In the Security Groups
application, you combine the independent
security groups or the security groups that are not independent to
generate a security profile.
When you combine security
groups, the following rules apply to
the authorization of general ledger components:
- If any of the
security groups to which a user belongs grants authorization
to change all general ledger components or specific general ledger
components, the security profile for the user reflects the maximum
amount of general ledger component authorization.
- If you do
not authorize a security group to change all general
components, and you do not authorize individual components for the
security group, a user cannot change general ledger components.
- The general ledger component authorizations specified for all
security groups that are not independent apply to all of the applications,
sites, and organizations for those security groups for the user.
- The general ledger component authorizations specified for an independent
security group apply exclusively to the applications, sites, and the
organizations associated with that security group.
The security profile of a user lists the authorizations for general
ledger components.