When I go into Admin - OBS, there are 4 listed. One Financial Dept OBS, One Financial Location OBS, a Master OBS and a Time Reporting OBS. The two financial OBS's are currently checked off as "used for access rights" but don't have any "units" associated with them.
The other two OBS's have units, the master OBS is assigned to projects and resources, the time reporting OBS is assigned to resources.
We are trying to setup an OBS that will allow us to streamline access rights for management, i.e. a Resource Manager would like to see the timesheets for ALL of their department and not just their direct reports assigned to them. Where can I find more information on OBS and how to set it up? They are looking to do this based on the ORG chart, however I feel it may be a little to complex to set it up that way.
Any help, guidance, best practices are definitely welcome here. If OBS isn't the best way to do what we are looking to do, what would be the best practice to achieve this ask.
Thank you in advance.
You could start with the Green Book on security
CA PPM - Implementing Security Green Book
and search this board for threads on security.
I would add security to the Time Reporting OBS and use that one, since it is already setup for time reporting and associated to resources. Go to the Administration > Organization and Access > OBS, select the OBS and click the Use for Access Rights button. Then you can use this for your access rights.
There are two ways to assign OBS rights.
The first is giving a right to a OBS unit which means that all the members have that right. There are not very many cases where that is practical as a resource can be associated with one unit only in an OBS.
The second one is giving rights to all instances (of projects, resources etc) that are associated with an OBS unit. That is more practical as a user can have many of these.
This type of right can also be given to groups which makes it easier to manage in that sense that the targets the instances association with the OBS unit are managed separately from the users who have the rights ie. the members of the group.
That is not the case if OBS rights are given directly to the users and even less so if instance rights are given to users.