Sage 100

I was hoping to find a Sage link I could share with customers ( or more frequently their IT departments ) outlining the security rights required for users to run Sage 100.

I'm aware of this link which at a quick look appears helpful - Sage 100 Security Permissions

However, the content seems to be more about rights needed to run Sage 100 Advanced/Premium as a service or an App. 

There's little information on what network rights a user may need to actually complete a task such as make a journal entry or enter an order.

And for a large portion of customers with informal IT - they are fine with just cranking up the rights and giving users full rights to the \MAS90

However an increasing number of IT departments ( including every large medical practice I've consulted with for the past 5 years ) are unable to grant more network rights than are actually needed by the application. In those cases IT asks us for some technical documentation on what  minimum rights are needed. This is where "just give users full rights" is a difficult recommendation.

Here's one example that's more confusing than helpful - the permissions required to print - none/read/change/full -- that's quite a range.

Am I misinterpreting this document or do I just need to lower my expectations around finding any documentation from Sage and just tell IT to give full rights the the \MAS90 and all subfolders?

------------------------------
Wayne Schulz
wayne@s-consult.com
Schulz Consulting
(860) 516-8990
Moodus, CT
------------------------------

I think their second chart is probably the most detailed permissions I've ever seen for an client/server application, so you may want to lower your expectations. 

For Printing Tasks, there's a note somewhere that mentioned DEFERRED is always an option, even if there are no permissions set, so that covers the None. My hunch is that a network user would need at least Change rights for Standard edition to print to an actual device, or Read rights for Advanced/Premium. 

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
------------------------------

Oh, and I also wanted to mention that I've had good luck having IT departments create a security group of "Sage 100 Users" and then give that group Full rights to MAS90. Then the IT Department can get rid of the Everyone permissions, show that they take security seriously, and then they're happy.

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
------------------------------

Original Message:
Sent: 08-15-2023 08:29
From: Steve Iwanowski
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

I think their second chart is probably the most detailed permissions I've ever seen for an client/server application, so you may want to lower your expectations. 

For Printing Tasks, there's a note somewhere that mentioned DEFERRED is always an option, even if there are no permissions set, so that covers the None. My hunch is that a network user would need at least Change rights for Standard edition to print to an actual device, or Read rights for Advanced/Premium. 

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
------------------------------

The part that I must be overlooking is where Sage indicates what permissions at a minimum are required for the \MAS90 and MAS_XXX

I think this is probably at least part of the answer. When I've dealt with sophisticated IT departments they almost always want the vendor's recommendation.

------------------------------
Wayne Schulz
wayne@s-consult.com
Schulz Consulting
(860) 516-8990
Moodus, CT
------------------------------

Original Message:
Sent: 08-15-2023 08:32
From: Steve Iwanowski
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

Oh, and I also wanted to mention that I've had good luck having IT departments create a security group of "Sage 100 Users" and then give that group Full rights to MAS90. Then the IT Department can get rid of the Everyone permissions, show that they take security seriously, and then they're happy.

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
------------------------------


Original Message:
Sent: 08-15-2023 08:29
From: Steve Iwanowski
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

I think their second chart is probably the most detailed permissions I've ever seen for an client/server application, so you may want to lower your expectations. 

For Printing Tasks, there's a note somewhere that mentioned DEFERRED is always an option, even if there are no permissions set, so that covers the None. My hunch is that a network user would need at least Change rights for Standard edition to print to an actual device, or Read rights for Advanced/Premium. 

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯

Ah, I'm with you now and it's not explicit. My interpretation is that the "local" user would need Change/Write permissions to MAS90 and the MAS_xxx folders. For Standard, the "local" user would be the actual human's user account. For Advanced/Premium, the Service account would be the "local" and require Change/Write and the human would need Read.

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯
------------------------------

Original Message:
Sent: 08-15-2023 09:15
From: Wayne Schulz
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

The part that I must be overlooking is where Sage indicates what permissions at a minimum are required for the \MAS90 and MAS_XXX

I think this is probably at least part of the answer. When I've dealt with sophisticated IT departments they almost always want the vendor's recommendation.

------------------------------
Wayne Schulz
wayne@s-consult.com
Schulz Consulting
(860) 516-8990
Moodus, CT
------------------------------


Original Message:
Sent: 08-15-2023 08:32
From: Steve Iwanowski
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

Oh, and I also wanted to mention that I've had good luck having IT departments create a security group of "Sage 100 Users" and then give that group Full rights to MAS90. Then the IT Department can get rid of the Everyone permissions, show that they take security seriously, and then they're happy.

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯


Original Message:
Sent: 08-15-2023 08:29
From: Steve Iwanowski
Subject: Sage Help File: Sage 100 Security Permissions - Are These Instructions only Semi-Useful?

I think their second chart is probably the most detailed permissions I've ever seen for an client/server application, so you may want to lower your expectations. 

For Printing Tasks, there's a note somewhere that mentioned DEFERRED is always an option, even if there are no permissions set, so that covers the None. My hunch is that a network user would need at least Change rights for Standard edition to print to an actual device, or Read rights for Advanced/Premium. 

------------------------------
Steve Iwanowski, NextStep Technology Advisors, aka DSD Lancaster PA ¯\_(ツ)_/¯