ERP Associates, Inc. - Special Roles in PeopleTools

Special Roles in PeopleTools

Monday, 13 February 2006

Update: You may find a more current version of this article in the PS Corner Wiki.

PeopleSoft has several special roles that drive functionality in the application, but either don't have any permission lists or do things beyond what their permission lists grant them. They are ReportDistAdmin, ReportSuperUser, ProcessSchedulerAdmin, PeopleSoft Administrator and Portal Administrator.

ReportDistAdmin - This role is for Report Distribution Administrators. They have access to view all PeopleSoft reports -- even if the report was run by another user or they would otherwise have no access to the report. They are also allowed to delete the report entry and update the distribution list / expiration date of a report entry in Report Manager.

ReportSuperUser - This is for Report Super Users. They are allowed to delete their own report entries, update the distribution list and set the expiration date of the report entries they have access to in Report Manager.

ProcessSchedulerAdmin - A user with this priviledge has the ability to update any definitions in Process Scheduler Manager and view all of the process requests in Process Monitor.

You can find more information on the special report distribution roles in PeopleBooks at Process Scheduler > Process Scheduler Report Distribution > Granting Report Manager Administrative Roles. You can find more information about the ProcessSchedulerAdmin role in PeopleBooks at Process Scheduler > Process Scheduler Administration > Setting up Process Scheduler Security.

PeopleSoft Administrator gives full access to all menus and pages in the PSAUTHITEM table. This role does NOT necessarily have any access to data. The data security is given through the Primary and Row level permission lists assigned directly to the user profile.

Portal Administrator gives Portal access to see all folders and content references, but it doesn't give PIA security access to all menus and components. This special Role is needed for somebody doing portal administration where they need to see all folders and content references, when running Portal Security Sync, and/or running the Portal Upgrade Application Engine program. If you clone this role you will not get the same access in the cloned role because the role name is hard-coded into PeopleTools. (Thanks to Rich Manalang for pointing out this one).

These may not be the only roles without permission lists in your PeopleSoft application. Workflow functionality and report distribution lists can both be driven by an operator roles -- no permission lists required. In addition, You may find roles like "Vice President" that are hard-coded in PeopleCode that drive application-specific functionality.

Comments (2)