Deltek Vantagepoint Security Series: Security Settings Reports - Learning Video

Welcome to Deltek Vantagepoint Security Series: Security Settings Reports.

My name is Marlaina Mandeville, and I'll be your instructor.

This class is part of the Deltek Vantagepoint Security Series and covers security settings, reports and audit trails. The Deltek Vantagepoint Security Series is intended for people who manage security access, or act as system administrators in their respective organizations.

By the end of this course, you should be able to print the security settings reports for roles, users and field security; enable the settings audit trail; and purge settings audit history.

In Vantagepoint, there are a few reports available to you that are specifically related to the security settings for Users, Roles and Screen Designer fields. All reports are located under My Stuff > Reporting.

Once you are in the Reporting menu, you'll see four tabs across the top of the page. The Favorites tab is where your personal and shared favorite reports are located.

The Reports tab contains the predefined standard reports that come with Vantagepoint.

The Running tab will show you a list of reports that are currently in the process of being run, and Archived contains reports that have been run and archived for a specified amount of time.

The screenshot on this slide displays a list of the standard administration reports, which include Role Summary, Field Security, and User Accounts.

The Role Summary Report provides detailed information for each ecurity role based on the Report Options, Access Rights and Query information that you select in the Report Options.

The screenshot of the report on this slide is the very top of the report; the report is too long to display in its entirety on this screen. Depending on what you select in the Report Options for each role, you can see the settings that have been defined on each of the tabs in the Role Setting screen: Overview, Record Access, Accounting and Planning tabs.

You can also choose to see any, or all of the Access Rights settings for the role, including which companies users assigned to this role have access to, the Favorite Reports, Saved Searches and Saved Options members of this role can use, Application Tabs that are visible to users assigned to this role, Reports this role can run, and all Users that are assigned to the particular role.

The User Accounts Report provides some of the key values for each user that has been set up in Vantagepoint, including the Username, the Role that the user has been linked to, which affects what the user will be able to do and see in Vantagepoint.

The Employee Name and Number that the user is linked to, which is important in some applications like timesheets, and expense reports whether or not the user account has been disabled. If the user needs to change their password the next time they log in, whether or not they are using Windows Authentication, or Multi-Factor Authentication for login, and the current status of the user.

A best practice would be to either print a hard copy of the Role Summary and User Accounts Reports once the roles and users have been set up, or download and save a copy of these reports. That way, if someone changes some of the settings or if you lose your data for unforeseen reasons, you have a copy of the settings to refer to if you ever need them.

The Field Security Report shows you a list of fields that were locked or hidden for one or more roles using the Screen Designer in the Application Hubs, and any User Defined Hubs that have been created in your environment.

You can print this for all roles, or you can select an individual role, and if you do print this report for just one role, your report results could include more roles than you selected. And that's because the report displays the role that you selected, and any additional roles that are listed for any hidden or locked fields on your report.

This would be a really good report to use if you need to create a new role with security settings that match an existing user role. Just run the Field Security Report for that existing role to list all of the security details for the respective fields, and then apply the same rights for the new role that you're creating.

In this demonstration, we'll look at the Security Settings Reports.

Security reports are located under My Stuff > Reporting. Go to the Reporting tab and select the Type Equals Administration.

On the Role Summary Report, open the Report Options to select which tab details you want to include on the report and which access rights you want listed on the report. Use the Records selection box at the top of the Options page to select the specific roles to include on the report.

You can use the Search option to search for roles, or you can leave it blank to include all roles, and then click Run to preview the report.

Let's close that report and go back to the report list and select the User Accounts Report. Now in this report the options for this report, all we can do is select the layout for this report, and then go ahead and click Run when you're ready to preview it. When the preview displays on your screen, you can use the icons at the top of the report to download the report to a file. You can search for a specific record on the report or you can print it to your printer.

Let's go back to the reports list, and on the Field Security Report, in the options for this report, I'll select to go ahead and run this for the Administrator role, and then preview the report.

You can see here that it lists roles other than the Administrator role. So we can see the CRM Admin role, Default role, Marketing role, and that's because these other roles share the same security properties on those same fields.

If you have the Settings Audit Trail turned on in Settings > General > Audit Trail form, you'll see some additional reports on the Standard Administration Report list that can be run. If you enable the Roles Audit Trail, you'll see a Role Audit Report and a Role Audit Detail Report.

The Role Audit Report shows the roles and dates for each Update, Delete and Insert action performed on records in the roles form and Security Settings. The Roles Audit Detail Report will also show you a comparison of Old and New Values by Column Name.

If you enable the Users Audit Trail, you'll see a User's Audit Report and a User's Audit Detail Report.

The User Audit Report lists user records that were modified; the operation performed on the user record whether it was Insert, Update, or Delete; modification date and time; and which user made the modification. The User Audit Detail also shows you a comparison of the Old and New Values by Column Name.

If you enable the Screen Designer Audit, you'll see a Screen Designer Security Audit Report and a Screen Designer Security Audit Detail Report.

The Screen Designer Security Audit Report lists the hub record that was modified; the operation that was performed on the hub record, whether it was Insert, Update, or Delete; modification date and time; and which user made the modification. The Screen Designer Security Audit Detail Report also shows you a comparison of the Old and New Values by Column Name.

When Audit Trail is enabled on the Audit Trail tab of the General System Settings form, there's a field where you can specify the number of days that you want to retain hub audit history for. For example, if you enter 20, all hub audit trail information older than 20 days is deleted. However, this setting does not apply to the Settings Audits.

So if you turn on audit history for Roles, Users Screen Designer or Exchange Rate, this audit data does not purge automatically, which means you can potentially end up with a large amount of audit data, especially if you are tracking all of the settings areas. Fortunately, Vantagepoint contains an audit purge utility that allows you to purge the accumulating settings audit data.

The Settings Audit Purge Utility is located in the desktop application, and you must have security access rights to the menu item in order to be able to access it. It's located under Utilities > Updates > Audit Purge in the desktop application.

The Audit Purge Utility can be used to remove data from the settings log records. When you're ready to purge audit trail data, you can specify a start and end date for the purge for each application. You can purge settings audit data as needed, or you can use the Schedule feature to set up a recurring job to purge the audit data.

You can select one or more of the individual audit areas to purge at the same time, or you can use the All Applications option to purge all four applications at the same time for the selected date range.

Before you permanently remove audit data, you will see a warning message and you must review and confirm that before you delete the audit data. And then a completion message will display at the end of the purge process that lists the number of records that were purged.

In this demonstration, we'll enable the Settings Audit Trail, preview the Settings Audit Trail reports, and run the audit purge utility.

To enable settings audit trail, go to Settings > General > Audit Trail.

In the Settings Audit Trails section, check the box to Enable Settings Audit Trail, and then select whichever one applies: Roles, Users, Screen Designer Security, Open and Closed Periods, and Exchange Rates, if that applies in your database. Audit trail tracking will begin as soon as you enable it, so it is not retroactive.

The Number of Days to Save Audit History field at the top of the screen applies to Hub Audit history only. So if I enter, let's say 30 in here, and I have all of the hubs selected, all Hub Audit Trail information older than 30 days will be deleted automatically. They might want to set this to a longer amount of time, maybe 90 150, or even 365 days. Just keep in mind that the more audit trail history you retain, the more space that'll take up on your system.

When you save your changes, you need to make sure to log out and log back in again in order to see the audit reports on your report list. So I'll go ahead and log out and log back in.

To run the audit reports go back to My Stuff > Reporting and on the Reports tab, select the Type Equals Administration. And now you can see the audit reports on your standard report list for all of the ones that you selected. So if I had only selected Roles in Settings, I would only see the Roles Audit Reports here.

Let's start with the Role Audit Report. The options on the Options tab, you can select a timeframe that you want to see audit activity for, you can select the user that made the modifications. Or you can select which type of modifications you want to see Insert, Delete, Update or All modifications. If you just enabled the Audit Trail, the audit reports will be blank until there's some activity in the settings area.

There's our preview of that report. Let's go back to the Role Audit Detail Report. And this has similar options. When this report displays, you'll see that it's going to include the Old and New Values for columns that were changed. And these are columns that were changed in Role Settings.

Okay, now let's go look at the User Audit Report. The options are similar to what we just saw on the Role Audit Report. And close that.

Let's look at the User Audit Detail Report. This will include the Old and New Values for columns that were changed on the User Settings.

And the last one here is the Screen Designer Security Audit Report. There haven't been any changes made in Screen Designer since the Audit Trail was enabled. So the report is going to be empty, but we'll display it and there's our preview.

Okay, and that is the Security Audit Reports. Next, we're going to take a look at the Audit Purge Utility and this is located in the desktop application. So I'll switch over to the desktop application now.

So in the desktop application, you'll open up Utilities > Updates > Audit Purge. You can select individual settings if you only wanted to process the purge for Roles or Users, or Screen Designer or you could select All Applications. So here I'll go ahead and select just Roles. And then you would select the purge start and purge end dates. So I'll process the purge for May 2021. So May 1 to May 31 of 2021.

You can click Schedule to run the purge at a later time and a message will appear telling you how many records will be deleted, or if I cancel out of that you can just click Run and it will process that purge immediately.

And that concludes this demonstration.

In this course, we covered how to print the Security Settings Reports for Roles, Users and Field Security, where to enable the settings audit trail, and how to purge settings audit history.

Thank you for attending this course. For feedback or comments, please contact us at DeltekUniversity@dlz.deltek.com, and please check the Deltek Learning Zone for additional courses.