin

1 Like
Biplab Choudhury
Posted 02-16-2024 08:43

Reply Reply Privately
If you access to DB and Websphere then the simplest way to achieve this is by running the below steps:

1. Stop Application Server

2. Delete from applicationauth where groupname not in ('MAXADMIN','MXINTADM') and optionname !='READ';

3. Start application Server

Highly recommended to test this in Lower environment before running this on PROD.

------------------------------
Biplab Choudhury
BPD Zenith Australia
------------------------------

Original Message
7. RE: Make all users have readonly access except for maxadmin

0 Like
Martin Fabra
Posted 26 days ago

Reply Reply Privately
Hi @Trisha S!

This query will give you a list of security groups that have active users who are not in MAXADMIN group. Then, from those groups, it will look for applications with INSERT, SAVE, and DELETE sigoptions.

What you should do is look in those Maximo security groups, in those applications and eliminate the check marks that are not READ.

select groupname, app, optionname from maximo.applicationauth where optionname in ('SAVE', 'INSERT', 'DELETE')
and groupname in (select groupname from maximo.groupuser where groupname not in ('MAXADMIN') and userid in (select userid from maximo.maxuser where status = 'ACTIVE')) order by groupname, app, optionname

Regards!

------------------------------
Martin Fabra
ARSAT S.A. - Actively seeking employment
------------------------------

Original Message

Powered by Higher Logic