Question 1:While creating internal Bank Account, Legal entity is not
popping up.
You have created a Bank and LE but when you try to access LE at Bank Account Manager Page , LE is not visible internal bank account creation window?
Looks like you have issue with the following:
The roles are not assigned to user when a responsibility has been added.
For a big organization where:
1). You have hundreds of Orgs and thousands of users with new users added almost every day.
2). If you have to grant Bank Account creation rights user by user it will be a maintenance nightmare for system administrator.
3). Oracle core access design is tied at different levels like Site, Organization, Responsibility, User etc.
Solution
(1). If you are unable to see: 'User Management' then:
1. Use Management is part of Sysadmin.
UMX Error: 'There are no functions available for this responsibility' And/Or
'There are no valid navigations for this responsibility' when Accessing 'User Management'
Responsibility.
1). System Administrator -> Security -> User -> Define
2). Add the 'User Management' Responsibility to user <testuser>
3). Save work
4). Use the "Hat" function to switch your responsibility to 'User Management' or
1. Log into the applications as SYSADMIN User.
2. Choose User Management responsibility.
3. Navigate to Users web page.
4. Search and find the user you want to inherit the Security Administrator and Customer Administrator Roles.
5. Click on Update Icon.
6. Click on Assign Roles button.
7. Find and choose 'Security Administrator' Role.
8. Apply.
9. Repeat the Steps (6-8) for 'Customer Administrator' Role.
10. Log as the user who was assigned User Management Responsibility and facing the issue.
11. Retest the issue.
12. Migrate the solution as appropriate to other environments.
2. If you are unable to get to this then please create another SR with ATG (510) to get help.
(2). CE Bank Account Security setup wizard
1) Login as System Administrator
2) Select User Management responsibility
3) Select Roles and Role Inheritance menu function
4) Create (or query an existing) Role.
5) Click Security Wizards button and Run Wizard - CE UMX Security wizard
6) Click Add Legal Entities button, select your LEs and check Use, Maintenance
and Bank Account Transfers to reflect the activities for this Role.
check-box. Apply
8) Assign this role to your user (using the Users tab)
(3). Role & Grants:
You can create one role granting access to different legal entities and attach it to multiple users.There is no need to create new role for every user. Let's take an example.
Suppose there are 3 legal entities LE1,LE2 & LE3. You can create a role naming 'Bank Account Access' and attach LE1,LE2 and LE3. While attaching the LE, you can specify the access rights for each of these LEs. This role 'Bank Account Access' can be attached to any user for whom the Bank Account Access has to be provided.
(4). LE BANK OWNER's:
LE is not being shown in Bank Owner list of values when the user create a new bank account.
1. Log in as Sysadmin.
2. Go to the User Management Responsibility.
3. Path: Roles & Role Inheritance
4. In the Type field select Roles and Responsibilities
5. Wait until a new field appears, you will see the category field, please select Miscellaneous
6. In the Application select 'Cash Management' and click on GO button.
7. Search your Cash Management responsibility or role that you are using to create your bank account.
8. Click on the update icon.
9. A new window will be displayed, please click in the Security wizard button.
10. For CE UMX Security wizard click on the Run Wizard.
11. In this window you should add the legal entities that you want to grant the access to all the bank accounts within a legal entity and choose the privilages
that you want to assign to this role on the bank accounts such as: USE, MAINTENANCE and BANK ACCOUNT TRANSFERS.
12. Save and apply the changes and then verify in Cash management responsibility if you now are able to see that legal entity in the bank account creation form.
Note: 415529.1 R12: Unable to See the Legal Entity List of Value in the Bank Account Owner Field
(5). Try to find new LE to for Bank Account Owner does not show up in LOV
Investigation sql:
Take results in excel with column headings:
a.
select * from ce_system_parameters;
b.
select * from xle_entity_profiles;
1. GL you have:
NAME LEGAL_ENTITY_ID LEDGER_ID LEDGER_NAME
XYZ Inc. 23,275 2,022 M LEDGER
XYZ OL 25,273 2,041 O Ledger
2. In CE you have:
SET_OF_BOOKS_ID CASHBOOK_BEGIN_DATE LEGAL_ENTITY_ID
2,022 01/01/2009 00:00:00 23,275
You have not defined in CE all the LE.
3. Please define ce system parameters accordingly.
4. Legal Entity is to be assigned to Cash Management responsibility.
Please do AS PER (4).
Question 2: A bank account can not be updated as the UPDATE ACCOUNT button is disabled?
A1: This happens when the User do not have access for Maintenance of bank accounts.
Please go to User Management and verify the access for the User/Responsibility:
Please note: In Release 12 Bank Accounts are owned by Legal Entities and can be accessed by multiple Operating Units. In Prior Releases the Bank Accounts were Operating Unit Specific. For all Internal Banks you must assign a Legal Entity. If the Legal Entity has been configured and it does not appear in the List Of Values in the Bank Account setup then you may need to run the CE UMX Security Wizard to ensure the Legal Entity is available to the Responsibility you are using to access Cash Management.
Run CE UMX SECURITY WIZARD:
1. Login as System Administrator user and then switch responsibility to User Management.
2. Click in Roles & Role Inheritance link
3. Do the following search:
- Type: Role and Responsibilities
- Category: Miscellaneous
- Application: Cash Management
Choose the Cash Management responsibility where you want to create and maintain bank accounts.
4. Click in the Update icon
5. Click in Security Wizard button
6. Run the Wizard for CE UMX Security wizard.
7. Click in Add Legal entities and add the legal entity you will give to the
selected role access to the all bank accounts within this legal entity
and choose grants that you want to assign to this role on the bank accounts of this legal entity
( Use, Maintenance, Bank Account Transfers )
8. Click in the Apply button and then click in the save button.
9. Assign this role to your user (using the Users tab)
10. Now try to create or update a bank account in the chosen Cash Management Responsibility
Question 3: When you try to use the "User Management" responsibility and it is Error:
"No valid navigation available for this menu"
: Steps to follow:
1. Change the setup for the associated user adding the Security Administrator Role to them using the system administrator responsibility.
Login as the sysadmin user and add the Security Administrator Role to the intended user. The Security Administrator Role is a role available within User Management.
2. Also add the Functional Administrator administrator responsibility as you must assign the functional and security administrator and then you should have menu choices.
Using the Functional Administrator responsibility:
a. Chose Core Services tab then Menus
b. Under Navigation Menus
c. Select Menu >> UMX_ADMIN_AND_SETUPS_TAB
d. Click Update
e. -= Menu Manager =-
f. Check "Grants" to activate
3. Please retest the issue.
4. If the issue is resolved, please migrate the solution as appropriate to other environments.
Bug: 13580446 - R.TST122:DAILYBUILD:IN USER MANAGEMENT, TABS ARE NOT DISPLAYED.
Question 4: When you try to open the form of Setup -> Banks -> Bank Accounts, it Error:
You have encountered an unexpected error. Please contact the System Administrator for assistance. JBO-30003: The application pool
To implement the solution, please execute the following steps in test instance::
1.Set the 'MO: Security Profile' profile option at Responsibility level as required.
a. Using System Administrator Responsibility.
b. Navigate to Profiles > System.
c. Query for the Responsibility used and for Profile: 'MO: Security Profile' .
d. Kindly check the value attached to the security profile: 'MO: Security Profile' .
e. If security profile is not set, attach a value to it.
2. Run Security List Maintenance concurrent program (from HRMS responsibility).
While running the concurrent program choose the right parameters. Like 'Generate List for'
parameter must have a value which depends upon the kind of security profile you are running. If
your security profile is global then choose 'All Global Security Profile' from the list. For
non-global choose All Security Profiles.
3. Restart Apache server.
4. Retest the issue.
Question 5: What level System Profile option can be updated ?
A change has been made to HRMS Security to enable you to set up security for Oracle Financials and Manufacturing applications that use organizations and organization hierarchies in their business views.
To do this, you create a single security profile that secures data either by single operating unit or by operating unit and inventory organizations, as required.
You must also set the MO:Security Profile profile option at site or application level, to point to this new security profile.
To establish multi-operating unit access for some business view users, you can create for each type of user a security profile that secures organizations by organization hierarchy, using the existing security profile functionality. You can then set the MO:Security Profile option at responsibility level for these
users. the HR:Security Profile profile option is used. This function is called by financials and manufacturing business views.
The View All Organizations check box in the Organization Security tab of the Security Profile window has been replaced by the Security Type poplist, which contains four options:
- View all organizations (no security) Existing Option. This replaces checking the View All Organizations checkbox.
- Secure organizations by organization hierarchy Existing Option. This replaces unchecking the View All Organizations checkbox.
- Secure organizations by single operating unit New option
- Secure organizations by operating unit and inventory organizations New option.
Q7: What is the MO:Operating Unit profile option used for?
A: The MO:Operating Unit profile option must be set to the appropriate value at either the Responsibility or User level.
This profile option is used to distinguish which Operating Unit will be used by the users that login into Oracle Applications.
Q8: What is MO Security Group profile ?
A:Please note that in R12 bank accounts are owned by legal entity. The bank account access page is used to provide access of the bank account to a particular operating unit. The operating units for which the access can be provided is controlled by the MO: security profile.
In summary, users can see and maintain the bank accounts that are owned by legal entity to which they have the access provided. For example, the user has access to LE1, then all the bank accounts where the account owner is LE1 will be displayed to the user. Please be very clear: User will have an access to a Bank Account (BA) if any of the following conditions satisfies:
*Bank Account Maintenance or Use security is setup up for LE (UMX Security wizard)
*MOAC security setup includes OU (based on MO:Security Profile)
*HCMS (Business Group) security setup include OU (HR:Business Group)
*Treasury user security setup includes LE ( from treasury user access)
Q7: How Bank Account Security is implemented using the UMX data security?
Bank Account Security:
Two different security mechanisms are provided to secure bank accounts: Bank Account Maintenance security and Bank Account Access security. At a high level, Bank Account Maintenance security secures the creation and update of bank account data,
whereas Bank Account Access security secures user access of the bank accounts
Bank Account Maintenance Security:
In Bank Account Maintenance security setup, you can assign one or more legal entities to each role (responsibility). In the creation flow, the Bank Account Owner LOV will display only the legal entities that are assigned to your role in this security setup. In the update flow, users can only query the bank accounts whose owner is assigned to your role.
Note: When a user is assigned to multiple roles with multiple Bank Account Maintenance Security setups, all security rules are defined for the user even though the user may access the application through only one particular role.
Bank Account Maintenance Security is implemented using the UMX data security model. A setup wizard called Cash Management Security Wizard facilitates the setup procedure.
Bank Account Access Security:
The Bank Account Access security rule feature is built on top of Bank Account Access Setup and Cash Management Security Profiles. Bank Account Access setup provides a list of organizations that have access to a given bank account; whereas Cash
Management Security Profiles provides a list of organizations an application user has access to. If there is at least one common organization between Bank Account Access setup and Cash Management Security Profile then users will be granted access to the bank account. For example, if bank account 101 has account access setup with operating unit OU1, and if user OPERATIONS has access to OU1 in the profile, then the user can view and use bank account 101.
Q9: How to define Legal Entities?:
If you plan to record accounting transactions for one or more legal entities, you can use Oracle
Legal Entity Configurator or the Legal Entities tab in Accounting Setup Manager to define your
legal entities.
Using Accounting Setup Manager, Legal Entities tab:
Navigation : Setup >Financials > Accounting Setup Manager > Accounting Setups
Tab : Legal Entity
Button: Create Legal Entity
You have created a Bank and LE but when you try to access LE at Bank Account Manager Page , LE is not visible internal bank account creation window?
Looks like you have issue with the following:
The roles are not assigned to user when a responsibility has been added.
For a big organization where:
1). You have hundreds of Orgs and thousands of users with new users added almost every day.
2). If you have to grant Bank Account creation rights user by user it will be a maintenance nightmare for system administrator.
3). Oracle core access design is tied at different levels like Site, Organization, Responsibility, User etc.
Solution
(1). If you are unable to see: 'User Management' then:
1. Use Management is part of Sysadmin.
UMX Error: 'There are no functions available for this responsibility' And/Or
'There are no valid navigations for this responsibility' when Accessing 'User Management'
Responsibility.
1). System Administrator -> Security -> User -> Define
2). Add the 'User Management' Responsibility to user <testuser>
3). Save work
4). Use the "Hat" function to switch your responsibility to 'User Management' or
1. Log into the applications as SYSADMIN User.
2. Choose User Management responsibility.
3. Navigate to Users web page.
4. Search and find the user you want to inherit the Security Administrator and Customer Administrator Roles.
5. Click on Update Icon.
6. Click on Assign Roles button.
7. Find and choose 'Security Administrator' Role.
8. Apply.
9. Repeat the Steps (6-8) for 'Customer Administrator' Role.
10. Log as the user who was assigned User Management Responsibility and facing the issue.
11. Retest the issue.
12. Migrate the solution as appropriate to other environments.
2. If you are unable to get to this then please create another SR with ATG (510) to get help.
(2). CE Bank Account Security setup wizard
1) Login as System Administrator
2) Select User Management responsibility
3) Select Roles and Role Inheritance menu function
4) Create (or query an existing) Role.
5) Click Security Wizards button and Run Wizard - CE UMX Security wizard
6) Click Add Legal Entities button, select your LEs and check Use, Maintenance
and Bank Account Transfers to reflect the activities for this Role.
check-box. Apply
8) Assign this role to your user (using the Users tab)
(3). Role & Grants:
You can create one role granting access to different legal entities and attach it to multiple users.There is no need to create new role for every user. Let's take an example.
Suppose there are 3 legal entities LE1,LE2 & LE3. You can create a role naming 'Bank Account Access' and attach LE1,LE2 and LE3. While attaching the LE, you can specify the access rights for each of these LEs. This role 'Bank Account Access' can be attached to any user for whom the Bank Account Access has to be provided.
(4). LE BANK OWNER's:
LE is not being shown in Bank Owner list of values when the user create a new bank account.
1. Log in as Sysadmin.
2. Go to the User Management Responsibility.
3. Path: Roles & Role Inheritance
4. In the Type field select Roles and Responsibilities
5. Wait until a new field appears, you will see the category field, please select Miscellaneous
6. In the Application select 'Cash Management' and click on GO button.
7. Search your Cash Management responsibility or role that you are using to create your bank account.
8. Click on the update icon.
9. A new window will be displayed, please click in the Security wizard button.
10. For CE UMX Security wizard click on the Run Wizard.
11. In this window you should add the legal entities that you want to grant the access to all the bank accounts within a legal entity and choose the privilages
that you want to assign to this role on the bank accounts such as: USE, MAINTENANCE and BANK ACCOUNT TRANSFERS.
12. Save and apply the changes and then verify in Cash management responsibility if you now are able to see that legal entity in the bank account creation form.
Note: 415529.1 R12: Unable to See the Legal Entity List of Value in the Bank Account Owner Field
(5). Try to find new LE to for Bank Account Owner does not show up in LOV
Investigation sql:
Take results in excel with column headings:
a.
select * from ce_system_parameters;
b.
select * from xle_entity_profiles;
1. GL you have:
NAME LEGAL_ENTITY_ID LEDGER_ID LEDGER_NAME
XYZ Inc. 23,275 2,022 M LEDGER
XYZ OL 25,273 2,041 O Ledger
2. In CE you have:
SET_OF_BOOKS_ID CASHBOOK_BEGIN_DATE LEGAL_ENTITY_ID
2,022 01/01/2009 00:00:00 23,275
You have not defined in CE all the LE.
3. Please define ce system parameters accordingly.
4. Legal Entity is to be assigned to Cash Management responsibility.
Please do AS PER (4).
Question 2: A bank account can not be updated as the UPDATE ACCOUNT button is disabled?
A1: This happens when the User do not have access for Maintenance of bank accounts.
Please go to User Management and verify the access for the User/Responsibility:
Please note: In Release 12 Bank Accounts are owned by Legal Entities and can be accessed by multiple Operating Units. In Prior Releases the Bank Accounts were Operating Unit Specific. For all Internal Banks you must assign a Legal Entity. If the Legal Entity has been configured and it does not appear in the List Of Values in the Bank Account setup then you may need to run the CE UMX Security Wizard to ensure the Legal Entity is available to the Responsibility you are using to access Cash Management.
Run CE UMX SECURITY WIZARD:
1. Login as System Administrator user and then switch responsibility to User Management.
2. Click in Roles & Role Inheritance link
3. Do the following search:
- Type: Role and Responsibilities
- Category: Miscellaneous
- Application: Cash Management
Choose the Cash Management responsibility where you want to create and maintain bank accounts.
4. Click in the Update icon
5. Click in Security Wizard button
6. Run the Wizard for CE UMX Security wizard.
7. Click in Add Legal entities and add the legal entity you will give to the
selected role access to the all bank accounts within this legal entity
and choose grants that you want to assign to this role on the bank accounts of this legal entity
( Use, Maintenance, Bank Account Transfers )
8. Click in the Apply button and then click in the save button.
9. Assign this role to your user (using the Users tab)
10. Now try to create or update a bank account in the chosen Cash Management Responsibility
Question 3: When you try to use the "User Management" responsibility and it is Error:
"No valid navigation available for this menu"
: Steps to follow:
1. Change the setup for the associated user adding the Security Administrator Role to them using the system administrator responsibility.
Login as the sysadmin user and add the Security Administrator Role to the intended user. The Security Administrator Role is a role available within User Management.
2. Also add the Functional Administrator administrator responsibility as you must assign the functional and security administrator and then you should have menu choices.
Using the Functional Administrator responsibility:
a. Chose Core Services tab then Menus
b. Under Navigation Menus
c. Select Menu >> UMX_ADMIN_AND_SETUPS_TAB
d. Click Update
e. -= Menu Manager =-
f. Check "Grants" to activate
3. Please retest the issue.
4. If the issue is resolved, please migrate the solution as appropriate to other environments.
Bug: 13580446 - R.TST122:DAILYBUILD:IN USER MANAGEMENT, TABS ARE NOT DISPLAYED.
Question 4: When you try to open the form of Setup -> Banks -> Bank Accounts, it Error:
You have encountered an unexpected error. Please contact the System Administrator for assistance. JBO-30003: The application pool
To implement the solution, please execute the following steps in test instance::
1.Set the 'MO: Security Profile' profile option at Responsibility level as required.
a. Using System Administrator Responsibility.
b. Navigate to Profiles > System.
c. Query for the Responsibility used and for Profile: 'MO: Security Profile' .
d. Kindly check the value attached to the security profile: 'MO: Security Profile' .
e. If security profile is not set, attach a value to it.
2. Run Security List Maintenance concurrent program (from HRMS responsibility).
While running the concurrent program choose the right parameters. Like 'Generate List for'
parameter must have a value which depends upon the kind of security profile you are running. If
your security profile is global then choose 'All Global Security Profile' from the list. For
non-global choose All Security Profiles.
3. Restart Apache server.
4. Retest the issue.
Question 5: What level System Profile option can be updated ?
A change has been made to HRMS Security to enable you to set up security for Oracle Financials and Manufacturing applications that use organizations and organization hierarchies in their business views.
To do this, you create a single security profile that secures data either by single operating unit or by operating unit and inventory organizations, as required.
You must also set the MO:Security Profile profile option at site or application level, to point to this new security profile.
To establish multi-operating unit access for some business view users, you can create for each type of user a security profile that secures organizations by organization hierarchy, using the existing security profile functionality. You can then set the MO:Security Profile option at responsibility level for these
users. the HR:Security Profile profile option is used. This function is called by financials and manufacturing business views.
The View All Organizations check box in the Organization Security tab of the Security Profile window has been replaced by the Security Type poplist, which contains four options:
- View all organizations (no security) Existing Option. This replaces checking the View All Organizations checkbox.
- Secure organizations by organization hierarchy Existing Option. This replaces unchecking the View All Organizations checkbox.
- Secure organizations by single operating unit New option
- Secure organizations by operating unit and inventory organizations New option.
Q7: What is the MO:Operating Unit profile option used for?
A: The MO:Operating Unit profile option must be set to the appropriate value at either the Responsibility or User level.
This profile option is used to distinguish which Operating Unit will be used by the users that login into Oracle Applications.
Q8: What is MO Security Group profile ?
A:Please note that in R12 bank accounts are owned by legal entity. The bank account access page is used to provide access of the bank account to a particular operating unit. The operating units for which the access can be provided is controlled by the MO: security profile.
In summary, users can see and maintain the bank accounts that are owned by legal entity to which they have the access provided. For example, the user has access to LE1, then all the bank accounts where the account owner is LE1 will be displayed to the user. Please be very clear: User will have an access to a Bank Account (BA) if any of the following conditions satisfies:
*Bank Account Maintenance or Use security is setup up for LE (UMX Security wizard)
*MOAC security setup includes OU (based on MO:Security Profile)
*HCMS (Business Group) security setup include OU (HR:Business Group)
*Treasury user security setup includes LE ( from treasury user access)
Q7: How Bank Account Security is implemented using the UMX data security?
Bank Account Security:
Two different security mechanisms are provided to secure bank accounts: Bank Account Maintenance security and Bank Account Access security. At a high level, Bank Account Maintenance security secures the creation and update of bank account data,
whereas Bank Account Access security secures user access of the bank accounts
Bank Account Maintenance Security:
In Bank Account Maintenance security setup, you can assign one or more legal entities to each role (responsibility). In the creation flow, the Bank Account Owner LOV will display only the legal entities that are assigned to your role in this security setup. In the update flow, users can only query the bank accounts whose owner is assigned to your role.
Note: When a user is assigned to multiple roles with multiple Bank Account Maintenance Security setups, all security rules are defined for the user even though the user may access the application through only one particular role.
Bank Account Maintenance Security is implemented using the UMX data security model. A setup wizard called Cash Management Security Wizard facilitates the setup procedure.
Bank Account Access Security:
The Bank Account Access security rule feature is built on top of Bank Account Access Setup and Cash Management Security Profiles. Bank Account Access setup provides a list of organizations that have access to a given bank account; whereas Cash
Management Security Profiles provides a list of organizations an application user has access to. If there is at least one common organization between Bank Account Access setup and Cash Management Security Profile then users will be granted access to the bank account. For example, if bank account 101 has account access setup with operating unit OU1, and if user OPERATIONS has access to OU1 in the profile, then the user can view and use bank account 101.
Q9: How to define Legal Entities?:
If you plan to record accounting transactions for one or more legal entities, you can use Oracle
Legal Entity Configurator or the Legal Entities tab in Accounting Setup Manager to define your
legal entities.
Using Accounting Setup Manager, Legal Entities tab:
Navigation : Setup >Financials > Accounting Setup Manager > Accounting Setups
Tab : Legal Entity
Button: Create Legal Entity
Your post was very helpful for me. Thanks for sharing this post. Keep further posting. and Cash Management Outsourcing.
ReplyDelete