Professional Documents
Culture Documents
Oracle R12 MOAC and its impact Setup the Security Profile: 1.Create a Security Profile in HRMS Responsibility HRMS Manager>Security>Profile In this setup specify different Operating Units that you want to Access. 2.Run the Security List Maintenance This is a required step when you create a new Profile or modify existing one.
3.Setup the MO: Security Profile value to above created security profile. This "MO: Security Profile" Profile option has to be setup at the responsibility level.This will ensure that Responsibility will have access to the data of all the Operating units under the Security Profile.
Important profile option MO: Security Profile: MO: Operating Unit: This comes from 11i and is still valid only its evaluated, if there is no value setup at MO:Security Profile. MO: Default Operating Unit If the security profile is setup to access multiple operating units, this requires users to select the Operating Unit every time user access the Sub ledger pages. To avoid this the Default Operating Unit profile can be setup. How MOAC impacts the way we work in TOAD 11i To set the Org id in TOAD 1. Get the Org_id from HR_ORGANIZATION_UNITS 2. In toad execute the below code begin fnd_client_info.set_org_context(&org_id); end;
To set the responsibility context in TOAD 1. Get the User id, Responsibility Id and Application id from Front end Help>Diagnostic>Examine and select BLOCK as "$PROFILES$" and then get the respective IDS 2. Using the IDs execute the below code in TOAD begin FND_GLOBAL.APPS_INITIALIZE(user_id in number,resp_id in number,resp_appl_id in number); end; R12: To set the Org id in TOAD 1. Get the Org_id from HR_ORGANIZATION_UNITS 2. In toad execute the below code --Sets the 201 as single Org id exec MO_GLOBAL.SET_POLICY_CONTEXT('S',201); Pass a value "S" in case you want your current session to work against Single ORG_ID Pass a value of "M" in case you want your current session to work against multiple ORG_ID's To set the responsibility context and initiate MOAC in TOAD
1. Get the User id, Responsibility Id and Application id from Front end Help>Diagnostic>Examine and select BLOCK as "$PROFILES$" and then get the respective IDS 2. Using the IDs execute the below code in TOAD a. exec FND_GLOBAL.INITIALIZE This will set your responsibility id, user_id etc b. call MO_GLOBAL.INIT('AR') This will read the MO profile option values for your responsibility/user, and will initialize the Multi Org Access. MOAC for table access In 11i _ALL Tables where non Org specific and Org specific views were created on these tables. But in R12 its different concept a. For the table AP_INVOICES_ALL a synonym AP_INVOICES_ALL is created in APPS. b. Also another synonym AP_INVOICES is created which refers to AP_INOICES_ALL. c. A Row Level security is applied to AP_INVOICES, using package function MO_GLOBAL.ORG_SECURITY. This can be double-checked by running SQL select * from all_policies where object_name='AP_INVOICES' e. The effect of this policy is that,whenever you access AP_INVOICES, Oracle RLS will dynamically append WHERE CLAUSE similar to below SELECT * FROM AP_INVOICES WHERE EXISTS (SELECT 1 FROM mo_glob_org_access_tmp oa WHERE oa.organization_id = org_id)
The above is the organization structure for Office Smart Solutions, which is a major office supplies retailer, headquartered in Naperville, Illinois, USA. The organization operates in three countries the US, Canada and India. Office Smart has an organization structure with the following:
2 Business Groups one in the US, which controls the organization structure in North America, and one in India 3 Legal Entities one in the US, one in Canada, and one in India 3 Primary Ledgers one in the US, one in Canada, and one in India 3 Operating Units one in the US, one in Canada, and one in India 5 Inventory organizations two in the US, one in Canada, and two in India Subinventories and locators exist beneath the inventory organizations, but they are not relevant for the session on multi org structures. With this, let us step back and reflect
Create an Organization Hierarchy as shown below. Here I have named it as "XXTech Vision". This is my Org hierarchy name. This has following heirarchy, Organization name (This would show-up all Organizations in the current business group): Vision Corporation --Vision Services --Vision Leasing --Vision Utilities
Once you set this up, you can see how your hierarchy looks like in the Organization Diagrammer as shown below,
Step 2- Create HR Security Profile as shown below (Navigation - Human Resources responsibility > Security > Profile) Enter the values as shown in the below picture.
Step 3- The final step of the setup is to attach the HR security profile just created to the "MO:Security Profile" profile for the responsibility to which you want to have the MOAC functionality as shown in the below picture,
Step 4- Run "Security List Maintenance" concurrent request, This process maintains the list of employees, organizations, positions, payrolls and applicants that security profile holders have access to. Schedule this request to run every night during quite hours if possible. If it is run when the users are logged in then users may experience unexpected results while doing transactions like additional employees / OUs may become visible or previously visible employees may no longer be visible for a brief period of time. Once the process completes then everything would work normal. If it does not run due to some reason then this can be manually run as shown in the picture,
Step 5- Test the setup Now navigate to "Payables Manager" responsibility > Invoices Workbench > Click on the LOV of OU > It would show up all the organizations (setup as operating units that were part of the security profile >
The Security List Maintenance concurrent program must be run each time you add or change Security Profiles.
There are three Profile Options you need to be aware of related to Multi-Org that should be set at the Responsibility Level. The R12 profile option MO: Security Profile is always evaluated first. The pre-R12 profile option MO: Operating Unit still works in R12. It is just a secondary priority being evaluated after MO: Security Profile. The R12 profile option MO: Default Operating Unit sets the default Operating Unit for transactions when running under a Security Profile. Many R12 applications modules do not work with MO: Security Profile set for a given responsibility.
They must only use MO: Operating Unit. Some even require all three Profile Options set. Examples: CRM Modules Certain GL Drill Down Functions (Trial and error determination of setups, no clear direction)
Now check the operating unit field in the orders screen Vision Operations defaults as the operating unit in the form per profile option setting for OM: Default Operating Unit at responsibility level