Security groups and application authorizations

We all know how flexible Security Groups are when dealing with user roles and granting application authorizations. However, flexibility often brings complexity.
You have carefully designed user’s roles defining what applications and actions they are allowed to access in Maximo and implemented all using Security Groups application. The system goes live and after one or two years everything is messed up. Is too hard to check who has access to what and you no longer sure if the young electrician that was just hired 2 months ago has access to Database Configuration or Application Designer  🙂

Maximo has a built-in report called Security Group Access that can help but I hardly find it useful. In my opinion it is too detailed to get an overall idea of the security configuration. For example, I’m now working on a medium-sized Maximo solution with 20 security groups and around 250 users. Well… the ‘Security Group Access’ report is 89 pages long!

That was not going to work. I needed I better solution for my purpose so I decided to open my preferred SQL client and Eclipse BIRT Designer to have some fun. Results were pretty good so I have decided to share them with the Maximo community.

I came up with two custom reports that give me a quick grasp of the setup of user’s authorizations. The first one is called Security Overview and simply lists all the Security Groups and Start Centers counting how many users are assigned to them.

The second report is called Application Security Overview. It tries to represent which security groups provide access to applications. It is not an easy task to represent so many information in a single report but I’m finally proud of the results so here is what I have achieved to get.

The report lists all the applications in the rows and the security groups in the columns. The cell is yellow if read access is granted, orange if write access is granted, the number is the count of sigoptions granted.
The report can easily get too big if more than 20 security groups are defined so I decided to accept a list of security groups as filter so I can analyze smaller sets of data separately.

Download and installation instruction is available here.

Any feedback is highly appreciated.

Security groups and application authorizations

6 thoughts on “Security groups and application authorizations

  1. Muchisimas Gracias Bruno!!! Excelente articulo y superutil para la Administracion de MAXIMO. Realmente si aprendieramos a trabajar en "comunidad" seria un gran avance para nuestras sociedades, este es un claro ejemplo.

  2. Hi Bruno!
    I use Birt reports in the MAXIMO environment, And they work perfectly. I would like to run the report separately from Maxim as it does the eclipse development environment. I try to use genReport.bat from birt runtime. genReport.bat -f HTML -o outp.html C:\MaxRep\ListCommod.rptdesig (report without any paraments) but got error (code = Error.DesignParserException.FILE_NOT_FOUND, message : The file "MaximoSystemLibrary.rptlibrary" is not found.) and many other… Looks like I'm doing something wrong.

    How can I run the Birt report separately from the Eclipse or Мaximо?

  3. Appreciate if you can send the zip file to my email ID as the download link is showing 404 error.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top