Tuesday, June 24, 2008

The ABCs of Workflow for Oracle E-Business Suite Release 11i and Release 12-Shining a Light on Oracle Workflow...Now Available For Sale

Have you always wanted to know more about Workflow, but found yourself overwhelmed and mystified? Do you think your E-Business Suite Workflow environment needs to be tuned, but aren’t sure where to start? Are you curious to know the future of Workflow and BPEL? Would you like to see an example of how to convert a Workflow into a BPEL?

We have your solution! Solution Beacon and OAUG have joined forces once again to bring you a comphrensive book surrounding Workflow. The ABCs of Workflow for Oracle E-Business Suite Release 11i and Release 12 is now available for sale online.

Workflow is Oracle’s E–Business Suite tool for modeling business processes. Workflow combines procedures performed by the computer with a system of notifications that allow humans to better direct the computer how to proceed. This book provides a very thorough explanation of the various components of Workflow. You’ll learn step by step how to develop and test custom workflows, and how to administer Workflow using OAM, the Workflow Management screens, and Oracle Diagnostics.

This book also explains how the underlying tables store the data generated by Workflow, and how to perform the setups required for a few of the most commonly used Oracle workflows. The book also includes SQL scripts amd sample procedures that we use at Solution Beacon to assess and solve Workflow problems, as well as DBA topics like cloning considerations and partitioning Workflow objects.

We have also provided two special sections. The first section explains the use of Approvals Management Engine (AME) in Workflow and includes several case studies for developing approval rules. The second section gives an overview of BPEL and explains how to transform the workflow used in this book into a BPEL process.

Workflow is used pervasively throughout the E-Business Suite. If you’re running E-Business Suite Release 11i or Release 12, you’re using Workflow! The ABCs of Workflow should be on the desk of every Workflow Developer, Workflow Administrator, Workflow Junior Administrator, Applications System Administrator, Applications Database Administrator and Functional SuperUser.

Visit our online bookstore to purchase your copy today! http://stores.lulu.com/store.php?fAcctID=83172

Thursday, June 19, 2008

Want to Add a Responsibility? How about Oracle User Management?

When you think of adding a new responsibility to an existing E-Business Suite user, does System Administrator come to mind? Visions of going to the Define User form, tabbing down and finding the new responsibility to add? Did you know that you can add responsibilities to a user through Oracle User Management? Let’s step through how this can happen together. Below I have setup a brand new user without any responsibilities.

Further evidence that there are no responsibilities tied to this user is in the screenshot below where I have logged into this new userid – notice there are no responsibilities listed.

Next, let’s login into the Oracle User Management responsibility and query up the new user “BOYWONDER” where we see again that there are no roles nor responsibilities assigned to this user:

Now let’s go find the US Super HRMS Manager responsibility and assign that responsibility to BOYWONDER as follows:

Now let’s re-query up BOYWONDER to see that the US Super HRMS Manager responsibility has been added in Oracle User Management as follows:

Now, let’s switch over to System Administrator and requery up BOYWONDER to see if the responsibility shows there:

As you can see, the responsibility has been added through Oracle User Management just as if it had been added through the System Administrator responsibility. Lastly, let’s log back into BOYWONDER and see if he is now a Super HRMS Manager for the US:

And there you have it – BOYWONDER is now an HRMS super hero in good standing. System Administrator? Who needs it – there’s a new super hero in town!

Tuesday, April 29, 2008

New Feature for Release 12 – “Manage Proxies”

Ever wanted to get even with those pesky auditors that are always making life more difficult than it has to be just to achieve some level of controlled nirvana? Well, I have just the prescription in the form of a new feature in Release 12 called “Manage Proxies” – this new feature is guaranteed to send the auditors into counseling! This new powerful feature allows Release 12 users to designate a proxy user which can then assume, takeover, inherit, (insert your favorite verb here ______) all, yes ALL, the accesses possessed by the granting user. According to the Release Control Document for Release 12, the rationale behind adding this feature is to allow administrative assistants the ability to manage approvals for their too busy executives; however, there are other ways to accomplish this within the Approvals Management Engine (AME) that doesn’t bring all the controls baggage with it like the “Manage Proxies” function does. To setup a proxy user, all it takes is the assignment of the “Manage Proxies” role which then causes the “Manage Proxies” selection to appear when Preferences are selected from the granting user’s home page (see below). Clicking on the “Manage Proxies” link takes the granting user to a page where one or more proxy users can be added.

Once the “apply” button is hit, then auditor heartburn occurs! The next time the proxy user(s) logs in he/she has “Switch User” displayed in the upper right hand corner of their home page as shown below.

All the proxy user has to do is “Switch User” and bingo, the proxy user now has all the responsibilities from the granting user and can masquerade as that user until the proxy is revoked by the granting user which is shown below.

Of course the proxy user can exercise a very deep philosophical action called “Return to Self” which reverts the proxy user to their original list of responsibilities, but until self actualization occurs, Release 12 schizophrenia exists in all its glory! The only problem is that the mental health hit is not realized by the proxy user nor the granting user – but the poor auditor which discovers this new feature in Release 12 called “Manage Proxies” – enjoy and don’t say you weren’t warned!!!!

Wednesday, April 9, 2008

Some New Thoughts for an Old Friend (iSetup)

Oracle has given an old friend a facelift in Release 12. Among some of the nips and tucks you will find the ability to create custom selection sets, comparison reports between multiple environments and a new process flow that promotes “Transformation” to a process all by itself. In addition to congratulating “Transformation” on it’s new found level of achievement, let’s dive in and discover what the new and improved Release 12 version of iSetup has in store for us, ok?

The integration between iRepository and iSetup has been strengthened in that any interface and/or API that is defined to iRepository can be defined to iSetup which is the underpinning for creating custom selection sets within iSetup. This opens up the playbook for iSetup by providing access to data objects never before experienced and if iSetup can get to those data objects, that means migration nirvana can be achieved between environments for those objects. What is even more impressive is how Oracle has reinforced iRepository with all the open API’s and interfaces in and out of the E-Business Suite footprint. This allows for a higher degree of reach for iSetup into data objects heretofore unreachable.

Next consider running a comparison report, but only being able to run the comparison against one environment? How counter-intuitive is that? Doesn’t comparison infer checking one environment against another? Well, now the comparison reporting function does just that, it can be pointed to multiple environments and behold, comparison deltas are reported – how cool is that?

Lastly, let’s turn our attention back to our friend “Transformation” which just got promoted. The process flow for 11i iSetup is below:

And now here is the new and improved process flow for Release 12:

You will notice that you don’t have to run a load process any longer in order to perform a transformation of your data objects.

One important note on iSetup that hasn’t changed is that the source and target environments must be at the same version of E-Business Suite, keeping iSetup geared for implementations and migration of configuration changes between environments.

Would enjoy hearing about your experiences with iSetup and get your reactions to the Release 12 improvements.

Wednesday, February 20, 2008

Role Based Access Control (RBAC), Oracle User Management (UMX) and Release 12

There are three dynamics that come together in Release 12 to produce inflection points where increased levels of access may not have adequate enough controls surrounding them. First and foremost is the emergence of OAFramework applications within the Release 12 footprint which is depicted in the chart to the left.

One of the reasons this is so important is that OAFramework applications look to Oracle User Management (UMX) roles for their security framework which means ever increasing levels of access are being granted through UMX roles rather than through traditional system administration responsibilities and menus. An example of one of these inflection points is in Oracle Cash Management where bank accounts are assigned to Legal Entities through the granting of a specific UMX role. In fact, Oracle Cash Management was redeveloped in OAFramework in Release 12 which is probably a template that Oracle will follow for other applications in future releases.

This emergence of OAFramework challenges our traditional ways to audit the various access levels across the Release 12 footprint. As we all know, Oracle designs “great privilege” into their base deliverables as evidenced by the Payables Manager responsibility and the General Ledger Super User responsibility. “Great privilege” is the second dynamic that is submitted for your consideration. I trust nobody is using the out-of-the-box responsibilities in their production environments, but if “great privilege” is designed into traditional system administration access levels, what about the OAFramework/UMX roles?

Couple “great privilege” with our third dynamic, “inheritance” and you have just poured fuel on the roaring controls fire we’ve been building. “Inheritance” is where a new person inherits all application accesses from another person who has been performing the same role for some period of time. Usually inheritance is a good thing, but in this case, the new AP clerk just inherited all accesses from the other AP clerk who may have been working at that company for 20 years. So, in one simple authorization, the new AP clerk now has 20 years worth of accesses which may or may not be understood, intended nor authorized.

So, let’s recap, there are three dynamics at play here (1) emergence of OAFramework and UMX roles, (2) “great privilege” being designed by Oracle and (3) the ease of “inheritance” which erodes individual authorizations across the Release 12 footprint. Role Based Access Control (RBAC) can mitigate these three dynamics if adopted and designed appropriately. In our next post, we will take a deeper look at RBAC to understand what it is and how it can be designed and deployed at your company to effectively mitigate the new controls inflection points created in Release 12 where traditional system administration meets the emergence of OAFramework and UMX.