Setting Up Distributed Security for Partner Users

This chapter provides an overview of distributed security for partners, and explains how to:

Click to jump to top of pageClick to jump to parent topicUnderstanding Distributed Security for Partners

Distributed security or delegated administration provides the ability to delegate administrative responsibility to multiple administrators and managers in an organization in a secured fashion. Distributed security for partners enables partner administrators to set up team members for the user groups they manage and also define subordinate user groups. Given the potentially large numbers of partners that an enterprise can do business with, it is absolutely critical for a partner to be able to manage application access and permissions for their own employees.

Centralized administration in a partner-intensive environment is extremely complex to manage and often doesn’t scale in practice. By allowing partners to self-register, setup users, maintain their own profiles, and create and manage their own organizational groups, PeopleSoft’s PRM solution addresses the need to simplify and decentralize partner management.

For distributed security and partner self-service requirements, the enterprise channel operations manager determines what roles and access privileges a partner administrator is allowed to assign when he creates additional accounts for partner employees. Ideally, a partner administrator should be able to customize the access privileges and further restrict what a partner user has access to, as long as any new access combination still remains within the confines of what the enterprise channel manager delegated in the first place.

Following is an example of delegated security where the Enterprise Administrator or Channel Manager sets up user groups in the organization hierarchy for each partner company, for example ABC Warehouse, B&Y Inc, and Classic Warehouse.

Sample organization hierarchy

Click to jump to top of pageClick to jump to parent topicUnderstanding the Distributed Security Process Flow

The following diagram illustrates a distributed security process flow. Your enterprise may define a different process flow to suit your unique business needs.

Distributed security process flow for the enterprise channel manager

As the first step in the distributed security process, the partner company applies, and provides information about the company and a single point of contact, such as a partner administrator. The enterprise administrator sets up user groups in the organization hierarchy for each partner company. Once the enterprise completes the task of setting up partner user groups, an email notification is sent to the partner administrator. The enterprise grants the designated partner administrator access to the system.

Distributed security process flow for the partner administrator

The partner administrator can now define teams and maintain the hierarchy for their organization. For example, the partner administrator for ABC Warehouse has the ability to set up multiple team members in the ABC Warehouse user group. This feature enables the partner administrator to add subordinate groups below the ABC Warehouse user group. The Territory tree is used to model the partner organization hierarchy.

The partner administrator can create partner employees in the system by defining User IDs and default passwords and automatically emailing this information to the respective users.

Distributed security also provides the partner administrator with maintenance functionality. The partner administrator can:

See Also

Setting Up Security for Partners

Click to jump to top of pageClick to jump to parent topicSetting Up Distributed Security for Partner Users

This section discusses setting up distributed security for partner users.

Click to jump to top of pageClick to jump to parent topicPages Used to Set Up Distributed Security for Partner Users

Page Name

Object Name

Navigation

Usage

Partner Company

RD_PTNR_ORG

Partners CRM, Search Partner Company, Partner Company, Summary, Organization

Create a partner organization structure.

Manage Partner Users

RD_PTNR_USER_SRCH

Partners CRM, Manage Partner Users, Manage Partner Users

Add partner users.

Tree Manager

PSTREEMGR

Tree Manager, Tree Manager

Add partner user groups to the territory tree.

Click to jump to top of pageClick to jump to parent topicSetting Up Distributed Security

This section discusses how to:

Click to jump to top of pageClick to jump to parent topicCreating a Partner Organization Structure

Access the Partner Company - Organization page.

Organization Tree

Select the organization tree that the partner organization will belong to.

Note. The tree prompt is restricted to those that the Enterprise user has access.

 

Parent Organization

Select the parent organization for the tree. The prompt is restricted to those organizations or territories that have Business Units that are related to the setID of the Partner company.

 

Partner Organization

Enter the name of the partner organization.

 

Description

Enter the short description of the partner organization.

 

Lead Assignment

The system displays the lead assignment. The lead assignment is defaulted from the Parent Organization Lead Assignment and copied to the Partner Organization.

 

Business Unit

The system displays the business unit. The Business Unit is defaulted from the Parent Organization Business Unit and copied to the Partner Organization.

 

Create Partner Organization Group

Click the Create Partner Organization Group to create the partner group.

Click to jump to top of pageClick to jump to parent topicAdding Partner Users

Access the Manage Partner Users page.

Use this page to add users to the user group. The user can also update Password information through self-service. Select a role for each user.

See Creating and Managing Partner Users.

Click to jump to top of pageClick to jump to parent topicAdding Partner User Groups/Child Territories to the Territory Tree

Access the Search Territories page under Sales, Search Territories menu.

The Sales Territory tree is used to model the partner organization. This organization hierarchy can be setup using the pages above, or the enterprise administrator or channel manager can access the territory tree in sales to add partner user groups and sub-organizations.

See Working with Territories.

Click to jump to top of pageClick to jump to parent topicManaging Partner User Groups in Self-Service

This section discusses:

Click to jump to top of pageClick to jump to parent topicPages Used to Manage Partner User Groups in Self-Service

Page Name

Object Name

Navigation

Usage

Manage Profile

RX_NAME_SIGNIN

Change Profile Info, Manage Profile

Change user name or password.

Register Users - User Information

RD_PTNR_USER_SRCH

Register Users, Register Users, User Information

Administer users in the partner user group.

Additional Roles

RD_PTNR_USER_ROLES

Click the Additional Roles icon.

View, add, or delete additional roles for the user.

Register Users - Organization Group

RD_PTNR_USER_SRCH

Register Users, Register Users, Organization Group

Add users to groups within the partner organization.

Search Organization Groups

RSF_TR_PTNORG_SRCH

Search Organization Groups

Search for groups in which the user is the owner or the manager or both.

Click to jump to top of pageClick to jump to parent topicManaging Profiles

Access the Manage Profile page.

Users can change their names or passwords on this self-service page.

Click to jump to top of pageClick to jump to parent topicManaging Partner User Groups

Access the Register Users - User Information page. The Register Users page will list all of the partner users for the partner company associated with the partner administrator that is logged in. The partner company is derived from the User Preference information associated with the partner administrator.

The partner administrator uses this self-service page to administer the users in the partner organization. The administrator can add or delete users and keep track of all users within the partner organization. Multiple roles can be selected for the user. It is required to add EOPP_USER and PAPP_USER roles to get access to PeopleSoft system. Besides these two roles, the Partner Administrator should select additional roles such as Partner Representative or Partner Sales Manager as appropriate for each user created. Note that in order to view, assign or delete multiple roles to a user, use the Additional Roles icon next to the role drop down.

Adding Multiple Roles for a User

Access the Additional Roles page.

You can view all roles for a user and add or delete roles as required.

Click to jump to top of pageClick to jump to parent topicManaging Partner Organization Groups

Access the Register Users - Organization Group page.

Partner administrators can view or change the organization group for registered users. Users can also be defined as the Group Owner.

Click to jump to top of pageClick to jump to parent topicSearching Organization Groups

Access the Search Organization Groups page.

Partner administrators can search for and view organization groups for which they are the manager, the owner, or both.