Skip to main content

Role Management

The Role Management screen is the editor for JD Edwards users and roles. JDE stores the description of each user and each role in the same table — the screen lets you maintain both from a single grid. One line per (User or Role).

Open a row to edit the description, attach roles, set the environments, run the security workbench import. The actions that JDE normally splits across the User Profile, Role Description and Security Workbench forms are collapsed into one dialog.

At a glance

Nomajde · Security Maintenance · Role ManagementUSER / ROLEDESCRIPTIONSEQUENCEFIN_BOOKKEEPERAP and GL bookkeeper10DUPONT.JDupont, Julien — Finance20PROC_BUYERProcurement buyer (PO release)15

Goal of the view

For each user or role in the JDE security catalogue:

  • One screen for users and roles. JDE stores user and role descriptions in the same table; this page does too — a role and a user both appear in the grid, sortable side by side.
  • One dialog for the whole maintenance. Editing a row gives access to the description, the attached roles, the environments and the security workbench import — without navigating between three separate JDE forms.
  • Bulk-friendly. Standard grid actions (add, edit, delete) plus the upload action of Nomajde — useful when onboarding a new role definition delivered by the system integrator as a spreadsheet.

Columns

ColumnSourceWhat it tells you
User / RoleAUUSER — JDE identifier.Either a sign-on user ID or a role ID — JDE stores both in the same table.
DescriptionAUROLEDESC — friendly label.The label that surfaces on JDE forms and on the Nomajde reports.
SequenceAUSEQNO — sequence number.Display order used when a user holds several roles — lower number wins.

Other JDE attributes carried on the row but hidden by default: language, e-mail, last login, intensive-user flag, action / inactive marker, and the audit columns (program, job, date, time).

Edit dialog

Click Add in the toolbar to register a new user or role, or double-click a row to edit. The dialog has four tabs. The Roles, Assignments and Environments tabs are hidden on Add — they appear only after the user / role record exists.

Edit User / Role — DUPONT.JDefaultRolesAssignmentsEnvironmentsUser / RoleDUPONT.JDescriptionDupont, Julien — FinanceSequence20ROLES TAB — SECURITY WORKBENCH WORKFLOWClick Import Security to copy the security workbench setup from another user / role, in sixguided steps. Click Merge Roles to combine the setups of several source roles into the target.ON SAVE — AUTOMATIC ENVIRONMENTSDefault environments are computed andinserted automatically on save.

Tab 1 — Default

The user / role identification and the JDE display preferences (language, country, date format, decimal separator, currency, time zone). All four columns shown on the grid live here; the JDE display attributes are below.

FieldWhat to enter
User / RoleThe JDE identifier — the sign-on user for a user, the role ID for a role. Mandatory.
DescriptionFriendly label that surfaces on JDE forms and in the Nomajde reports.
SequenceDisplay order when the same user holds several roles — lower number first.

The JDE display fields (language, country, date format, decimal separator, currency, time zone, time format, OMW logging, right-to-left, intensive user) keep their JDE semantics. Leave them empty to inherit the JDE default, or set them per user when the deployment guidelines require it.

Tab 2 — Roles

Nested table listing the roles attached to the user (or the parent roles of the role being edited). Add a row to attach a role, with effective and expiration dates. Hidden on Add.

The toolbar of the Roles tab carries two workflow buttons — Import Security and Merge Roles — that automate the bulk of the JDE security-cloning work in a single click. Both apply across three JDE catalogues:

CatalogueWhat it carries
Security WorkbenchApplication, action, row, column, processing-option, tab, exit, hyper-exit, external-call security.
UDO SecurityUser-Defined Object security — saved queries, watch lists, personal forms, advanced queries, E1 Pages.
Menu FilteringThe Solution Explorer task variants the user is allowed to launch.

Each workflow walks through the three catalogues, deleting the target rows first and inserting the source rows next — a delete-then-insert per catalogue, six steps in total.

Import Security — clone a reference user / role

The button copies the full security setup of a single source user or role into the target. The target's prior security is removed first — the result is an exact clone.

Import Security — clone a source user / role onto the target1 · DELETEWorkbenchtarget rows2 · INSERTWorkbenchfrom source3 · DELETEUDO Securitytarget rows4 · INSERTUDO Securityfrom source5 · DELETEMenu Filteringtarget rows6 · INSERTMenu Filteringfrom source
StepCatalogueWhat it does
1Security WorkbenchRemoves every existing workbench entry on the target.
2Security WorkbenchCopies every workbench entry from the source onto the target, line for line.
3UDO SecurityRemoves every existing UDO entry on the target.
4UDO SecurityCopies every UDO entry from the source — a fresh row identifier is allocated so the target's rows do not collide with the source's.
5Menu FilteringRemoves every existing menu-filter entry on the target.
6Menu FilteringCopies every menu-filter entry from the source.

After the six steps run, the target user / role has the same security as the source — same applications, same action grants, same UDO permissions, same Solution Explorer view.

Merge Roles — combine the inherited roles into one consolidated set

The button looks at every active role relationship on the target (the Role Relationships attached to the row) and consolidates the security setups of all source roles into the target. Where two source roles grant a flag (e.g. Run), the merged result takes the most-permissive value. The target's prior security is removed first.

Merge Roles — consolidate every active inheritance onto the targetINHERITANCE SOURCESEvery role attached to the targetvia Role Relationshipsrestricted to active inheritancesMERGE — MOST-PERMISSIVE WINSFor each (security type, object, data item):take the maximum grant across all source rolesdelete-then-insert · Workbench · UDO · Menu FilteringTARGET ROLE — CONSOLIDATEDOne security row per object,reflecting the union of all sourcesno more sign-on time computation
Use Merge Roles whenWhat you get
A role inherits from three source roles and you want a single flat row set instead of resolving the inheritance at every sign-on.A consolidated Security Workbench on the target — JDE no longer has to compute the union at sign-on time.
You are about to retire two of the source roles and want to keep the combined access on the target only.The same effective rights, expressed on the target. After the merge, remove the inheritance from Role Relationships.
The security workbench grows beyond what a JDE sign-on can comfortably resolve on the fly.Flatten the hierarchy once, get faster sign-ons and an easier-to-audit row set.

Both buttons are idempotent — running them twice does not duplicate the result. They both keep the audit columns on the inserted rows (the Nomajde user, the JDE program ID, the timestamp), so the Audit Trail picks up the change.

Destructive on the target

Import Security and Merge Roles both delete the target's existing rows before inserting. Always run them on a freshly created user / role, or after confirming the target's current security is no longer needed.

Tab 3 — Assignments

The reverse view of the Roles tab. Lists the records where the current user / role is the source of a role inheritance — that is, every user or role that inherits security from this one. Hidden on Add.

Edit a row to extend the effective-date window or to revoke the inheritance.

Tab 4 — Environments

Nested table listing the environments declared for the user (PD, PY, DV, CRP, …). Each environment carries the role under which the user runs there and the date window during which the access is valid. Hidden on Add.

When the user record is created (the Add flow), Nomajde automatically populates the default environments from the JDE configuration — no manual entry needed on day one.

On save — what runs in the background

Saving a new user / role chains four JDE inserts in one go:

  1. Insert New Role — writes the user / role identification row.
  2. Get Default Environments — fetches the default environment list from the JDE configuration.
  3. Insert Default Environments — populates the Environments tab with the defaults.
  4. Insert Display Preferences — writes the display preferences row (language, country, date format…) tied to the user / role.

The four steps run as a single save — there is no half-created record to clean up if any step fails.

Tips & best practices

  • Use Import Security to onboard a new user by cloning a reference one — much faster than rebuilding the workbench by hand.
  • The Sequence column matters when a user holds several roles — JDE resolves the effective rights using the sequence order. Keep the most restrictive role at the lowest sequence number.
  • Maintain users and roles in the same place. JDE stores both in F00926; the screen surfaces both. Apply your own naming convention (e.g. *_USER for users, *_ROLE for roles) to keep them visually separate on the grid.
  • Check Nomasx-1 → Conflicts → Summary by User after onboarding a user, to confirm the attached roles do not create SoD conflicts.