Security Management

OBJECTIVE

The Security Management option is used to define access for each maestro* user.

It is possible to create access rights by user groups, to allow easier configuration of users that will be assigned the same access and permissions. A list of access permissions to groups of projects is also available by clicking the drop-down menu of the Print icon.

 

PREREQUISITES

• Project Management
• User Group Management
• Employee Management

 

ICONS

Security Management Icons

Icon Title Used to Cube View access given to all users for projects, employees, options or restrictions. See the appendix for more information. Contact Management Allows to access the Contact Management maestro* option. The contact linked to the user is automatically displayed, if applicable. User Group Management Define security groups to limit user access. Area Management Allow to control access to maestro* by groups of companies and to restrict access by certain administrators to companies belonging to the same group of companies. Please read the Security by area document for more information. Access Configuration Table View users connected to maestro* and reserve licenses for some users. Copy security settings from one user to another Create a user’s security settings based on another user’s settings. See the Copy Security Settings from One User to Another section for more information. Configuration Select the default settings applicable when creating a user. See the Configure a User's Default Settings for more information. Only the icons specific to this window are defined in the table below.

 

Summary

• Create a User
• User Access Using the Cube
• Copy Security Settings from One User to Another
• Configure a User's Default Settings
• User Group Management
• Area Management
• Access Configuration Table

 

STEPS

maestro* > Maintenance > General Maintenance > Processing > Security Management

 

Create a User

1. Enter the required information in the Identification tab:

Field	Description
Number	Number that identifies the user. NOTES: If no code is entered, maestro* assigns a default code. If the code already exists, maestro* displays the data already entered for the code.
Name	User's name. NOTE: If the user is identified as the reference for his group in Define User Groups, a note reading "Reference user for XXX group" is displayed.

2. Enter the required information in the Description tab:
   1. User Information section:

   Field	Description
   User Code	Code that identifies the user in maestro*; it is used when a session is started. In CLOUD mode, the user code is followed by the domain, as set by the technician during installation. The domain corresponds to what is displayed after the @ of an email address.
   User Group	Group to which the user belongs. NOTES: The group must have been created in advance by clicking the Group icon.This group is used to determine access to various maestro* options. It is possible to define a reference user in User Groups Management that will be used as a security base for other group members. In multidimensional mode, if the security type is local, the user can copy the access permissions defined by user group from one prefix to another. Refer to the Copy access permissions to options in multidimensional mode procedure. InUser Group Management, to copy a group, simply select the group code, click the Copy the Group icon and enter the new group code. All access permissions to options will be copied to the new group.
   Area	Displays the area to which the user is linked if the Security by Area module is installed. Refer to Security by Area help topic for additional information. NOTE: The area must be identified in Define User Groups.
   Language	User's default working language.
   Status	Status of the user: active or inactive.
   Modification List	Used to select whether the list of modifications should be displayed or not by default when updating the software for the user.
   User in Charge	Used to specify the user responsible for the user created. NOTE: The user in charge can modify and view the transactions of users who report to him.
   Type of Access	maestro* Use of maestro* through a network connection. Standard Mobile Use of maestro* through a mobile application. maestro* and Standard Mobile Use of maestro* through a network connection and the mobile application. Web Service Use of maestro* through Web applications. maestro*MOBILE employee Restricted use of maestro*MOBILE. NOTE: Unlike standard maestro*MOBILE licences, “Employee” licences limit user access to the Project, Timesheets, and Inspections interfaces in maestro*MOBILE – provided the company purchased those modules. See Setting Up Employee Access to maestro*MOBILE - maestro*MOBILE Employee License document. maestro* and maestro*MOBILE employee Standard use of maestro* and restricted use of maestro*MOBILE.
   Email	Used to enter the user's e-mail address. NOTE: This e-mail address is used, among others, to send the merchandise receipt to the user who entered a requisition.

   2. User Under Responsibility section:This section is used to view all of the users who report to the selected user.
   3. Modify Password section:

   Field	Description
   User can change his password himself	Allows the user to change his password himself when starting his next session, if the box is checked. NOTES: Configure a change in password at a regular interval by specifying a number of days. The date on which the user last changed the password is saved. Even though the field has a 50-character capacity, passwords are limited to 30 characters.
   Ask the user to choose a new password the next time he logs in	Used to force the user to change his password the next time he logs in, if the box is checked.
   New Password and Confirmation	These fields are used to configure a new password to access maestro*. Specify the password and repeat it to confirm it.

   4. Statistics about this user section:

   Field	Description
   Keep a log file of the system usage for this user	Keeps a record of access attempts by this user in the History tab, if the box is checked.
   Save History	Used to specify the number of months for which the user’s history will be saved.

   5. User's signature section: this section allows indicating the name of the file representing the user's signature. Click on the icon to select and load the signature image file. .bmp, .jpg, .gif, and .psd files are accepted. The user signature can be printed on various maestro* forms and, if applicable, will be used in the hours worked approval option in maestro*MOBILE.
   6. User-Specific Email Configurationsection:

   If the box is unchecked, the same functions than the send email function will apply.

    

   Champ	Description
   User	Contains the user’s email address. This field is automatically filled in from the UserCode.
   Password	Password used to complete the integration with Outlook. NOTE: The passwords to access maestro* 3.05 MS SQL must respect the following rules: They must contain at least 8 characters They must contain characters corresponding to at least three of the four following categories: A capital letter from the Latin alphabet (A to Z) A lower-case letter from the Latin alphaber (a to z) 10 base number (1 to 9) An alphanumerical character, such as: an exclamation point (!), dollar sign ($), a hashtag (#), or a percentage symbol (%). Furtermore, the account's username cannot be used as a password.
   Server name	SMTP server name. Information retrieved from General Settings, Miscellaneous tab, Configuration of the SMTP email account.
   Port	SMTP server port. Information retrieved from General Settings, Miscellaneous tab, Configuration of the SMTP email account.
   "From" Address	Display of the "From" address. Information retrieved fromGeneral Settings, Miscellaneous tab, Configuration of the SMTP email account.
   SSL Encoding	If the box is checked, emails will be encoded with the SSL technology. Information retrieved fromGeneral Settings, Miscellaneous tab, Configuration of the SMTP email account.
   Send Test Emails	Used to send an email with maestro*in order to test configurations.
   Signature	Used to configure email signature.

   7. Roles in the company section: this section displays the roles assigned to the user in the Role Management option and concerns the various processes in which they can intervene.

3. Click on Save.
4. Enter the required information in the Access to Projects tab:

Field	Description
User will have access to all projects	Provides access to all projects.
User will have access to some types of projects	Provides access to certain types of projects only. NOTE: The types are created in Define Project Types and are assigned to the project when opened in Project Management.
User will have access to some categories of projects	Provides access to certain project categories only. NOTE: The categories are created in Define Project Categories and are assigned to the project when opened in Project Management.
User will have access to some projects	Provides access to the projects selected in the Individual Access to Projects section only.
Group Access Section
Field	Description
User will have access to all groups	Provides access to all expense and income groups configured in Define Cost Groups.
User will have access to some groups	Provides access to the group selected in the Individual Access to Groups section only.

 

Access restriction sections are displayed only if the corresponding options are installed. This restriction is applied in Project Inquiry for the detailed expense report and dynamic vector-based analysis for projects.

5. Enter the required information in the Access to Employees tab:

Field	Description
User will have full access to all employees	Provides access to all employees and all of the information about them.
User will have a limited access to all employees	Provides access to certain information only. NOTES: The Access to Employee Management, For Inaccessible Employees and For Employees with Restricted Access sections make it possible to prevent the display of certain information about employees in the various screens and on reports. With restricted access, employee costs (hourly rates and amounts) are not included in most reports or options. Below are some examples: Hour entries (Enter Work Orders, Return from a Service Call and Time Sheets, etc.) List Generator Project Inquiry Detailed Cost to Date Selling Revision (Enter Work Orders) Work Order Report Invoicing Analysis (W/O) Direct Invoicing Screen (Enter Work Orders) Selling Validation Report (Invoice Preparation (W/O)).
The user will have access to some groups of employees	Provides access to the groups selected in the Access by Group of Employees section only. NOTE: The group must be specified in the Security Group field in Employee Management.
User will have access to some employees	Provides access to the employees selected in the Individual Access to Employees section only.

1. Access to Employee file maintenance section:

Field

Description

Options

Corresponds to each tab in the Employee Management; if a box corresponding to a tab is checked, the user has access to it. Employee ID Payroll Information Project Time Other Modules Bonuses and Deductions Income Tax Additional Fields History YTD Inquiry YTD Modification Accumulators Human Resources File Trades and Unions Events NOTES: Users with a “limited access to all employees” can access the Employee ID tab in Employee Management if the option is checked here and the employee’s contact information is visible (i.e. the Hide Employee’s contact information option in the For employees with limited access section is not checked). See Employee Management for a description of each tab’s content.

 

If the user must create employees using the Employee Management option in Time Management, or Employee Management in the Service Management module, the Other Modules option must be checked. If lists are created with the List Generator, the lists consulted by the user only display the information allowed by the security settings.

2. For inaccessible employees section:

Field	Description
Must not see project expenses for these employees	Used to hide expense amounts associated with employees in Project Inquiry and on the various reports of maestro*.

3. For employees with limited access section:

Field	Description
Hide Employee’s contact information	Hides all information related to an employee, except his name and some information required for time entry (trade code, union code, equipment code) NOTE: If this box is checked, the user doesn’t have access to the Identification tab in Employee Management.
Allow access to Document Management	Allows the user with a limited access to employees to access their documents.
In report and inquiries
Field	Description
Hide employee ID	Hides the number, name of the employee, social insurance number, and any other fields that identify the employee in reports.
Hide the salary	Hides the rates and amounts of the employee's salary.

6. On the Access to Companies tab, check the companies to which the user has access. This tab allows you to select companies to which the user has access when starting a work session in maestro*.
7. View the information in the History tab. The user can filter the historyinformation by Date (of access), User or Option to display only the wanted information.

To ensure this tab contains information, the Keep a log file of the system usage for this user and Save History fields must be completed in the Statistics about this user section under the Description tab.

8. Enter the required information in the Access Restrictions tab:

If the user is considered the reference user of a user group, the tag Reference user of group X pops up in the upper right corner of the window. If the parameters and selections of a reference user are modified, a message will appear to know if these changes should be applied, or not, to all other users of the group.

 

For this tab, click on the [+] in front of each item in the menu on the left, then on each sub-item below. Afterwards, check the appropriate elements.

1. Accounting element:

Financial Statements sub-element:

Field	Description
The user has access to all financial statements.	Provides access to the financial statements accessible to the user. NOTE: The user only sees the financial statements for which the Accessible column is checked.

2. Accounts Receivable element:

Invoicing sub-element:

Field	Description
The user can see the profitability of an order or a sale.	Displays the percentage of profit when this function is available (i.e. Quotations, Customer Orders, Projected Sales Analysis, etc.) if the box is checked. NOTE: If checked on the Projected Sales Analysis report in the Work Order Billing module, the user can decide whether or not to show costs on the report using the Hide Cost criterion. If not checked, costs will be hidden automatically.
Mark-up as a % of average cost	Mark-up percentage tolerated in relation to the average cost of items on sales entered by the user.
The user may not create credit notes	Disables the creation of credit notes, if the box is checked. NOTE: If the box is checked, the user can enter the invoice, but he cannot save it.
The user will not be able to see the amounts in the customer order shipping screen	Prevents the user from seeing the amounts in the customer order delivery screen if the box is checked.
The user will not be allowed to delete an invoice or modify the invoice number, if an invoice number is already present	When the box is checked, a user cannot delete an invoice or change its number if it already has one. This option prevents the loss of invoice numbers.

Customer Order sub-element:

Field	Description
The user can modify transferred orders	Allows the modification of transferred customer orders, if the box is checked.
User can modify the price of an order	Lets the user change the price of an order if the box is checked.
Authorized action for an order at confirmed status when credit limit is exceeded	Available values: Save Authorized with confirmation Allows the user to save the order, but a warning message mentioning that the credit limit has been exceeded is displayed. Save rejected Does not allow the user to save the transaction. Limited modifications authorized if the order was already confirmed Allows the modification of certain header fields in orders with a Confirmed status. NOTE: Only fields that do not affect the inventory or total amount of an order can be modified.

3. Click Projects in the menu on the left, then on:

Project Management sub-element

Field	Description
The user can modify budgets	Used to modify budgets in the Activities and Budgets tab of Project Management, if the box is checked.
The user can see project totals	Makes it possible to see project totals in the Project Total tab in Project Management, if the box is checked.

Time Sheets sub-element

Field	Description
The user cannot confirm Time Sheets	Does not provide access to the Confirmed status in the Time Sheets option, if the box is checked.
The user can modify transferred TimeSheets	Allows the user to add lines to a transferred timesheet, if the box is checked.

Work Orders sub-element

Field	Description
Drop-down menu	The user has access to his/her work orders Only provides access to the work orders created by the user. The user has access to work orders in accessible projects Provides access to all work orders associated with projects accessible to the user. NOTE: This configuration is conditional on the previous selection in the Access to Projects tab. The user has access to ALL work orders Provides access to all work orders entered in maestro*.
In Work Order selection screens and fields, user will only be allowed to see or select W/O to which access is granted	Only allows the user to see the work orders to which he has access to in the entry fields and selection grids if the box is checked.

In Work Order Entry sub-element

Field	Description
User will be able to see the unit cost column under the ‘Material Used’ tab	Provides access to the unit cost in the Material Used tab on Enter WorkOrders if the box is checked.
User will have access to Work Order Review and Work Order Approval Report	Provides access to the work order control report and work approval if the box is checked. NOTE: These reports are available by clicking the Print icon.
User will haveaccess to direct invoicing	Provides access to the Direct Invoicing option in Enter Work Ordersif the box is checked.
User will have access to Selling Revision	Provides access to the Change Selling Prices option on the Enter Work Ordersif the box is checked.
User will have access to reopen work order	Allows the user to reopen the work order using the Enter Work Orders option if the box is checked. NOTE: Only the work orders to which the user has access can be reopened.
User will be able to change the billable quantities in Work Order entry	Gives the user access to the billable quantities column in the Enter Work Orders option, if the box is checked. The user can change the quantities to be invoiced for each of the elements entered on work orders. NOTES: If checked, to ensure that the columns are displayed in the Enter Work Orders option, the user must also change the setting of the grids by selecting the Billable Hours (regular, half and double) and Billable Machinery Hours columns in Configuration by right clicking in the grid. If not checked, the billable quantities columns will not be visible to the user.
User will have access to delete a Quotation Work Order	Gives the user access to Delete work order quotations if the box is checked. NOTES: The Delete icon is only visible if no work order was created from the quotation. The Quotation Link field displays this information. Only available if the Quotations Work Orders module is installed.
User will have access to all work order status codes	Gives the user access to see, save and transfer work orders, regardless of their status. NOTES: Access to work orders is nevertheless subject to the general rule that limits access to work orders entered by the user or assigned to a project to which the user has access. If the box is not checked, access is confirmed based on the following table. Only status for which the corresponding box is checked are accessible for inquiry, saving or transferring. Access to certain types of transfers can also be limited in the table.

Work Orders – Counters sub-element

Field	Description
User will be able to choose, from a list, the user according to whom the Work Order will be numbered	Used to select the user according to which the work order will be numbered from a list of users if the box is checked. NOTES: The choice will apply to the counter and format of the work order as defined for each user. The user will also be able to choose to use the general numbering sequence as defined in Configuration. This option can be particularly useful for users who are responsible for entering work orders for multiple users, for whom different counters or formats have been defined.
Work Order Counter	Used to define the user's work order counter. NOTE: The counter number to be entered is the last number issued by the user.
Work Order Format	Used to define a numbering mask for work orders. NOTE: This makes it easier to group work orders based on the user who entered them.
Quotations Work Orders
Field	Description
Quotation Work Order Counter	This section is only displayed if the Quotations Work Orders module is installed. Used to define the user's work order quotation counter. NOTES: The counter number to be entered is the last number issued by the user. It is possible to use the same counter as the one used for work orders by specifying -1.
Quotation Work Order Format	Used to create a numbering mask for work order quotations. NOTE: This can make it easier to group work orders based on the users who entered them.

Work Order – Inquiry sub-element

This section corresponds with the various Work Order Inquiry tabs in the Work Order module (refer to this option for the content of each of the tabs). It allows the user to configure user access to the various tabs in Work Order Inquiry. The user has access to the tab if the box is checked. By default, all of the tabs are checked. At least one tab must be checked.

Change Order sub-element

Field	Description
The user has access to all approval codes on change orders	Provides access to the approval codes accessible to the user. NOTES: The user only sees the codes for which the Accessible column is checked. The approval codes can be customized in Define Approval Codes.

Miscellaneous Reports sub-element

Field	Description
The user has access to all reports	Determines which project reports are accessible for the user. NOTE: The user only sees the reports for which the Check the reports the user can print column is checked.

4. Click on Payroll in the menu on the left:

Payroll sub-element

Field	Description
User will be allowed to modify a direct deposit to a cheque	Allows the user to temporarily change the payment method for an employee when printing cheques. By checking this box, the user can issue a cheque to an employee rather than making a direct deposit without changing the employee’s settings.

Miscellaneous Report sub-element

Field	Description
User has access to all reports	Determines payroll and customized reports accessible to the user. NOTE: The customized reports must have been created in advance using the Miscellaneous Report Generator option. The user only sees the reports for which the Check the reports the user can print column is checked.

5. Click on Purchasing in the menu on the left:

Access to order statuses sub-element

Field	Description
The user has access to all order statuses	Provides access to the order statuses accessible to the user. NOTES: The statuses can be configured and must be created in advance using the Table of Order Status Codesoption. The user only sees the statuses for which the Accessible for Saving and/or Accessible for Viewing columns are checked.

Orders sub-element

Field	Description
The user can unlock transferred orders and subcontracts	Allows the user to unlock a transferred order or a subcontract if the option is selected. Checking this box will make the Unlock the Order option available under the File menu. The following orders and subcontracts are affected by this configuration: Purchase Order Management Stock Order From Catalogue Subcontract Management NOTE: To unlock the order, noreceipt of goods or invoice must be associated with it.
The user may receive and invoice closed orders	If the box is checked, this feature may be used to enter an invoice associated with a closed order and to receipt goods.
The user can generate an automatic receipt of goods when entering a stock order from catalogue	Indicates that the user can automatically create a goods receipt when creating a stock order from catalogue. This option may be useful to create orders that have already been received.
Drop-down menu Purchase Orders Access	Determines to which orders a user has access. Normally, a user can only access the orders he created or those created by a user for which he is responsible of.However, the second option allows the user to access all regular, catalogue and project orders, even those created by users he is not responsible of.
The user can create non-existent items in a catalogue order entry	Indicates that the user can enter non-existent items when he is creating a catalogue order entry. These items are automatically created in the catalogue when the order is saved.
Template to use	Allows the user to select a template to use with the catalogue item when automatically creating an item in the catalogue, following the entry of a non-existent item in a catalogue order. Available templates are created in Catalogue Management.
The user will not have access to the “Extras on Invoicing” tab in the order invoicing options	If this box is checked, the Regular user does not have access to the Extras on Invoicing tab in the Purchase Order Invoicing option (purchase orders or stock orders from catalogue). This setting does not apply to Administrator users. NOTE: This configuration is not activated by default.

Subcontractor Contract sub-element

Field	Description
Drop-down menu	The user has access to his subcontractor contracts Only provides access to the subcontractor contracts created by the user. The user has access to ALL subcontractor contracts Provides access to all subcontractor contracts entered in maestro*.

Requisitions sub-element

Field	Description
Indicate how the “requested by” user of a requisition should be notified after a receipts of goods	Available values: No warning No warning is sent. A message is sent to the event calendar A message is displayed in the maestro* event calendar. A message is sent by e-mail An e-mail is sent to the requester when a receipt of goods linked to an order created from a requisition is transferred. NOTE: The user can configure a form for sending a message by e-mail by completing the E-mail Confirmation field in Configuration, Formstab. A message is sent by e-mail and the document is saved A message is sent by e-mail and the document is saved in the Event Calendar.
Notify only when the order is completely received	When selected, sends a notification only when the order has been received in its entirety.
Display the requisition of all requesters in the report Progress of Requisitions	Allows the user to visualize all the requisitions in the Progress of Requisitions report, even if the requisitions were entered by users he is not responsible for.
Selections of requisitions that will be available for processing under the ‘Procurement Management (MRP 1)’ option	Allows the user to choose the requisitions that will be accessible in Procurement Management (CBN/MRP 1). The user can process the requisitions for accessible projects The user can only process the requisitions that are linked to the projects he has access to. The user can process ALL requisitions The user can process all the requisitions with no regards to his access to projects.

Purchases sub-element

Field	Description
When an invoice number already exists for a supplier	Action to take with a purchase transaction when an invoice number already exists for the same supplier. Display a warning message Displays a message to user and allows the saving of the transaction. Block saving of transaction Displays a message to user and prevents transaction from being saved. The user must modify the invoice number in order to save the transaction.
The user will be able to display all invoices in the payables invoice approval	Allows a non-admin user to approve invoices assigned to other users in the payables invoice approval process, if the box is checked. NOTES: When the box is checked, the user has access to the Display all invoices option in thePayables Invoice Approval, allowing him to view all invoices, no matter who they have been assigned to. If not checked,the user only sees the invoices that have been assigned to him, and can only approve invoices to which he has access.

Interface ElekNet sub-element

Field	Description
Allow to retransmit an ElekNet order	If this box is checked, the current user will be allowed to retransmit an ElekNet order.
User Code and Password	The needed user code and password to connect to the ElekNet service. If these fields are filled in, they will have priority over those entered in the Purchasing module configurations (ElekNet Interface tab). This will allow each buyer to keep track of every single order with Lumen (with the email linked to the account). NOTE : These fields can contain a maximum of 50 alphanumeric characters.

6. Click on Quotations in the menu on the left:

Concrete and Quarry Quotations sub-element

Field	Description
The user can change the status of a quotation	Allows the user to change the status of a concrete or quarry quotation, if the box is checked.
The user can change a transferred quotation	Allows the modification of transferred quotations, if the box is checked.
The user can only access transferred quotations	Only provides access to transferred quotations, if the box is checked.
The user cannot transfer quotations containing temporary customers	Used to prohibit the transfer of a quarry quotation to a customer not entered in Customer Management.

Distribution Estimates sub-element

Field	Description
The user has access to all quotation statuses	Determines the user’s access to the quotation statuses. NOTES: The default quotation status codes are displayed. It is possible to create new codes using the Quotation Status Codes Table option. The user only sees the statuses for which the Accessible column is checked.

Construction Quotations sub-element

Field	Description
The user has access to all quotation statuses	Determines theuser’s access to the quotation statuses. NOTES: The default quotation status codes are displayed. It is possible to create new codes using the Quotation Status Codes Table option. The user only sees the statuses for which the Accessible for saving,Accessible for viewing or Allow Selection columns are checked.
The user has access to all quotation types	Determines the user’s access to the quotation types and quotations of this type. NOTES: The quotation types can be configured, and must be created in advance, using the Define Quotation Types option. The user only sees the quotation types for which the Accessible for savingor Accessible for viewing columns are checked.
The user has access to all quotation’s tabs and options	Allows the access to all the quotations tabs. NOTES: If this box is not checked, the user only sees the tabs for which the Accessible for saving and/or Accessible for viewing columns are checked. It is possible to control access to the worksheet: Allow access to formulas Display the Excel menu bar Extract a worksheet from maestro* Import an Excel worksheet If the Excel file is already protected by a password, the restrictions donot apply.
Drop-down menu	Available values: The user has full access to his quotations and those of users whom he is responsible Provides full access (read, edit and delete) to the quotations created by the user or users for whom he is responsible. The user has only read only access to quotations from users within their users group Provides read-only access to quotations for users who belong to a given group of users. NOTE: The user group is defined in the Security Management description tab. The user has full access to quotations from users of his or her user group Provides full access to the quotations created by the users who belong to a given group of users. The user only has read only access for all quotations Provides read-only access to all quotations. The user has full access to all quotations Provides full access to all quotations.

7. Click on Service Calls in the menu on the left:

Return from a Service Call sub-element

Field	Description
The user can change the Contract Agreement during a return from a service call	Used to change the contract number in the Return From a Service Call screen.

Contract Management sub-element

This section allows the user to define the level of security applicable to Contract Management. Access to Tabs in Service Contracts Management This section corresponds to the various Contract Management tabs in the Service Call module (refer to this option for the content of each of the tabs). It allowsthe userto configure user access to the different tabs of the contract. The user has access to the tab if its box is checked. The data in tabs that are not displayed in Contract Management does not become confidential data. It is always accessible to the user through search, list generator, report and view functions. By default, the tabs listed below are checked. If access to all tabs are cleared, only the contract number, status, document management, printer and navigation icons are visible.     For the Equipment tab, it is possible to activate the setting indicating that the user cannot modify the maintenance codes linked to visits in the equipment grid. If this box is checked, the user will not be able to add, modify, or delete a maintenance code for the scheduled visit.   Field Description Contract Description Provides access to the Contract Description tab if the box is checked. NOTES: To have access to the New, Delete and Renew Contract icons, the Contract Description tab must be accessible and the user must have full access to the Invoicing section. Access to theInvoicing section can be defined more specifically in this tab using the Access to the Invoicing section of Service Contracts Management option. Access to the Invoicing Section of Service Contracts Management Determines the security level of the Invoicing section in the Contract Management option. NOTE: The Contract Description tab must be checked for the section to be displayed and for the selected security level to be applied. Full access Allows the user to enter, edit and view the information in the Invoicing section. Read Only Only allows the user to see the information linked to the Invoicing section. The user cannot make corrections. No Access – Section not displayed Used to make information in the Invoicing section invisible to the user. Th user cannot see the section or make corrections.

Service Quotation sub-element

Field	Description
The user can see the quotations cost prices	If this box is checked, the user will be able to see the cost price of service quotations created in maestro*.
The user can see the quotations selling prices	If this box is checked, the user will be able to see the selling price of service quotations created in maestro*.
The user has access to all quotation statuses	If this box is checked, the user will have access to all statuses upon saving a service quotation in maestro*. If the box is not checked, select the status grid avaialble when saving for this user.
The user has access to all occupation categories	If this box is checked, the user will be allowed to select all the work categories when adding labour to service quotations in maestro*. If this box is not checked, select in the grid the accessible work categories for this user.

8. Click on Equipment in the menu on the left:

Equipment Definition sub-element

This section contains the various tabs in Equipment Management. The user has access to the information if the box is checked. If lists are created with the List Generator, the lists consulted by the user only display the information allowed by the security settings.

Equipment Inquiry sub-element

This section contains the various tabs in Equipment Inquiry. The user has accessto the information if the box is checked. If lists are created with the List Generator, the lists created by the user only display the information allowed by the security settings.

Equipment Rental sub-element

Field	Description
User has access to all sites	Allowsthe user to define locations that are available for equipment rental for each user. NOTE: The locations must have been created beforehand in the Define Sites option. Warning! Only locations that are not assigned to a specific equipment rental function will be displayed in the grid. The Not Applicable type is assigned to these locations.

Time Management sub-element

Field	Description
The user will only be allowed to transfer hour transactions to which he has access	When checked, this configuration allows only the transfer of the equipment hour transactions that are accessible to the user in Post Equipment Revenue. NOTES: The box is unchecked by default. An administrator user can always transfer the transactions of all the users, whether or not this box is checked.

9. Click on CRM in the menu on the left :

CRM –Calls sub-element

Field	Description
The user has access to the ‘Manager’ tab	Allows the user to access the Manager’s Section tab in the Call section of the Customer Relationship Management (CRM) option
User has access to ALL calls	Allows the user to access all CRM calls if the box is checked. Otherwise, access can be restricted according to the following configurations: These access levels are cumulative. Therefore, it is possible to activate more than one. User has access to calls they have created. User has access to calls for which he was assigned responsibility. User has access to calls for which he is the assigned salesperson.

10. Click on Documents in the menu on the left:

Access to Documents sub-element

Field	Description
Can modify/delete documents created by others users	Allows the user to delete or modify documents created by another user in Document Management.
Access Type to Documents Without Category	Full Access No matter the option from which the document is accessed. According to the original securityoption User will have access to documents without category, in accordance to his security profile. NOTE: By default, this value will be selected when a user is created. No Access User will never see documents of this type.
Access Type to Documents With Category	Full Access No matter the option from which the document is accessed. According to the original security option User will have access to all documents’ categories, in accordance to his security profile. NOTE: By default, this value will be selected when a user is created. No Access User will never see documents of this type. According to the document’s category User wil have access to documents upon their categories.

Notifications sub-element

Field	Description
Notify user by email when a document is assigned	Indicates that an email will be sent to a user informing him that a documentwas assigned to him for approval. The user can access the document in Document Inquiry or throughmaestro*’sEvent Calendar. NOTE: To send the email, an address must be entered in the UserInformation section, under the Descriptiontab in Security Management.

11. Click on Contact Management:

Access to Contacts sub-element

This section allows the user to define the type of access to authorize in Contact Management as it relates to each type of contact. To provide access based on the contact type, check the appropriate boxes. If not checked, the user does not have access to Contact Management.   Field Description Type of Contact Full Provides access to all contacts in edit, create and delete modes. Modification Allows the user to edit only existing contacts. The user cannot create new contacts. Insertion Allows the user to add a contact. Deletion Allows the user to delete a contact. Read Allows the user to have access to all contacts in view mode only. Limited read Allows the user to view only the selected types of contacts in restricted read mode.

12. Click on General in the menu on the left:

Miscellaneous sub-element

Field	Description
The user has the right to overwrite records when importing data	Allows the user to import data from an Excel file and delete existing records.
The user may execute mass changes	Allows the user to perform mass changes to data in the Tickets module.
The user has the right to execute mass deletions	Allows the user to execute mass deletion in the Tickets module.
Display the event calendar after selecting the company	Automatically displays the event calendar after selecting a company when signing in, if the box is checked.
The user cannot change the U.P. or item amounts in inventory transactions	Allows the user to change the unit price and item amounts in transactions that affect inventory, if the box is not checked. NOTE: The modification of unit prices under the Add Item tab of the Receipt of Goods option is not subjected to this setting. Users must, however, have access to the Order Inquiry option to see and/or modify unit prices.
The user can add links to external files in their custom menu	Allows the user to create links to external programs (*.exe files) or files saved locally on the user's system if the box is checked. This link is saved in the My Menu section in the main menu of maestro*. NOTES: To add a link to a document or program, right click in the header of a group and click the Add An External Program option. It is possible to create multiple links to different programs or documents.
User will have access to modify Additional Fields configuration	Allows the user to create, modify or delete the configuration for additional fields if the box is checked. NOTE: By default, users have access to additional field configurations.
The user has access to transactions of other users	Allows the user to transfer, modify or delete other users’ transactionseven if these users are not under his responsibility. NOTES: If checked, the user will have access to all transactions entered by any other user, no matter which user created the transaction. However the user must have access to the projects or employees included in the transaction to be able to make changes to these transactions. If not checked, the user will be able to see the transactions created by other users but will only be able to transfer or modify the transactions of users for which he is responsible.
The user can change the general settings for the dispatch entry	Enables users to make changes to the dispatch grid’s settings.

User Group sub-element

Field	Description
Check the groups in which this user can be found	Used to associate the user with the various groups created in Group Configuration. NOTES: These groups are used to assign a document to a list of users (Assignment List) in Document Management. The user is only displayed in groups for which the Accessible column is checked.

Access to Master Files sub-element

Customer Management, Supplier Management, Catalogue Management and Chart of Accounts are examples of master files in maestro*. The expression “file” is used to designate the creation of a new entry. For example, a new customer, a new supplier, etc.   Field Description The user has the right to add a record Used to create a new record. The user has the right to modify a record Used to modify information in an existing record. The user has the right to delete a record Used to delete an existing record.

Access to Transfers sub-element

Field	Description
The user has access to all transfers	Provides access to the transfer of transactions for these options. NOTE: The user only has access to the transfer if the Accessible column is checked.

9. Enter the required information in the Access to Fields tab:

The user can specify options in the Options to Which the User Has Access section, whether or not the user can see them, and modify them.

The Options to Which the User Has Access section does not contain all of the options in maestro*.

1. Select an option in the left section (Options to which user has access).
2. In the right section, Fields from Option, indicate the Type of Access for each field by selecting it from the drop-down menu.

OR

Choose the default access to all of the fields of the option by clicking on the drop-down menu Default:

Option	Description
Full access	Allows the user to see and modify the information.
View	Only allows viewing the information.
Invisible	Makes the information invisible to the user.

3. In the bottom section, Company Identification, indicate the Type of Security.

Security applies to all companies (Global) or only to this company (Local) based on the choice made in the Type of Security field.

10. Click Save.

When saving a user reference, maestro* asks if the changes should apply to all users within the same group.

 

User Access Using the Cube

When clicking the drop-down menu ofthe Cube, the user can select the following pivotal analysis type:

Pivotal Analysis - Access to Projects

The Pivotal analysis - Access to projects is used to quickly and easily analyze project access rights assigned by user in the form of a dynamic cross-referenced table. The analysis is based on the security setting in the Access to Projects tab.   Click to the right of the Cube icon. Select Pivotal Analysis - Access to projects. Select the User code(s) and Projects to be included in the analysis. It is possible to select projects by Master Project, Individual Project, Project Type or Project Category. The user can display active projects only by checking Active Projects Only. Click Accept. An analysis grid is displayed with the results of the analysis. To exit the grid, click the Quit icon.

Pivotal Analysis - Access to employees

The Pivotal analysis - Access to employees is used to quickly and easily analyze employee access rights assigned by user in the form of a dynamic cross-referenced table. The analysis is based on the security setting in the Access to Employees tab.   Click to the right of the Cube icon. Select Pivotal Analysis - Access to employees. Select the User code(s), Employee Group and Employees to be included in the analysis. It is possible to display active employees only by checking Active Employees Only. Click Accept. An analysis grid is displayed with the results of the analysis. To exit the grid, click the Quit icon.

Pivotal Analysis - Access to options

The Pivotal analysis - Access to options is used to quickly and easily analyze option access rights assigned by user in the form of a dynamic cross-referenced table. The analysis is based on the options in the menu which is accessible throughsecurity groups created in Group.   Click to the right of the Cube icon. Select Pivotal Analysis - Access to options. Select the User code(s). To select multiple user numbers, press and hold the Ctrlor Shiftkeys. Otherwise, click All. Click Accept. An analysis grid is displayed with the results of the analysis. To exit the grid, click the Quit icon.

Pivotal Analysis – Access Restrictions

The Pivotal analysis - Access restrictions option is used to quickly and easily analyze access restrictions by user in the form of a dynamic cross-referenced table. The analysis is based on the restrictions to the various options identified in the Access Restrictions tab.   Click to the right of the Cube icon. Select Pivotal Analysis – Access Restrictions. Select the user code(s). To select multiple user numbers, press and hold the Ctrl or Shift keys. Otherwise, click All. Click Accept. An analysis grid is displayed with the results of the analysis. The displayed table contains information about each section in the Access Restrictions tab, the configuration name and value. The True value indicates that the user has access to a configuration. To exit the grid, click the Quit icon.

 

Copy Security Settings from One User to Another

The Copy security settings from one user to another enables the selection of a user (source user) and identify some aspects of his profilethat will be copied and assigned to other users.

1. On the Copy security settings from one user to another window, enter the required information in the Select source user section:

Field	Description
User No.	ID number of the user whose access and settings will be copied.

2. Fill out the Select access rules and settings to copy section:

Access to global settings of all companies
Access to Companies	Provides access to the same companies as the source user.
Access Restrictions	Applies the same access restrictions that the source user has.
Access to Fields (Global Security)	Provides access to the same fields as the source user.
Custom Settings (Default Values, Width and Height of screens, Hide Columns, etc.)	Applies the same custom settings that the source user has.
Preferences (Data Entry, View, Reports, Appearance)	Provides the same preferences that the source user has.
Accessto specific settings of each company
Copy access and settings for all accessible companies	Applies the same access settings given to the source user. NOTE : If not checked, will copy only access and settings of current company.
Access to Projects	Provides access to the same projects as the source user.
Access to Employees	Provides access to the same employees as the source user.
Access Restrictions by Directory	Applies the same access restrictions for company directories that the source user has.
Access to Fields (Local Security)	Provides access to the same fields as the source user. NOTE: This option is available for Local security, as opposed to Global, in which case the Access to Fields (global security)should be used.
Current Company Custom Settings (Templates, Default Values, etc.)	Applies the same company custom settings that the source user has.
My Menu	Copies the source user’s custom menu.
Dashboard	Copies all the dashboards from the current company.

3. Select the employees that should have the same access and settings as the source user by checking the corresponding boxes.
4. Click on Apply to confirm the choices and on Quitto return to the Security Management window.

 

Configure a User's Default Settings

The Configuration icon allows the user to determine default settings when creating a new user. In addition, standard values and project, employee, and group accesses can be defined.

Configuration and User Settings

Field	Description
Language	Define a new user’s default language.
Modification List	Indicates if the list of modifications made in maestro*should be automatically printed following the installation of a new version.
User in charge	Indicates user in charge of the new user.
Type of access	Specifies which type of access is granted to the new user.
Keep a log file of the system usage for this user	Indicates that the user’s history will be kept.
Save History	Allows the user to indicate for how many months the new user’s history will be kept.
User can change his password himself	Provides permission to the new user to change his password.
User will have to modify his password every	Indicate how often (in days) the new user’s password must be changed.
Ask he user to choose a new password the next time he logs on	Specifies that the user must change his password the next time he logs onto maestro*.
Grant user access to all available companies at the time of its creation	Allows the new user to access all companies that existed when he was created.
Access to Projects	Determine the default type of project accessgranted to the new user: NOTE: These details are determined in the Access to Projects tab when creating a user. all projects some types of projects some categories of projects some projects
Access to Groups	Determine the default type of group access granted to the new user: to all groups to some groups NOTE: These details are determined on the Access to Projects tab when creating a user.
Access to Employees	Determine the default type of employee access granted to the new user: full access to all employees limited access to all employees access to some groups of employees access to some employees NOTE: These details are determined on the Access to Employees tab when creating a user.
For inaccessible employees
Must not see project expenses for these employees	Indicates that project expenses related to inaccessible employees must be blocked to the new user.
For employees with limited access
Hide Employee’s contact information	Indicates that employees’ contact information (mainly the address) for which the access is limited will be hidden to the new user. NOTE: This restriction mainly applies to options other than payroll. Payroll and Time Management are managed through the access to the Identificationtab in Employee Management.
In reports and inquiries	Indicates that the following information is hidden, when checked: Hide employee ID (no., name, SIN… everything that allows you to identify an employee) Hide the salary (rate, amount… everything that allows you to determine an employee’s salary)
Access to employee file maintenance	Defines to which Employee Management tabsa new user will be able to access. NOTE: These details can be determined on the Access to Employees tab when creating a user.

 

See also

• Define Project Types
• Define Project Categories
• Project Inquiry
• Quotations
• Customer Order
• Customer Management
• Time sheets
• Equipment Management
• Group Configuration
• Supplier Management
• Catalogue Management
• Chart of Accounts
• Approval Codes Table
• List Generator
• Define Document Categories
• Miscellaneous Reports - Payroll
• Table of Order Status Code
• Quotation Status Codes Table
• How to Security by Area
• How to Quotation Security
• How to Reopen a Work Order
• How to Creating Quotations from Work Orders
• How to Copy Option Access' in Multidimensional Mode

 

Last modification: May 04, 2024