Security Management System User Manual
Contents
1. SM CHBRLO Change Branch to Home Branch In Order to Logoff SM CHBRSO Change Branch to Home Branch In Order to Signoff SM CLBRNO1 Branch User Profile Updated at Host SM CLS001 Users attached to Role Close SM CV001 Sequence no cannot be null SM CV002 Sequence no is a numeric field SM CV003 Group ID cannot be null SM CV004 Module code cannot be null SM CV005 Source code cannot be null SM CV006 Template ID cannot be null SM CV007 Duplicate broker ID SM CV008 Liquidation code cannot be null SM CV009 Duplicate details in record not allowed SM CV010 Basis amount to cannot be null SM CV011 Floor basis amount has to be less than basis amount to SM CV012 Rate cannot be null for percentage type SM CV013 Min amount cannot be more than floor charge for percentage type SM CV014 Max amount cannot be less than floor charge for percentage type SM CV015 Flat amount cannot be null for flat amount type SM CV016 Invalid rate rate is too high SM CV017 Floor basis amount cannot be null SM CV018 Floor charge cannot be null SM CV019 Basis amount to cannot be less than basis amount from 4 12 ORACLE Error Code Message SM CV020 Duplicate rule code SM CV021 Minimum amount must be less than maximum amount SM CV022 Maximum amount must be more than minimum amount SM CV023 Rule cannot be null S2. eese eene enne 2 6 2 2 7 Password RestrictlOWsu siii iE EE EN ERE EE FUN ERE 2 7 2 3 USER DETAILS MODIFICATION IN hEN nnne tnnt 2 8 2 4 CREATING COMMON BRANCH RESTRICTIONS enne 2 10 2 9 DEFNINGEUNCTIONS eT RE HERO eene per bee Rp he ete pue 2 12 2 6 DEFINING A USER ROLE htec ee et ee E eee Pune bar erre eder ge 2 15 2 6 1 The Procedure for Defining Role Profiles eese 2 16 2 6 2 Defining Functions for a Role Profile esee eese eene entente nennen enne 2 16 2 6 3 Branch Restriction ise ie desee tet vet loas les ade redo ei vete Pa 2 17 2 6 4 Account Class Restriction eese ene 2 18 2 6 5 eaii eni 2 18 2 6 6 Password Restriction ied dee tee ovni oes tet avo ede dde Reed Ri vec pae de Rea 2 20 2 6 7 Copying the Role Profile of an Existing Role seen 2 21 2 6 8 Closing Role Profile 4 iis eae ee d ede dete de eoe de e edidere 2 21 2 6 9 Defining Roles for Oracle FLEXCUBE Branch Users esee eene 2 21 2 7 DEFINING AE IMITS ROLE rede ue iet ce Pe E e ous eee Rer er vex dass 2 22 2 8 DEFINING USER HOLIDAYS ese ux Ee te
3. Category Description Tab Maintenance Functions relating to the maintenance of static tables On line Functions relating to contract processing Batch Functions relating to the automated operations like automatic liquidation of contract interest etc Reports Functions relating to the generation of reports in the various modules Process Functions relating to access rights for the tasks under a process Click on the corresponding category tab to associate the required functions as described below To add a function click add icon At Function Identification you should select the function for which you want to give rights The adjoining option list displays a list of Function IDs belonging to the category along with their descriptions From this list you can pick up the function for which you want to give access rights by double clicking on it when it is highlighted You can then specify the rights to the different actions for the functions by checking against the action 2 40 ORACLE 2 10 6 Tills You can restrict the user from using certain tills maintained at your bank Such restrictions can be specified in the Tills screen Click Tills button to invoke the Tills screen Till Restriction Allowed Disallowed 1010 O Tid You can either allow or disallow the user from using certain tills e Select the option Allowed if you want to allow the user to manage certain tills
4. Branch Restrictions list Into each added record s field select the required branch by clicking the adjoining option list Note the following e The branch in which the user profile is defined is known as the Home Branch The branches the user can access are known as the Host Branches e You should create an ID called GUEST in each branch When a user belonging to the Staff category changes the branch of operation he can perform the functions defined for the GUEST ID in the Host Branch 2 45 ORACLE 2 10 11 Products You can restrict the user from using certain products maintained in FLEXCUBE Such product restrictions for the user can be specified in the Products screen Click Products button and the Products screen will be displayed Products Products 1017 Product Code x Product Description Posting Restriction Allowed Disallowed Products 1017 Product Code x Product Description o E Access Restriction Allowed Disallowed In this screen you can place the following restrictions on the User Profile e Posting Restriction e Access Restriction Users who have posting restrictions will not be able to process transactions involving restricted products Users with access restrictions will not be allowed to view or print financial details of contracts involving restricted products To allow or disallow the user from posting into accessing certain products by
5. eese 5 8 5 6 SMS USER INACTIVE LOG REPORT esses eren en eetn nnns seen et ente genesis stet ee tends sss 5 8 5 6 1 Contents of the Inactive Users Log Report eese eene nene nee ee nente nennen 5 9 5 7 ONLINE PERFORMANCE STATISTICS REPORT sssssscecececeessssscecececeesesececececeeseaesecececeeseaeaeceeeceesennsaeeeeecs 5 10 5 7 1 Contents of the Online Performance Statistics Report eese eene eene 5 10 5 8 BATCH PERFORMANCE STATISTICS REPORT ssessssesececsesesececececeeseuececececeesensesecececseseeaeeeeeceesentsaeeeeees 5 11 5 8 1 Contents of the Performance Statistics report esses eene nennen rennen 5 12 5 9 CHANGE CONTROL LOG REPORT ccsssessscecececsessnaececececsessaaececececsesaaececececseseaecececeesessaaaaeseceesesentsaeeeeees 5 13 5 9 1 Coritents of the R pOTt tle t eade ee bse te eo pe e ID yds ee ge Re tS 5 14 5 10 EVENT EOG REPORT 2 a eere ect ree Pe EU eere leves e E EROR C Nee 5 15 3 10 1 Contents of th Report iced ede e tet eet dede dne dre Pee E a tbe e Te Ie ede eere tet 5 16 5 11 CHANGES EOG REPORT etre reete ertet ere pe ec e ores ed ERR Exe E eee 5 17 DAT Contenisof th Reporta gae deste e dita eee dee gine ee R t de de e AT e ede er Ee te gd 5 17 5 12 NEW USER CREATED REPORT reete erret edere p eee e creep nose ve eee ese ves Dre eee ee a ey 5 18 2 12 1 Conten
6. Branch Restrictions E Branch Code Description ol Input By Authorized By Modification Date Time Date Time Number Authorized Open In this screen you create common branch restrictions by specifying the information described below User Branch You must first select the home branch of the administrator for which you are maintaining common branch restrictions in the User Branch field 2 10 ORACLE Restriction Type You must also indicate the specific application for which you wish to maintain common branch restrictions for the administrator of the selected branch You can only specify a restriction type that has been maintained in the SMS Branch Restriction Type maintenance Branch Restriction You maintain common branch restrictions by creating a list of branches for each administrator in which the administrator will either be allowed disallowed access to perform operations related to the selected application Restriction Type You can maintain either an allowed or a disallowed restriction list The common branch restrictions you maintain are applicable for operations in the selected application Restriction Type in the home branch User Branch of the administrator and the list of allowed disallowed branches Example You have created the following common branch restrictions Home Branch Restriction Type Allowed Branches 000 USRADMIN 000 001 002 005 001 USRADMIN 001 006 00
7. ReportFormat PDF PrinterAt Client Report Output Print Printer Specify the following details 5 11 ORACLE Report You can indicate the following details for report generation Batch Specify the batch for which the report has to be generated The adjoining option list displays the list of all batches available in the system You can select the appropriate one However you can leave this field blank if you have mentioned the branch This will imply that the report needs to be generated for the given branch across all batches Branch Specify the branch for which the report has to be generated The adjoining option list displays the list of all branches available in the system You can select the appropriate one However you can also leave this field blank if you have mentioned the batch This will imply that the report needs to be generated for the given batch across all branches Period Select the period within which the data for report generation should be fetched Start Date Indicate the date from which records should be considered for report generation using the adjoining calendar End Date Indicate the date until which records should be considered for report generation using the adjoining calendar 5 8 1 Contents of the Performance Statistics report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows He
8. SMDTXNST in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button For each Transaction Status the record status Authorized or Unauthorized could also affect the Action buttons Some of the statuses that a Contract could have are e Y Irrevocable e A Authorized e U Unauthorized e V Reversed e L Liquidated e S Closed e H Hold e K Cancelled e N NON CUMULATIVE e T TIME e O OUR Transaction Status Control Maintenance Transaction status Maintenance W Transaction Authorization Copy Delete Closed Unlock Reopen Authorize Check the box against a transaction record to select the actions allowed for that transaction Following are the actions that are allowed on a record e New e Copy e Delete 3 7 ORACLE e Close e Unlock e Reopen e Print e Auth e Reverse 3 9 Maintaining Error Messages Error codes provide step by step support for maintenances and contract Input for a User The Error codes are uploaded into the system at Software installation However the Description and Type of the error can be modified from the Oracle FLEXCUBE Menu Each Error Code can be of the following types e Override O e Ignore Warning 1 e Error E You can maintain error messages using the Error Messages Maintenance screen You invoke this screen by typing CSDE
9. You can stipulate the allowable number of cumulative invalid attempts made during the course of a day as well as the allowable number of consecutive or successive invalid attempts made at a time In either case if the number of invalid attempts exceeds the stipulated number the user ID is disabled 2 2 ORACLE By default the allowable number of cumulative invalid attempts is six and the allowable number of consecutive invalid attempts is three You can change the default and specify the allowable number of attempts in each case You can specify an allowable number for cumulative attempts between 6 and 99 and for consecutive successive attempts between 3 and 5 Once specified you can change the allowable number of cumulative or consecutive login attempts provided you do so only at a time when no users are logged in to the system When authentication of credentials is unsuccessful due to an incorrect user ID then the user id will not be logged in the audit logs In case the user id is correct and the password is wrong the attempt is logged in the audit log and the successive and cumulative failure count is incremented When the user id and password are correct this is logged into the audit logs 2 2 2 Specifying Parameter Archival Period in Days You can specify the period in calendar days for which the audit trail details of system security related activities such as usage of the system by a user activities by the system administr
10. e Select the option Allowed if you want to allow the user to post entries into access certain products e Select the option Disallowed to disallow the user from posting accessing certain products After choosing the Allowed or Disallowed option click add icon to add a record under the Products list Into each added record s field select the required Product Code by clicking the adjoining option list Note the following 2 46 ORACLE e f for a product the Access restriction has not been maintained but Posting is allowed the restricted user can post transactions for that product and can view the contract information until such time that the contract gets authorized e Forthe PC module you can apply restrictions on product categories 2 10 12 Group Code Restriction You can restrict the group code for the selected Oracle FLEXCUBE user id using Group Code Restriction screen To invoke this screen click Group Code Restriction button in User Maintenance screen Group Code Restriction Group Code Allowed Disallowed Group 10710 Group Code Group Description Group Code Specify whether the group code is allowed or disallowed for the Oracle FLEXCUBE user ID You can select one of the following e Allowed e Disallowed Group Code Specify group code which is allowed or disallowed for the Oracle FLEXCUBE user You can select any or all of the following e Retail e Cor
11. Common Branch Restrictions According to the restrictions you maintain the administrator of a specific branch is allowed to perform specific operations in the administrator s home branch as well as any branch found in the list of allowed branches According to your requirements the implementers at your installation configure a list of the specific functions or applications for which you might wish to maintain such branch restrictions You can maintain branch restrictions for each of these applications as required In the Branch Restrictions screen you can specify the applications for which you intend to maintain branch restrictions To invoke the Branch Restrictions screen click Branch Restrictions button in the SMS Bank Parameters Maintenance screen 2 6 ORACLE Branch Restrictions Branch Restrictions W Restriction Description For maintaining the Branch Restrictions for an application click add icon to add a record to the list Then click on each field s option list to select the application for which you intend to maintain branch restrictions You cannot create common branch restrictions for an application that you have not specified in this screen Example You wish to restrict branch administrators from performing operations in the following applications in branches other than their home branch e User administration creation modification and viewing of user pro
12. It is likely that users working in the same department at the same level of hierarchy need to have similar user profiles In such cases you can define a Role Profile that includes access rights to the functions that are common to a group of users A user can be linked to a Role Profile by which you give the user access rights to all the functions in the Role Profile The roles defined will be effective only after dual authorization 2 15 ORACLE 2 6 1 The Procedure for Defining Role Profiles Role profiles are defined in the Role Maintenance screen You can invoke this screen by typing SMDROLDF in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button The screen is as shown below Role Profile Definition Role Id Role Description Centralisation Role Process Stage Rights Acc Class Restriction Branch Restriction Rights Password Restriction Web Branch Branch Limit Maker Date Time Checker Date Time Record Status Authorization Status 2 6 2 Defining Functions for a Role Profile After you have defined the basic attributes of a role profile the Role Identification Description you should define the functions to which the role profile has access Check centralization role to specify that the role is applicable for centralized users The role is automatically associated with all branches accessible to you if the multi branch operational parameter is enabled
13. The various functions in the system fall under different categories To assign a function to a role in the Role Maintenance screen you must click the function category button to which the function belongs The function category buttons in the Role Maintenance screen are as follows e Maintenance Functions related to the maintenance of static tables e Reports Functions related to the generation of reports in the various modules e Batch Functions related to the automated operations like automatic liquidation of contract interest etc e OnLine Functions related to contract processing e Process Functions related to workflow e Class Restriction Functions related to restricting the role from using certain account classes 2 16 ORACLE e Branch Restriction Functions related to restricting the association of roles to certain branches e Rights Functions related to giving necessary rights for perform various operations in respect of incoming and outgoing messages e Password Restriction Functions related to creating a list of words that the users having a certain Role are likely to use as Passwords and on which restrictions can be placed e Web Branch Functions related to the Teller Module for the role of branch users e Branch Limit Function related to setting up Branch limits e Fields Functions related to User Defined Fields The lower portion of the Role Description screen has button
14. password SM 00050 Control clerks passwords do not match Retype passwords again SM 00060 There are users currently logged in with a lesser time level Do you want to change SM 00070 You are currently executing some functions Exit from those functions and try again SM 00080 User ID already exists SM 00081 Negative amount not allowed SM 00082 Start cannot be before today SM 00083 End date cannot be before start date SM 00084 Start date cannot be null SM 00085 User profile saved SM 00086 Could not save user profile SM 00087 User profile deleted SM 00088 Could not delete user profile SM 00089 Mandatory or not null fields are missing SM 00090 Role ID already exists SM 00091 Users attached to the role Cannot delete 4 2 ORACLE Error Code Message SM 00092 Role deleted SM 00093 Invalid role ID SM 00094 Currency code not defined SM 00095 Branch code not defined SM 00096 Customer no not defined SM 00097 Customer category not defined SM 00098 Role profile saved SM 00100 Cannot delete the role There are users attached to this role SM 00101 Cannot delete function There are users attached to this function SM 00102 Cannot modify function There are users attached to this function SM 00103 Do you want to delete the user SM 00104 Do you want to delete the role SM 00105 Cannot delete role Users attached to role SM 00110
15. 5 15 Role Profile Report The Role Profile report provides details of the role profiles You can invoke the screen by typing the code SMRROLPR in the field at the top right corner of the Application tool bar and click on the adjoining arrow button ORACLE 5 24 Role Profile Report Role Profile Role From Date To Date All Single Report Format Printer At Client Report Output Printer You can specify the following parameters Role Profile You can generate the report based on the following role criteria The following options are available for section e All e Single Role Specify a valid Role ID for which you want to generate the report from the adjoining option list if you have selected Single 5 15 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated 5 25 ORACLE Field Name Field Description Module Indicates module for which report is generated Body of the R
16. Account for the user Maintenance George 001 LD Contract No Automatic authorization not enabled Online for branch 001 George 000 Customer Yes Input and Authorize rights enabled Account for the user as well as automatic Maintenance authorization rights enabled for the user branch and function The user can also authorize any maintenance done by the user Ronald in this function Smith 000 LD Contract No Authorization access not enabled Online for the user For more details about automatic authorization consult the Common Procedures user manual User Identification Specify the User Id with which a User logs into Oracle FLEXCUBE This User ld is unique across all branches The minimum length of Userld must be six and the maximum number can be 12 characters User Reference Specify an external reference number for the User Id User Password Password Specify the Users Password here This is a Hidden Field The Password set must not be a restricted word It should also be governed by the parameters set in the SMS Bank Parameters table like Maximum and Minimum length Number of Alphabetic and Numeric characters etc 2 34 ORACLE If the application level parameter which indicates the auto generation of the password is required or not is set to Y Yes then this field will be disabled and the system will create a random password in accordance with the parameters maintained at the level of the
17. Activation key contains irrelevant characters Wrong activation key SM 00502 Installation with this key already done Cannot duplicate SM 00503 Installation not done Contact BSA or Oracle Financial Services representative SM 00510 No branches defined for user SM 00520 Could not delete function Role attached SM 00530 Could not delete function Users attached SM 00171 Max password Length can not be null SM 00172 Min password Length can not be null SM 00173 Min password alphabets length can not be greater than Max password alphabets length SM 001 74 Min password alphabets length can not be greater than Max password length SM 00175 Min password alphabets length Max password numeric length can not be greater than Max password Length SM 00176 Min password alphabets length Min password numeric length can not be greater than Min password Length 4 4 ORACLE Error Code Message SM 00177 Min password numeric length can not be greater than Max password numeric length SM 00178 Min password numeric length can not be greater than Max password length SM 00179 Min password numeric length Max password alphabets length can not be greater than Max password Length SM 00180 Max password alphabets length can not be lesser than Min password alphabets length SM 00181 Max password alphabets length can not be greater than Max password length SM 00183 Max password numeric
18. FLEXCUBE Click Acc Class Restriction to specify the account class restrictions The Account Class Restriction screen is displayed The screen is as shown below Acc Class Restriction Acc Class Restriction 1010 Account Class Description Account Class Restriction Allowed Disallowed You can either allow or disallow association of the role with certain account classes Subsequently specify the account classes which have to be restricted for the role After choosing the Allowed or Disallowed option click add icon to add a record under the Account Class Restrictions list Into each added record s field select the required account class from the adjoining option list For more details about account class restriction refer Account Class Hestriction at User Hole maintenance and User Profile maintenance levels of this user manual 2 6 5 Rights For a role profile you can specify the necessary rights to perform various operations in respect of incoming and outgoing messages in the Messaging module of Oracle FLEXCUBE You can grant specific permissions for operations on messages as well as allot the messaging queues to which the role has access In the Role Maintenance screen click Rights button to open the Rights screen Here you can grant the rights pertaining to the Messaging module to the role The screen is as shown below 2 18 ORACLE Grant Rights Limits Auth Reinstate Change Pr
19. Print Test Check Hold Auth Cancel Auth Test Input Auth Change Node Change Address Oe uU 9 Queues 1015 Queue D F Check against the messaging operations for which you want to grant the permission Granting rights pertaining to operations on messages You can grant permissions for the following operations on outgoing messages e Generating a message e Printing a message e Placing a message on hold e Releasing a message on hold e Canceling a message e Inserting a test word e Reinstating a message e Changing the priority of a message e Requesting status of a message e Requesting cancellation of a message e Changing the media through which a message is transmitted e Changing the address to which a message is to be sent e Moving a message to another branch e Changing the node from which a message should be generated 2 38 ORACLE e Authorization of any of the operations listed above in respect of outgoing messages You can grant permissions for the following operations on incoming messages e Printing a message e Authorizing a test word e Routing a message to a queue e Associating a message with a contract e Uploading incoming messages e Making changes edit incoming messages You can also grant permissions for changing the branch and the address in incoming messages e Authorizing changes made to incoming e Force Release payment message tr
20. Specify the role assigned to the user for the selected branch The option list displays all valid roles maintained in the system Choose the appropriate one You can assign the role of Relationship Manager to a user by selecting RM ROLE Role Description Based on the role selected the system displays the role description Click add icon to add a record under the Roles list Specify the above details to attach more roles to the user To delete a role s that has been attached to a user profile check the box beside it and click delete icon 2 10 4 Rights A user should have the necessary rights to perform various operations in respect of incoming and outgoing messages in the Messaging module of Oracle FLEXCUBE You can grant specific permissions for operations on messages as well as allot the messaging queues to which the user has access In the User Maintenance screen click Rights button to grant these rights pertaining to the Messaging module to the user The screen is as shown below 2 37 ORACLE Grant Rights Release Install Auth Reinstate Hold Cancel Test Input Change Node Change Address Release Change Media Auth Branch Move Change Priority FT Upload Link Contract Move To Queue Reinstate Change Branch In Change Address In Auth Rights Change Message Auth Change Message Change Force Cover Match Change Force Release Fund Suppress Delete Change Media Change Priority Branch Move
21. User name Indicates User name Category Indicates Category Language Indicates Language Time Level Indicates Time Level Status Indicates Status Status Changed On Indicates Status Changed On Last Signed On Indicates Last Signed On 5 23 ORACLE Field Name Field Description Password Changed Indicates Password Changed Cumulative Invalid Indicates Cumulative Invalid Logins Logins Start Date Indicates Start Date End Date Indicates End Date Successive Invalid Logins Indicates Successive Invalid Login Max Input Limit Indicates Maximum Input Limit Max Authorization Limit Indicates Maximum Authorization Limit Max Online Authorization Limit Indicates Maximum Online Authorization Limit Roles Attached Indicates ID and description of the roles attached for the User Functions Allowed Indicates ID and description of the functions allowed for the User Functions Disallowed Indicates ID and description of the functions disallowed for the User Branches Allowed Indicates branch code and name of the branches allowed Account Class Allowed Indicates the account class and description of the account classes allowed Branches Allowed Indicates ID and Name of the tills allowed Tills Allowed Indicates the code and description of the tills allowed Products Allowed Indicates the code and description of the product allowed
22. access to the system is a basic parameter that determines the robustness of the security in banking software In Oracle FLEXCUBE we have employed a multi pronged approach to ensure that this parameter is in place Only Authorized Users Access the System First only authorized users can access the system with the help of a unique User ID and a password Secondly a user should have access rights to execute a function User Profiles The user profile of a user contains the User ID the password and the functions to which the user has access Restricted Number of Unsuccessful Attempts You can define the maximum number of unsuccessful attempts after which a User ID should be disabled When a User ID has been disabled the Administrator should enable it The password of a user can be made applicable only for a fixed period This forces the user to change the password at regular intervals thus reducing security risks Further you can define passwords that could be commonly used by a user as Restrictive Passwords at the user user role and bank level A user cannot use any password that is listed as a Restrictive Password at any of these levels Restricted Access to Branches You can indicate the branches from where a user can operate in the Restricted Access screen All Activities Tracked Extensive log is kept of all the activities on the system You can generate reports on the usage of the system anytime These reports give details of unsu
23. access to this function SM 09999 Internal error unhandled exception raised SM 10000 Do you want to reset cumulative invalid logins to 0 SM 10001 Head office branch code is not valid SM 10002 Language code must be 3 characters SM 10003 Branch is closed SM 10004 Number of invalid logins since last logout 1 SM 10005 This Function has been linked to a role SM 3001 User does not have rights SM 3002 Incorrect User ID or password SM 555555 Sign off allowed only from home branch SM 555556 Logout allowed only from home branch SM 555557 Triggers in the database are disabled Please contact System Administrator SM 66666 Amount exceeds users authorization limit 4 8 ORACLE Error Code Message SM 66666 Amount exceeds users authorization limit SM 700007 Terminal ID should be Four Characters in Length SM 7001 Invalid User Id or Password SM 7002 User does not have rights SM 7003 Invalid Login SM 7004 User already logged in SM 7005 User Status is Disabled SM 7006 User Status on Hold SM 7007 Your Time level does not permit you to Login SM 7008 Please change Password now SM 7010 Password file missing or corrupt SM 7011 Oracle built in problem SM 7012 Password due to expire on 1 SM 7013 User Profile expired SM 7014 Wrong Password SM 7015 Enter Password again SM 7016 The New and Confirmed Passwords do not match SM 7017 Enter Passwords again S
24. bank The new password will be send to the respective user via mail Password Changed On The date when the password was last changed gets displayed here Email Specify a valid Email id at the time of user creation All system generated passwords shall be communicated to the user via this mail id Start Date Specify the date from which the User is valid The Branch date gets defaulted if no other value is specified End Date Specify the End Date upto which the User is valid By default the user does not have an End Date associated unless otherwise specified Invalid Logins Cumulative The number of Cumulative Invalid Login attempts allowed for a User before the User status gets Disabled is specified in the SMS Bank Parameters screen The actual attempts that a user makes when he logs into Oracle FLEXCUBE get displayed here Successive The number of Successive Invalid Login attempts allowed for a User before the User status gets Disabled is specified in the SMS Bank Parameters screen The actual attempts that a user makes while he logs into Oracle FLEXCUBE get displayed here 2 10 2 Restricted Passwords You can maintain a list of passwords that the user is most likely to use For example a user may tend to use the names of persons bank department etc as a password as these are easy to remember This might be a security risk as it will be easy for another person to guess a password To prevent this you can maintain a
25. before saving it 2 10 18 Deleting a User Profile Enter the User ID The details defined will be displayed Select Delete from the Actions menu in the Application toolbar to delete an existing user profile Only users that have not been authorized can be deleted by the creator You will be prompted to confirm the deletion The user profile will be deleted only if you confirm the deletion 2 10 19 Closing a User Profile Users Ids that are no longer usable can be closed For Closing Enter the User ID The details defined will be displayed Select Close from the Actions menu in the Application toolbar to close an existing user profile The profile can be closed only if the User is currently not logged on to the system You will be prompted to confirm the Closure The user profile will be closure only if you confirm the Closure 2 11Specifying Department Details Oracle FLEXCUBE allows you to maintain department details in the system However only privileged administrative users can edit the department details You can capture department details in the Department Maintenance screen You can invoke this screen by typing SMDDPTMT in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button 2 53 ORACLE Department Maintenance New Department Details Department Code Department Short Name Department Description Maker Date Time Checker Date Time Record Status Authoriz
26. e Select the option Disallowed to disallow the user to manage certain tills After choosing either the Allowed or Disallowed option click add icon to add a record under the Tills list Into each added field select the required Till Id by clicking the adjoining option list 2 10 7 Account Classes You can restrict the user from using certain account classes that are maintained in Oracle FLEXCUBE in two ways e You can map an user role which has an account class restriction at User Role level for an allowed branch in the Roles button at User Profile level Restricted account classes can be viewed in Account Class option list at User Role level and not at User Profile level e Select account classes from the Account Class option list and then select an option from the following at User Profile level Allowed Select to allow selected account classes and disallow unselected account classes gt Disallow Select to disallow selected account classes and allow unselected account classes In both the cases user can query customer accounts belonging to restricted account class However the system will not allow creation and modification of an account under restricted account class Click Account Classes button to specify such account class restrictions 2 41 ORACLE L Account Classes Account Class Restriction Allowed Disallowed Account Classes 10f10 Account Class You c
27. following options are available for section e All e Single Role Level Specify a valid role level for which you want to generate the report from the adjoining option list if you have selected Single Branch Options You can generate the report based on the following branch criteria The following options are available for section e All e Single Branch Code Specify a valid branch code for which you want to generate the report from the adjoining option list if you have selected Single 5 16 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated 5 27 ORACLE Field Name Field Description Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report Field Name Field Description Branch Indicates Branch Code Branch Name Indicates Branch name Role ID Indicates Role ID User ID Indicates User ID Status Indicates Status No of Users This indica
28. length can not be greater than Max password length SM 00184 Max password numeric length can not be lesser than Min password numeric length SM 00185 Password can not contain more than 1 consecutive characters SM 00186 Password should contain atleast 1 Numeric characters SM 00187 Password should contain atleast 1 Alphabetic characters SM 00188 Min password alphabetic length can not be lesser than Min password length SM 00189 Min password numeric length can not be Greater than Min password length SM 00200 Maximum No of Consecutive Characters should be Greater than 0 SM 00201 The transaction amount exceeds the maximum input amount for the user SM 00202 The User is Un Authorized SM 00203 The Last Login date was 1 SM 00204 Failed to validate transaction limits for the User SM 00205 Limits Id already exists SM 00206 Dormancy Days Should be Greater than 0 SM 00207 Warning Screen Text can not be Null SM 00208 Role Limits attached to the User are Unauthorized SM 00209 Restriction type cannot be null SM 00251 Value for legal notice is needed SM 00252 Value for legal notice is not needed 4 5 ORACLE Error Code Message SM 00300 Values for user limits are not applicable for the chosen transaction limit SM 00301 Values for role limits are not applicable for the chosen transaction limit SM 00500 Mandatory values missing or null SM 00501 Activat
29. levels are maintained to prevent you from logging into the application when the system is processing EOC batch Before EOC Operations the time level of the system is increased so that itis higher than that maintained at the User level However if you are not logged out when the Time level is raised to the one higher than yours then you can continue to use the application You can modify time level at user profile level when branch is at Transaction Input stage After modifying the time level value to the value you need to maintain move the cursor to any other field and then click the save icon For more details refer the Security Management System User Manual Last Signed On This is a display field which shows the Date and Time of the Users last Login On each Sign on into the System this field gets displayed as a Message to the User information Message Information Message D gt Last Login 2012 11 07 06 11 19 Current Time 18 29 21 Staff Customer Rectification Required Check this box to restrict a staff user from viewing modifying or authorizing other staff customer account details If this box is unchecked then the staff user can view the CIF account details of other staff customers in the CIF Account Maintenance or any query screens The staff user can view his her own account details but won t be able to input or authorize a transaction irrespective of the selection of this box In this screen the Custo
30. list of passwords that the user should not use This list of restrictive passwords will be checked before a password is accepted when the user is changing passwords If the password entered by the user exists in the list it will not be accepted To specify a list of passwords that the user is not allowed to use click Restricted Passwords button in the User Profile definition screen 2 35 ORACLE Restricted Password Restrictive Password 10f10 O Password The user for whom you are defining the restrictive passwords cannot use restrictive passwords defined in the Bank Level Parameters screen and the Role Profile screen 2 10 3 Roles A Role is always associated to a User for a specific Branch The values set at the Role level are directly inherited by the User for that branch like Functions Ids Account Class and Branch Restrictions Input and Authorization Limits etc To attach the user profile you are defining to a role you must use the Roles screen Click Roles button and the Roles screen will be displayed The roles to be attached to the user profile can be listed under Roles list User Role Mapping 1010 0 Branch Code x Role Description Specify the following details Branch Code Specify the branch code assigned to the user role The option list displays all the valid branch codes maintained in the system You can choose the appropriate one 2 36 ORACLE Role
31. on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report 5 10 ORACLE Body of the report The following details are displayed in the report Function Id This indicates function action of the screen Function Id This indicates function ID of the screen Action This indicates the action performed on the Function ID Source This indicates the source of the report Max Response This indicates the maximum execution time for the action on the Function ID Min Response This indicates the minimum execution time for the action on the Function ID Average This indicates the average execution time of the report to be generated Count This indicates the execution count for the report to be generated Log Time Time of execution 5 8 Batch Performance Statistics Report This report provides the maximum minimum and average performance record of each batch operation across all the branches in Oracle FLEXCUBE It also has the option of generating report within a given date and time range You can generate this report using the Batch Performance Statistics Report screen To invoke this screen type SMRBASTA in the field at top right corner of the Application tool bar and click the adjoining arrow button Batch Performance Statistics Report Start Date End Date
32. profile definition form invoked SM 01017 SMS bank parameters definition form invoked SM 01018 Wrong control clerk password entered SM 01019 Function id is not available for current module SM 01099 Your Current amount decimal separator is not 1 Please ask IT to change machine oracle settings SM 01100 Entries in SMS bank parameters missing SM 01101 Could not get today s date for the head office SM 01102 Bank code not maintained in branch table SM 01103 Local currency not maintained in bank table SM 01104 User already signed on SM 01105 User 1 in branch 2 changed branch to branch 3 as user 4 SM 01205 Both Passwords expired Change Password Now SM 01206 Password1 expired Change Password Now SM 01207 Password2 expired Change Password Now SM 0200 Cannot restrict current password SM 02000 Internal error exception raised in 1 SM 02001 Enter from date 4 7 ORACLE Error Code Message SM 02002 Enter to date SM 02003 From date cannot be later than to date SM 02004 Enter from time SM 02005 Enter to time SM 02006 From time cannot be later than to time SM 02007 Select all users to use purge option SM 02008 Role ID should be entered SM 02009 User ID should be entered SM 05000 Installation successful SM 06001 User does not exist SM 06500 Document Long Description is Mandatory SM 0999 You do not have
33. specification is validated whenever a user changes the user password and is applicable for a password change of any nature either through the Change Password function initiated by the user or a forced change initiated by the system Example The value specified in the Maximum Consecutive Repetitive Characters field is 3 and a user decides to change his password to STUDDDD123 The System will not allow this password change as the Maximum Repetitive Characters value has exceeded in the recurrence of D in the password Minimum Number of Special Characters in Password You can define minimum number of special characters allowed in a user password The system validates these specifications only when a user chooses to change the password If you do not specify the limits the following default values will be used e Minimum No of Special Characters 1 Minimum Number of Numeric Characters in Password Likewise you can also define the minimum number of numeric characters allowed in a user password The system validates the password only when a user chooses to change his password If you do not specify the limits the following default values will be used e Minimum No of Numeric Characters 1 You can specify any number between 0 and 11 in each of these fields However you must ensure that the sum total of the minimum number of special characters and the minimum number of numeric characters is less than or equal to the Maximum Pas
34. your choice Oracle FLEXCUBE allows you to restrict the viewing and printing of Balances in case of accounts and financial details of contracts involving customers who also happen to be employees of your bank In order to enable this option while creating the User Profile of the employee you can link the customer number CIF ID of the employee with the User ID Supervisor Identification Specify the ID of the supervisor of the user The option list displays all valid supervisor identifications maintained in the system Choose the appropriate one In case of relationship managers you can also use this field to define the RM hierarchy For defining RM hierarchy in this method you need to select the RM user who is one level up in the hierarchical order as the supervisor If the user is the superior in the RM hierarchical order you can specify his her own user ID as supervisor ID The supervisor ID option list also shows the user ID of the user being maintained This means you can define an RM user as his her own supervisor The RM hierarchy defined in this method is enabled only if the checkbox RM Hierarchy Setup Required is not checked in Bank Parameters Maintenance screen Supervisor Name Based on the supervisor ID selected the system displays the name of the supervisor Department Code Specify the department code The adjoining option list displays a list of all the valid department codes maintain in the system You can choos
35. 2 ICCFRULE 002 005 006 005 EODOPERATN 002 005 006 006 ICRATES 004 005 006 The administrator of branch 000 can perform user administration for the branches 000 001 002 and 005 but not for 006 Similarly the administrator of branch 002 can create ICCF rules in branches 002 005 and 006 but not in branches 000 and 001 When the administrator of branch 000 attempts to create a new user in the User Profile screen the branches available in the Home Branch field in the screen will be 000 001 002 and 005 Note the following e The administrator of the head office branch is allowed to perform all operations in any of the other branches e When a new branch is created it must be manually added to the allowed disallowed list as required e For those applications Restriction Types that you have specified in the SMS Branch Restriction Types maintenance you must create the appropriate common branch restrictions in the Common Branch Restrictions screen If no restrictions have been created in the Common Branch Restrictions screen for a specific branch for an application chosen in the SMS Branch Restriction Types maintenance operations pertaining to the application will not be allowed from that branch e Toallow the administrator of a certain branch to perform operations pertaining to a specific application for all branches you can either maintain an allowed list with all branches selected or maintain a disallowed l
36. Branch field in the screen are only those allowed branches maintained in the Common Branch Restrictions for restriction type USERADMIN For details about the Common Branch Restrictions refer the section Creating Common Branch Restrictions in this user manual Example You have created the following branch restrictions Home Branch Restriction Type Allowed Branches 000 USRADMIN 000 001 002 005 001 USRADMIN 001 006 The administrator of branch 000 can perform user administration for the branches 000 001 002 and 005 but not for 006 When the administrator of branch 000 attempts to create a new user in the User Profile screen the branches available in the Home Branch field in the screen will be 000 001 002 and 005 Language Select the Language in which the Users screen have to be defined from the option list The Language Codes maintained through the Language codes screen will be available for selection Home Branch By default the Current Branch is displayed here All users have to be attached to a branch User Status Select the status of the user from the options available The options available are e Enabled e Hold e Disabled For a user to be able to login to Oracle FLEXCUBE his status should be set as Enabled The field Status Changed on displays the date and time when the Status of the User was last changed 2 28 ORACLE Customer Number For User Profiles of
37. Custom Function ID Specify a custom function id which can be used as an alias for the function id selected If you input this value in the field at the top right corner of the Application tool bar and click on the adjoining arrow button system will check for the mapped function id and will launch that function id screen Tanking Required Check this box to indicate that the maintenance records that are created or modified in the system for the function Id specified here need to be tanked till they get authorized The new or the modified records are written to the static tables only after authorization 2 13 ORACLE For more details on tanking of maintenance records refer the Core Services user manual Dual Authorization Check this box to enable dual authorization for records that are created or modified in the system for the specified function id If dual authorization is enabled then after creation or modification of a maintenance record an intermediate verifier First Authorizer has to verify the record before the record can actually be authorized o You cannot enable both Dual Authorization and Auto Authorization for a function id at the same time as they are mutually exclusive Remarks Required Check this box to enable capturing of maker remarks on the actions like save close and reopen of records belonging to the selected function id If this box is checked then system pops up a Maker Remarks window and forces th
38. Customer Code The customer whose accounts can be handled by the user Customer Name The name of the customer whose accounts can be handled by this user ee Passwords The passwords defined as restrictive passwords for the user ser 5 4 Changes Report This report gives details of maintenance done on the following screen e Static Parameters screen e Static User Profile Details screen e Dynamic User Profile Details screen e Static Role Profile Details e Static User Profile Details 5 6 ORACLE You can generate this report for a particular period using the Report screen To invoke this screen type SMRPCHLG in the field at top right corner of the Application tool bar and click the adjoining arrow button Report Report Output ReportFormat PDF Printer At Client Print Printer 5 4 1 Contents of the Changes Report The contents of this report are discussed under the following heads Header The Header carries the title of the report information on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report Body of the report The following details are displayed in the report Field Name The field that has been maintained Input by The Id of the person who input the details of the transaction Old Value The value in the field before it was modified New Value The value i
39. Function Id Unauthorized All Changes Print Copies Report Format Printer At Client v Report Output Printer You can specify the following parameters Report Options You can specify the following parameters Function ID Specify a valid Function ID for which you want to generate the report from the adjoining option list You can generate the report based on the following change criteria The following options are available for section e Unauthorized e All changes Print Copies Check this box if you wish to print copies of the report 5 11 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section 5 17 ORACLE Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report Field Name Field Description Maintenance Program Indicates Maintenance Program Action Indicates Action Modification Number Indicates Modificatio
40. Limit If the transaction amount that the user is attempting to authorize exceeds the authorization limit maintained for the Role the system displays an override message Selection of the OK button in the message window will allow the user to continue with the authorization despite exceeding the limits If the user selects the Cancel button he will not be able to continue with authorizing the transaction The role limits input and authorization would apply to a user with which the limits role has been associated for operations in any of the modules listed above that is payment transactions single entry journal transactions multi offset transactions 2 23 ORACLE 2 8 Defining User Holidays You can block a specific user login for a certain time frame by defining holiday slots for that user profile You can define holiday slots through the User Holiday Maintenance screen You can invoke this screen by typing SMDUSHOL in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button The User Holiday Maintenance screen is shown below User Holiday Maintenance Branch Code User ID Leave From Leave To Remarks Maker Date Time Checker Date Time Record Status Authorization Status Specify the following details Branch Code The branch code of the user selected in the User ID field is displayed here User ID Specify the user ID of the user for whom you wa
41. M 7018 The Password entered is Restricted Try another Password SM 7019 The Password entered has already been used Try another Password SM 7020 Length of Password is less than 1 characters SM 7021 Length of Password is more than 1 characters SM 7022 The Password string contains special characters that are not allowed Retype Password 4 9 ORACLE Error Code Message SM 7023 Password cannot contain more than 1 consecutive identical characters SM 7024 You cannot change Password today SM 7025 The password should be mix of alphabetic and numeric characters SM 7026 Control Clerks Passwords do not match Retype Passwords again SM 7027 There are Users currently logged in with a lesser time level Do you want to change SM 7028 User already exists SM 7029 Cumulative Invalid Logins Number should be greater than 5 and less than 100 SM 7031 Password prevent reuse value should be between 1 and 5 Minimum SM 7032 Password length should be between 6 and 10 SM 7033 Maximum Password Length should be between 9 and 12 SM 7034 Password expiry message between 0 and 5 SM 7035 Password change after message no of days should be greater than 15 and less than 180 SM 7036 User Access to 1 2 denied SM 7037 Consecutive Password Characters should be greater than 1 SM 7038 The User is un authorized SM 7039 The Last Login date was 1 SM 7040 Password C
42. M CV024 Group already exists SM CV025 The record is already closed SM CV026 Intermediate table has to be entered SM CV027 Upload table has to be entered SM CV028 Cube table has to be entered SM CV029 Source field cannot be null SM CV030 Destination field cannot be null SM CV031 Destination field already maintained SM CV032 Group ID already maintained SM CV033 Template ID already maintained for this group SM CV034 Sequence no already maintained for this group SM CV035 Invalid column name SM DATE1 Failed to convert date format SM DEMOO1 Oracle FLEXCUBE not properly installed exiting SM DEMOO 2 Demo version will expire after 1 day s SM DEMOOS3 Welcome to Oracle FLEXCUBE SM DEMOOA4 Only one user is allowed to login in demo version of Oracle FLEXCUBE exiting SM DEMOO5 Insufficient parameters to launch Oracle FLEXCUBE exiting SM DEMOO6 Oracle FLEXCUBE demo version does not allow this function 4 13 ORACLE Error Code Message SM DEMOO7 Demo version expired please contact i flex SM DEMOOS8 Demo version allows only 1 contracts SM DEMOO 9 Demo version expires today SM DTCHO01 Users are running functions SM DTCHO02 AEOD dates not maintained SM DTCH03 Wrong branch status to run this form SM EFINO1 Users in transactions input SM EXTUS Oracle FLEXCUBE has been launched from another application Sign off disallowed Please exit SM FNDO1 Menu items not p
43. MRPVLLG Security Management Violation Log Report SMRROLPR Role Profile Report SMRSUMRY Change Control Log Report SMRUSREN User Entitlement Report SMSBRNST Branch Status SMSUSHOL User Holiday Summary SMSUSRAC User Activity 6 2 ORACLE ORACLE Security Management System July 2013 Version 12 0 1 13 10 Oracle Financial Services Software Limited Oracle Park Off Western Express Highway Goregaon East Mumbai Maharashira 400 063 India Worldwide Inquiries Phone 91 22 6718 3000 Fax 91 22 6718 3001 www oracle com financialservices Copyright 2007 2013 Oracle and or its affiliates All rights reserved Oracle and Java are registered trademarks of Oracle and or its affiliates Other names may be trademarks of their respective owners U S GOVERNMENT END USERS Oracle programs including any operating system integrated software any programs installed on the hardware and or documentation delivered to U S Government end users are commercial computer software pursuant to the applicable Federal Acquisition Regulation and agency specific supplemental regulations As such use duplication disclosure modification and adaptation of the programs including any operating system integrated software any programs installed on the hardware and or documentation shall be subject to license terms and license restrictions applicable to the programs No other rights are granted to the U S Gover
44. RE DRE reaa 2 53 2 11 SPECIFYING DEPARTMENT DETAILS cc sccccccecsssssececececsessaaececececcensasesecececseseaeaeseeecsesessaaeeeeeceseessasaeeees 2 53 2 12 DEFINING ALERTS FOR USERS c cccccccessessssececececeecuececececeeaaeceeececsessasscecececeesesaeaeseesceeseuaaeseeceeceeseaaeeeeess 2 54 2 13 SINGLE SIGN ON SSO ENABLED ENVIRONMENT 2 56 ASSOCIATED FUNCTIONS 3 1 3 1 CEEARING A USER ID colons ca hehe code see D E ee 3 1 3 2 CHANGING THE SYSTEM TIME EEVEL debe ecu oceanic dein eee Ee eee Tue inte ce as 3 2 3 3 VIEW CURRENT USERS rete eee tete aie eite eii aid ce ende n uites 3 3 3 4 DEFINING LANGUAGE CODES e eter tee tee reste ted ee eee EU pau utin e E teh Nee eve et det 3 4 3 5 CHANGING THE BRANCH OF OPERATION eese seen 3 5 3 6 CHANGING THE USER PASSWORD cccessessececececsesesececececeesnaaececececeensaaesecececseseasssececceseseaaececececsensaaeeeeess 3 5 3 7 MAINTAINING SSO PARAMETERS ccceesessecececeesesseaececececeessnaececececeeseaaececececeeseusceceeseseneaaeeeeceeesestaaeeeeees 3 6 3 8 MAINTAINING TRANSACTION STATUS CONTROL cesses 3 7 3 9 MAINTAINING ERROR MESSAGES ccsesessesecececsessecececececseaaececececcensaaececececeeseaeseceesesesesaae
45. RMSGQ in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow Error Messages Maintenance Error Code Language Description Message The following details are captured here Error Code Specify a code for the error message here Language Specify the language code of the error message 3 8 ORACLE Description Specify the description for the language code Message Specify the error message that has to be displayed 3 9 1 Configuring Customized Hot Keys for Launching Screens Oracle FLEXCUBE allows you to configure Hot keys or Shortcut keys for function ids using which you can launch the function id screens without typing the function ids For this you need to map each function id to a hot key using the Hot Key Maintenance screen To invoke the Hot Keys Maintenance screen click the option Hot Keys under Options menu You invoke this screen by typing SMDHOTKY in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Hot Keys Maintenance The following details are captured in this screen User Id The id of the user who has logged in is displayed here Hot Key Details Here you can map a function id against each hot key You can select the function id to be mapped against the hot key from the adjoining option list 3 9 ORACLE 3 10 V
46. Security Management System Oracle FLEXCUBE Universal Banking Release 12 0 1 13 10 July 2013 Oracle Part Number E51465 01 ORACLE FINANCIAL SERVICES Security Management System Table of Contents 1 ABOUT THIS MANUA M 1 1 1 1 INTRODUGTION nr phia psp e apta AE OS min 1 1 1 2 AUDIENGE te Saad a Seeded wpa 1 1 1 3 ABBREVIATIONS REED p nip pa REDE 1 1 1 4 GLOSSARY OF IGONS inner ipe pr eere bab seb ed re gue eer psa PE 1 2 1 5 RELATED DOCUMENTS ee ix Ee eei eene vx shoes e eee tue eret a bee pe e eee bee lua eee ERIT e SERERE EYE 1 2 2 SECURITY MANAGEMENT icisccssosscosncsssassessnsecsssoscsssescescocesonccnsnassbadscennssndesssosssucsesecdssasecbssssbaassesasonsecseocess 2 1 24 INTRODUCTION TENERO RR DUE P REDE RED DRE CERE Te THE 2 1 2 2 SETTING UP PARAMETERS AT THE BANK LEVEL eeeeeeeeeeeeeeee enne nennen teen reet 2 2 2 2 1 Invalid Logins nies ee rie RR ERG ei e ERR SERE Ires 2 2 2 2 2 Specifying Parameler iino eo E earo Sras asara EEE Oe CESES ESADE eo Lee E pee REN res 2 3 2 2 3 Specifying Warning Sereen Text eco iter bre e E retro Lee eb RP ERE Reges 2 3 2 2 4 Specifying Parameters for User Passwords esses eene nennen eene ene 2 3 2 255 Placing Restrictions on User Passwords 2 5 2 2 6 Branch Restrictions for Specific Applications
47. Site code length cannot be less than 4 characters SM 001 11 Cumulative invalid logins number should be greater than 5 and less than 100 SM 001 12 Successive invalid logins number should be greater than 2 and less than 6 SM 00113 Password prevent reuse value should be between 1 and 5 SM 00114 Minimum password length should be between 6 and 10 SM 00115 Maximum password length should be between 9 and 12 SM 00116 Graph not found Contact your branch administrator SM 00117 Password change after message no of days should be greater than 15 and less than 180 SM 00118 Archival period should be greater than 0 SM 00119 Enter the role description SM 00120 Cannot delete modify role of other branch SM 00121 Idle time before sign off should be between 30 and 600 4 3 ORACLE Error Code Message SM 00122 Password expiry message between 0 and 5 SM 00123 Enter a valid module ID SM 00125 Min password length should be less than Max password length SM 00126 Override idle time should be greater than 10 SM 00130 User access to 1 2 denied SM 00131 Duplicate values encountered SM 00140 Guest ID not defined in branch 1 SM 00150 Maximum value encountered SM 00160 Users attached to the language code Cannot delete SM 00161 Language code already exists Try another one SM 00170 Reserved word cannot be used SM 00500 Mandatory values missing or null SM 00501
48. action e Local authorization 2 43 ORACLE e When the transaction is assigned to user manually e On locking the assigned record e On authorizing the records The User Limits maintained for a User Profile common and applicable across all the branches of your bank 2 10 9 2 Specifying Role of Limits You can link a Limits Role to the User Profile The Limits maintained for the role will be applicable to the user profile to which it is linked If you select the Limits Role option you will be required to specify the following details Branch For a user you can assign Limit Roles specific to each branch of your bank Depending on the branch in which the user operates the relevant Limits Role will be made applicable You can select the branch from the option list available You can attach only one Limits Role to a branch Further if you choose not to attach a Limits Role to a particular branch the system will not validate the limits in that branch Limits Role All the Limits Roles maintained at your bank will be displayed in the option list You can select the Roles you wish to link to the user profile On selection of the Role the following details get defaulted e Limits Currency e Input Limit e Authorization Limit For Journal Single and Multi Offset and Teller transactions the check will be performed on each individual transaction i e each debit and credit entry No Limits Select the No Limits op
49. ader The Header carries the title of the report information on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report Body of the report The following details are displayed in the report EOC Stage This indicates the End of Cycle stage Branch Code This indicates the code of the branch Start Time This indicates the start time from which the records have been considered for report generation End Time This indicates the end time until which the records have been considered for report 5 12 ORACLE generation Maximum Time This indicates the maximum time taken for the batch operation Minimum Time This indicates the minimum time taken for batch operation Average Time This indicatess the average time taken for batch operation 5 9 Change Control Log Report The Change Control Log report provides change control log details You can invoke the screen by typing the code SMRCONTL in the field at the top right corner of the Application tool bar and click on the adjoining arrow button Change Control Log Report Branch Options User Options Single 9 Single Branch Code Module Options Main All Single Module Code ReportFormat PDF PrinterAt Client Report Output Print Print
50. adjoining option list if you have selected Single Start Date Specify start date of the event for which you want to generate the report from the adjoining calendar Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report Field Name Field Description Start Date Indicates the start date of the event End Date Indicates the end date of the event Application Indicates application details Current Branch Indicates current branch code Transaction Branch Indicates transaction branch code User ID Indicates User ID 5 16 ORACLE 5 11 Changes Log Report The Changes Log report provides changes log details You can invoke the screen by typing the code SMRMCLOG in the field at the top right corner of the Application tool bar and click on the adjoining arrow button Changes Log Report Report Options
51. ails are captured here Branch You are allowed to view users logged in from the current branch as well as any other branch Select the any of the following options and click Users button to view the current users of that branch e Current Branch e All Branches The following user details are displayed here e Branch The branch from which the user has logged in e Terminal The terminal system from which the user has logged in e User Identification The name of the user e Start Time The time when the user logged in 3 3 ORACLE 3 4 Defining Language Codes Every language that is supported by the system is identified by a Language Code In Oracle FLEXCUBE this code is a three character alphanumeric code Invoke the Language Code Maintenance Detailed screen by typing SMDLNGCD in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Language Code k Language Code Language Name Display Direction Language ISO Code Example For English the code you could enter in Oracle FLEXCUBE could be ENG 3 4 ORACLE 3 5 Changing the Branch of Operation Through this function you can change the branch of operation to a branch other than the one you are signed on to The branches to which you can change into will be defined in your user profile You can change your branch of operation only when a function that has been initi
52. an either allow or disallow the user from using certain account classes Subsequently specify the account classes which have to be allowed or restricted for the user depending on the option selected The following options are provided e Allowed Select to allow user to use specified account classes e Disallowed Select to disallow user to use specified account classes 2 10 8 General Ledgers You can restrict the user from posting entries to certain General Ledgers GLs maintained in Oracle FLEXCUBE Further you can restrict the user from posting entries to specific node and leaf GLs Click General Ledgers button to specify the GL restrictions General Ledgers GL Restriction Allowed Disallowed Node GL s Leaf GL s 100 gt 100 Node General Ledgers x 2 Leaf General Ledgers l You can either allow or disallow the user from using certain GLs Select the node GLs and leaf GLs that you want to restrict 2 42 ORACLE 2 10 9 Limits You can place a limit on the transaction amount for a user Consequently the system will not allow the user to process transactions exceeding a specific limit You can also associate a user limits or limits at the role level with a user profile Click Limits button to indicate the limits Limits User Limits Limit Currency Limits Role Maximum Transaction Amount No Limits Authorization Limit Role of Limits 1015 Branch Limits Role Limit Currency Input Limit Aut
53. ance Yes FT Contract Online No shown below User Automatic Authorization Enabled Ronald Yes George Yes Smith No You have also maintained transaction access rights for the users as shown below You have maintained automatic authorization rights for specific users in the User Profile maintenance as User Branch Function Input access Authorize Access Ronald 000 Customer Information Maintenance Yes Yes Ronald 001 Customer Information Maintenance Yes Yes Ronald 000 FT Contract Online Yes Yes Ronald 000 Customer Account Maintenance Yes No George 001 LD Contract Online Yes Yes George 000 Customer Account Maintenance Yes Yes Smith 000 LD Contract Online Yes Yes Smith 000 Customer Account Maintenance Yes Yes 2 33 ORACLE According to your maintenance automatic authorization would be performed as shown below User Branch Function Automatic Reason Authorization on Save Ronald 000 Customer Yes Input and Authorize rights enabled Information for the user as well as automatic Maintenance authorization rights enabled for the user branch and function Ronald 001 Customer No Automatic authorization not enabled Information for branch 001 Maintenance Ronald 000 FT Contract No Automatic authorization not enabled Online for the FT Contract Online function Ronald 000 Customer No Authorization access not enabled
54. ansactions with Funding Exception status and insufficient funds e Suppressing a message e Deleting a message Granting each of these permissions in the Rights screen enables the user to perform the corresponding functions in the Incoming and Outgoing Message Browsers The appropriate button in the Browser in each case is enabled for the user For details regarding each of these operations in respect of both incoming and outgoing messages consult the Messaging System user manual Apart from these functions you can also grant permission for the cover matching function for incoming payment message transactions For details regarding uploading incoming payment transaction messages and cover matching for incoming payment transactions refer the Straight Through Processing chapter in the Funds Transfer user manual Queues You can allot the message queues to which the user has access and in which the user can perform messaging operations according to the messaging rights you have assigned The required queues can be selected and listed in the Queues list under the Grant Queues section 2 10 5 Functions In addition to attaching a user profile to a role you can give rights to individual functions For a user profile to which no role is attached you can give access to specific functions If you have e Attached one or more roles to a user profile e You have given access to individual functions to a profile to which roles ar
55. ated by you in the current branch has been completed The screen is as shown below List of Values Branch Code Branch Code Branch Status Branch Name Time Level 96 Fetch Values Search Results 1 Of 3 Branch Code Branch Name Branch Status Time Level 000 BANK FUTURA TRANSACTION INPUT 001 Bank Futura 2ndStreet Branch London TRANSACTION INPUT 002 Bank Futura 4th Street Branch Londo TRANSACTION INPUT 003 Bank Futura Avenue Branch London TRANSACTION INPUT Bank Futura Neethle Street London TRANSACTION INPUT Rank Eritiirs Town HallRranch 1 andan TRANSACTION INPI IT a 3 6 Changing the User Password The Password of a User can be changed either when it expires or at the will of the user using the Change Password screen Change Password Enter Old Password Enter new password Confirm New Password The following details are captured here Enter Old password Specify the old password which has to be changed Enter new password Specify the new password Confirm new password Specify the new password 3 5 ORACLE Click Save to save the new password Click Cancel to exit the screen 3 7 Maintaining SSO Parameters LDAP is an external directory system which stores the details regarding user ids and password Once SSO has been enabled for your bank the SSO parameters need to be maintained This can be done using the Single Sign On Maintenance screen You can i
56. ation Status Department Details Here you can specify the following Department Code Specify the department code You can enter a maximum of 3 alphanumeric characters Department Short Name Specify the department short name You can enter a maximum of 10 alphanumeric characters Department Description Specify the department description You can enter a maximum of 225 alphanumeric characters 2 12Defining Alerts for Users Oracle FLEXCUBE allows you to define and send text messages to a destination user These text messages will be displayed as an alert on the dashboard when the destination user logs in to the application The user can then pick up the unprocessed messages and process it 2 54 ORACLE You can define the message for a destination user in the User Alerts screen You can invoke this screen by typing SMDUSALR in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button User Alerts Maintenance 10710 UserID Sequence Number Alert Type Message Status The following details are captured here User Id Specify the id of the destination user to whom the message has to be sent Sequence No Specify the sequence number of the message that you are defining Alert Type Specify the alert type as Information Message Specify the message that has to be sent to the destination user Status Specify the status of the message as any of
57. ator etc should be maintained The system defaults to a value of 30 which you can change You can specify an archival period that is greater than or equal to 7 calendar days Dormancy Days Oracle FLEXCUBE allows you to automatically disable the profile of all the users who have not logged into the system for a pre defined period of time A user ID is considered dormant if the difference between the last login date and the current date is equal to or greater than the number of Dormancy Days that you specify in this screen This is reckoned in calendar days i e inclusive of holidays All dormant users whose home branch is same as the current branch are disabled during the end of day run at the current branch 2 2 3 Specifying Warning Screen Text Warning Screen Text At your bank you may require a warning message containing legal requirements and security policy to be displayed to all users before allowing them to login to Oracle FLEXCUBE You can specify the text content of such a message in the Warning Screen Text field This message will be displayed soon after a user launches the Oracle FLEXCUBE login screen The user will be allowed to continue with the login process only after he clicks on the OK button on the message window You can modify the contents of the message only during the transaction input stage The changes will come into effect during the next login by a user The maximum size of the warning message is 1000
58. ber of calendar days that must elapse between two password changes After a user has changed the user password it cannot be changed again until the minimum number of days you specify here have elapsed 2 4 ORACLE Intimate Users before password expiry The number of days for which a password is to be valid is defined in the Force Password Change after field You can also indicate the number of working days before password expiry that a warning is to be issued to the user When the user logs into the system the stipulated number of days before the expiry date of the password a warning message will continue to be displayed till the password expires or till the user changes it By default the value for this parameter is two i e two days before password expiry You can change the default if required If you do you can specify a number greater than zero and less than or equal to five Example The value specified in the Intimate User Before Password Expiry field is 2 and a user s password is due to expire on 31 01 09 The warning message is displayed on 29 01 09 and 30 01 09 whenever the user logs in 2 2 5 Placing Restrictions on User Passwords You are allowed to place restrictions on the number of alpha and numeric characters that can be specified for a user password Maximum Consecutive Repetitive Characters You can define the maximum number of allowable repetitive characters occurring consecutively in a user password This
59. ccessful attempts at accessing the system along with the nature of these attempts It could be an invalid password attempt the last login time of a user etc Audit Trail Whenever a record is saved in the module the ID of the user who saved the record is displayed in the Input By field at the bottom of the screen The date and time at which the record is saved is displayed in the Date Time field A record that you have entered should be authorized by a user bearing a different login ID before the EOD is run Once the record is authorized the ID of the user who authorized the record will be displayed in the Authorized By field The date and time at which the record was authorized is displayed in the Date Time field positioned next to the Authorized By field The number of modifications that have happened to the record is stored in the field Modification Number The Status of the record whether it is Open or Closed is also recorded in the Open checkbox 2 1 ORACLE 2 2 Setting up Parameters at the Bank Level Certain parameters related to security management should be defined at the bank level These parameters will apply to all the users of the system Examples of such parameters are the number of invalid login attempts after which a user id should be disabled the maximum and minimum length for a password the number of previous passwords that should not be used the interval at which the password should be chang
60. ch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report 5 14 ORACLE Field Name Field Description Branch Indicates Branch Code User ID Indicates User ID Module Indicates Module Function Modified Indicates Function Modified Modification Number Indicates Modification Number Field Name Indicates Field Name Status Indicates Status Old Value Indicates Amount New Value Indicates Currency code Maker Date Checker ID Indicates Maker Date and Checker ID 5 10 Event Log Report The Event Log report provides event log details You can invoke the screen by typing the code SMREVNLO in the field at the top right corner of the Application tool bar and click on the adjoining arrow button Event Log Report Input User All Single User Start Date Report Format PrinterAt Client v Report Output Printer You can specify the following parameters Input User 5 15 ORACLE You can generate the report based on the following User criteria The following options are available for section e All e Single User Specify a valid User ID for which you want to generate the report from the
61. characters You will be allowed to specify the contents of the warning message only if the Display Legal Notice option is enabled 2 2 4 Specifying Parameters for User Passwords You can specify the following parameters that would govern user passwords 2 3 ORACLE Password Length characters You can indicate the range of length in terms of number of characters of a user password The number of characters in a user password is not allowed to exceed the maximum length or fall below the minimum length that you specify here The minimum length defaults to 8 and the maximum length to 15 You can change the defaults and specify the required range If you do so you can specify a minimum length between 6 and 15 characters and a maximum length between 10 and 15 characters The minimum length that you specify must not exceed the maximum length that you have specified Force Password Change after The password of a user can be made valid for a fixed period after which a password change should be forced In the Force Password Change after field you can specify the number of calendar days for which the password should be valid After the specified number of days has elapsed for the user s password it is no longer valid and a password change is forced The number of calendar days defined here will be applicable for a password change of any nature either through the Change Password function initiated by the user or a forced change i
62. creen You can maintain filter conditions for each DFI the User is mapped to Dash Board Condition Dash Board Condition Column Name Condition AND Where Clause You can maintain filter conditions for a specific Dashboard Column Name Specify the column name for which you want to maintain filter conditions The adjoining option list displays all valid columns available in the Dashboard Choose the appropriate one Condition Select the filter condition you want to maintain The following conditions are available e AND e OR e gt e lt Click Add to add the selected conditions to Where Clause Where Clause Here the system defaults the values specified in Dashboard Condition screen Show in Dashboard Check this box if you want to display a specific Dashboard assigned to the User 2 52 ORACLE 2 10 17 Copying the User Profile of an Existing User Often you may have to create a user profile that closely resembles an existing one In such a case you can copy the existing profile on to the new one Select Copy from the Actions menu in the Application toolbar A list of existing user profiles will be displayed Click on the one you want to copy All the details of the profile except the User ID and the password will be copied and displayed for the new user Enter a unique User ID and give a password You can change any of the details of the profile
63. e Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated 5 29 ORACLE Body of the Report The following details are displayed as body of the generated report Field Name Field Description Home Branch Indicates Home Branch Branch Name Indicates Branch Name User ID Indicates User ID User Name Indicates User Name User Category Indicates User Category Created On Indicates Created On date Last Signed On Indicates Last Signed On date Password Changed On Indicates Password Changed On date Status Indicates Status Branch Allowed Indicates Branch Allowed for user Account Class Allowed Indicates Account Class Allowed for user GL Allowed Indicates GL Allowed Product Allowed Indicates Product Allowed for user Max Input Limit Indicates Max Input Limit Cumulative Invalid Login Indicates Cumulative Invalid Login No of Successive Login Indicates No of Successi
64. e and Time At which the report was generated Printed by The user who has generated the report Spool File If the report has been printed onto a spool file the name of the spool file is given here Sort on The criteria on which the details have been sorted Date Range The period for which the report is generated User ID The ID of the user whose details are being reported Name The name of the user whose details are being reported Time Level The time level of the user Language Code The language assigned to the user Profile Expires On The date on which the user profile is due to expire Status The status of the user enabled on hold or disabled Function ID The function allowed for the user Function Description The description of the function 5 5 ORACLE Link with Role Definition If the user has been linked to a role the role ID is given here Maximum Transaction The maximum amount that the user can enter in a single Amount transaction Maximum Authorization The maximum amount that a transaction can have if it has to be Amount authorized by this user Branch Code The branch in which the user profile is defined Branch Name The name of the branch in which the user has signed on Currency Code The S W I F T code of the currency in which the user can operate Currency Name The name of the currency in which the user can operate
65. e attached The rights for Function IDs that figure in both the role and user specific functions will be applied as explained in the following example Example The role profile FXDP1 has access to New Copy Delete Close Reopen Unlock and Print for the Forward Rates table 2 39 ORACLE You attach the user profile of Tanya to the role FXDP1 While allotting rights to individual functions for Tanya you give rights to New Copy Delete and Close for the Forward Rates table The role has access rights to Reopen Unlock and Print in addition to these In such a case the user profile of Tanya will have rights to only the functions to which rights are given at the user profile level that is New Copy Delete and Close even if the role FXDP1 has rights to other functions To give access to functions for the user profile you are defining click Functions button in the User Profile Definition screen The Functions screen will be displayed as shown below Functions User Stage Functions 100 Branch Code x Function New Delete Close Unlock Reopen Print Auth Reverse Rollover The various functions in the system fall under different categories To assign a function to a user profile in the User Functions screen you must select the tab of the function category to which the function belongs The function categories and their respective tab in the User Functions screen are as follows
66. e maker to save remarks while saving closing or reopening a record The checker authorizer can view the maker remarks entered and also enter remarks for each modification while authorizing the record Excel Export Required Check this box to enable data export for the selected function id If this box is checked system allows you to export data from records belonging to the selected function id into an excel file Multi Branch Access Required Check this box to configure dual access framework for the function ID Note the following e Ifthe function level check box is unchecked the transactions will be posted in the current branch e Dual access functionality is enabled only when the Multi Branch Access check box is checked at User ID and Function ID levels Available Check this box to make the Function accessible in the Oracle FLEXCUBE menu The definition of the menu would be as specified in the Column at the bottom of the Function Description Maintenance screen If this box is unchecked then this screen will not be accessible from the menu even if it is selected for the Role that is assigned to the user Automatic End Of Day aware Check this box to consider the Function for an AEOD run Log Event Check this box to enable the event log for a particular Function ID Oracle FLEXCUBE maintains an extensive log of the activities of every user This can later be used for reporting on the user activiti
67. e messaging rights you have assigned The required queues can be selected and listed in the Queues list under the Grant Queues section 2 6 6 Password Restriction System allows you to create a list of words that the users having a certain Role are likely to use as Passwords and on which restrictions can be placed The list of Restrictive Passwords should contain those passwords that the users are most likely to use the name of your bank city country etc For a user role it could contain names or terms that are commonly used in the department At the user level it could contain the names of loved ones etc By disallowing users from using such common passwords you can reduce the risk of somebody other than the user knowing the password Click Password Restriction button to define the list of Restrictive Passwords for the role profile you are defining Any user who is attached to the role cannot use a password in this list The screen is as shown below 2 20 ORACLE Password Restriction Password Restriction 100 Password n You can define only the functions that are applicable for the role and the list of Restrictive Passwords for a role All the other attributes of a user profile should be defined when the user profile is being created 2 6 7 Copying the Role Profile of an Existing Role Often you may have to create a Role Profile that closely resembles an existing one In such a case
68. e the appropriate one Department Description The system displays the Department description Tax Identifier Specify the tax identifier code of the customer to monitor Anti Money Laundering activities A user with restricted access will not be able to view print details of contracts involving the product in all Contract Functions and Contract Summary screens for the following modules e Teller e Retail Teller e Clearing e Utility Payments e Funds Transfer e Payment and Collections e Contract Online and Cycle Due screen of SI e Foreign Exchange online and payment e The Contract Online Value Dated Amendments and Payments Input screens of MM 2 29 ORACLE e Contract Online put Value Dated Amendments Payments Input and Loans Assignment screens of LD The other functions to which the user will have restrictive rights is as follows e Ad hoc loan statement generation e Queries Accounting Entries e Customer Based Information Retrieval e Limits Overrides showing account balances e Message Browser e Payments and Collections Message browser In the Payments and Collection module the restriction is applicable to product categories and not products If a balance exception has occurred the balances are not displayed for the restricted user but will be replaced by o The restricted users will be able to e View print financial information pertaining to contracts they have initiated or view print bala
69. ed by every user etc You can invoke the SMS Bank Parameters Maintenance screen by typing SMDBANKP in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button SMS Bank Parameters Maintenance Enter Query Bank Level Parameters Password Length Characters Head Office Maximum Site Code Minimum Activation Key Invalid Logins Cumulative Successive Parameters Password Repetitions Maximum Consecutive Force Password Change After Repetitive Characters Intimate User Before Minimum Number Of Numeric Password Expiry p Characters In Ponce Archival Period in days Minimum Number Of Special Characters In Password Minimum Days Between un Password Changes Minimum Number of LowerCase Characters in Dormancy Days Password Display Legal Notice Minimum Number of UpperCase Characters in Password Warning Screen Text Branch Restrictions Password Restrictions Date Time Checker Date Time Mod No Record Status Authorization Status You can modify the Bank Parameters only when the Head Office branch is in the transaction input stage 2 2 1 Invalid Logins You can specify the allowable number of times an invalid login attempt is made by a user Each user accesses the system through a unique User ID and password While logging on to the system if either the User Id or the Password is wrong it amounts to an invalid login attempt
70. eeeececseneaaeeeeees 3 8 3 9 1 Configuring Customized Hot Keys for Launching 3 9 3 10 VIEWING USER ACTIVITIES Ur uae E ert ec tee ve drerit brew tete prev vods 3 10 3 11 VIEWING BRANCH STATUS ba ae e repere REOR EA DR EET EE ev edo 3 10 ERROR CODES AND MESSAGES eese ee ee seen ans en seta aos en esa aP essa Pese snos eo o eso seen o sean esto a sese esto aee 4 1 4 1 ERROR CODES eee opened eben eed eat in ie ee eet 4 1 REPORTS INESSE MACHEN NERIS EGRE SI ETETE Le PEORES aen 5 1 5 1 amp 5 1 5 1 1 Contents of the Events Log ee ie che per i aper RR RR Pero reir cages 5 1 5 2 SECURITY MANAGEMENT SYSTEM VIOLATIONS LOG REPORT esee enne 5 3 5 2 1 Contents the Security Management System Violations Log 5 4 5 3 USER PROFILE REPORT sb cv tiga oe Goss eed 5 4 35 34 Contents of the User Profile Report e etre tiger tein net Rcge 5 5 5 4 CHANGES IREPORT REPE E iiber nimiae ei etai es 5 6 5 4 1 Contents of the Changes Report a eret Ei eer o Ri nne ER Rcge 5 7 5 5 INACTIVE USERS AGING ANALYSIS REPORT csssessssecececesssseececececsessaececececeeseseaesecseseseuaueceeecessessaaeeeeess 5 8 5 5 1 Contents of the Inactive Users Aging Analysis Report
71. eport The following details are displayed as body of the generated report Field Name Field Description Role Indicates Role ID Function Indicates Function name Function Description Indicates Function description Branch Allowed Indicates branches allowed for the role Acc Class Allowed Indicates account classes allowed for the role Limit Currency Indicates limit currency for the role Input Limit Indicates input limit for the role Authorizer Limit Indicates authorization limit for the role 5 16 User Role Summary Report The User Role Summary report provides user role summary details You can invoke the screen by typing the code SMRSUMRY in the field at the top right corner of the Application tool bar and click on the adjoining arrow button User Role Summary Report Status Report User Status Enabled Role Option Disabled Single Role Level Report Format Report Output You can specify the following parameters Branch Option All Single Branch Code Printer At Client Printer 5 26 ORACLE Status Report You can specify the following parameters User Status You can generate the report based on the following user status criteria The following options are available for section e Enabled e Disabled Role Options You can generate the report based on the following role criteria The
72. er You can specify the following parameters Branch Options You can generate the report based on the following branch criteria The following options are available for section e All e Single Branch Code Specify a valid branch code for which you want to generate the report from the adjoining option list if you have selected Single User Options 5 13 ORACLE You can generate the report based on the following User criteria The following options are available for section e All e Single User Specify a valid User ID for which you want to generate the report from the adjoining option list if you have selected Single Module Options You can generate the report based on the following Module criteria The following options are available for section e All e Single Module Code Specify a valid module code for which you want to generate the report from the adjoining option list if you have selected Single Main You can specify the following parameters Date Specify a valid date for which you want to generate the report from the adjoining calendar 5 9 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Bran
73. es 2 14 ORACLE 2 5 1 1 Cust Access Check this box to make the Function available to Users who are classified as Customers Auto authorization As configured for your installation according to your requirement automatic authorization is applicable for a pre shipped list of functions For those functions you can revoke the applicability of automatic authorization if required It is not possible to indicate the applicability of automatic authorization for any other functions than those pre shipped functions configured for your installation Head Office Function Check this box to enable the Function to be handled only by the users of the Head Office Users of the other branches would be only allowed to view the Function Defining the Menu The Oracle FLEXCUBE menu can be defined in the Function Description section You can define menu appearance for a given Language The Menu can only be drilled down up to two sub menu levels Example For Language Code ENG if the Main menu value is given as Security Management Sub Meu1 as Maintenance and Sub Menu2 as Function Description for Function id SMDFNDSC then on the Oracle FLEXCUBE menu it would appear as follows Security Management Maintenance Branch Restrictions Department Maintenance Error Messages Function Description Landing Page Language Codes MBean gt Queues Registry Details Sys Admin 2 6 Defining a User Role
74. et eke ca epo ee ea eee ce Pe eee Ene coveecencdtubaceds 2 24 2 0 VIEWING HOLIDAY SUMMARY 4 eene enne tenter nennen 2 25 2 10 DEEINING A USER PROFILE ws opere ek Re ee Fe ENSE RENE EX cd ce XR Ye RETE NEN aUe NEXU E BURN 2 27 2 10 25 Restricted Passwordsz aede teen atv eai teen aiv hs eir 2 35 RIOR JROles i deret db e RS tes atic ette merece bue rtv tet 2 36 2 104 ash e RW hee dei s 2 37 DAVOS IRHHGHOhSS edades bd equi EE OE enam eheu tir 2 39 210 6 ss ced et ke ve eae aches bs aes aca ae a aie te eg E ees ea Ree ES 2 4 IO Account Classes e ne ieu EEE EEE 2 41 2 10 85 Gener l Led ers inve GU RUN eb e ee ee 2 42 2 10 9 ae ee etu OS ore Ee EH usines eid 2 43 2 10 10 Branches s sso Tree twee n NM 2 45 2 10 11 PODUGUS T ree eive rae ota tea eyed 2 46 2 10 12 Group Code Restriction ee e e ER e PIPER RH 2 47 2 10 13 Dis llowed Fulctlons s ie re edere tete oves eee 2 48 2 10 14 Users Holiddy ie Hep e Ea ee HU 2 49 2 10 15 Centralized Role ss eere ERR rere e eee a er Ped 2 50 2 10 16 Dashboard Mapping s t ee e ERU e a ER I d 2 51 2 10 17 Copying the User Profile of an Existing User eese 2 53 2 10 18 Deleting a UseF Profile Sa RP 2 53 2 m 2 10 19 Closing GU Ser Profile egt ee ep RE DP REPE APRI
75. files e End of Day EOD operations e Maintaining rules for ICCF components e Maintaining branch restrictions for IC rates In the Restriction Type field in the SMS Branch Restriction Type screen select USRADMIN to maintain branch restrictions for User Administration EODOPERATN to maintain branch restrictions for EOD operations ICCFRULE to maintain branch restrictions for maintaining ICCF rules and ICRATES to maintain branch restrictions for IC rates 2 2 7 Password Restrictions You can define a list of passwords that cannot be used by any user of the system in the bank This list called the Restrictive Passwords list can be defined at three levels e Atthe bank level applicable to all the users of the system e Atthe user role level applicable for all the users assigned the same role e Atthe user level applicable for the user The list of Restrictive Passwords should typically contain those passwords the users are most likely to use the name of your bank city country etc For a user role it could contain names or terms that are commonly used in the department At the user level it could contain the names of loved ones etc By disallowing users from using such common passwords you can reduce the risk of somebody other than the user knowing the password Click Password Restrictions button to define restricted passwords at the bank level that should not be used by any user of the bank 2 7 ORACLE Passwo
76. g operations on incoming messages e Printing a message e Authorizing a testword e Routing a message to a queue e Associating a message with a contract e Uploading incoming messages e Making changes edit incoming messages You can also grant permissions for changing the branch and the address in incoming messages e Authorizing changes made to incoming messages e Force Release payment message transactions with Funding Exception status and insufficient funds e Suppressing a message e Deleting a message Granting each of these permissions in the Rights screen enables the user having this role to perform the corresponding functions in the Incoming and Outgoing Message Browsers The appropriate button in the Browser in each case is enabled for the users associated with the role For details regarding each of these operations in respect of both incoming and outgoing messages consult the Messaging System user manual Apart from these functions you can also grant permission for the cover matching function for incoming payment message transactions For details regarding uploading incoming payment transaction messages and cover matching for incoming payment transactions refer the Straight Through Processing chapter in the Funds Transfer user manual Grant Queues You can grant the message queues to which the role has access and in which users associated with the role can perform messaging operations according to th
77. hanged Successfully SM 7041 Invalid Password Bad Sign On SM 7042 Invalid Name Bad Sign On SM 7043 Successive Invalid Logins SM 7044 Forced Disable Cumulative Invalid Logins SM 7045 Forced Disable Password expired SM 7046 Password changed 4 10 ORACLE Error Code Message SM 7047 User initiated Password change SM 7048 Forced password change SM 7049 Status Enabled SM 7050 Status put on SM 7051 Hold User already Signed on SM 7052 Do you want to reset Cumulative Invalid Logins to 0 SM 7053 Number of Invalid Logins Since Last Logout 1 SM 7054 User Password Changed Successfully SM 7055 Change password now SM 7056 Terminal Id not set SM 7057 Message Digest not matched SM 7058 User Not Logged In Please login again SM 7059 Fast Path Cannot Contain Special Characters SM 7060 Currency sold and Currency bought can not be same SM 7070 Branch date is ahead of host date cannot proceed SM 77777 User does not have rights to authorize the override SM AUTH01 The transaction amount exceeds the maximum authorization amount for the User SM BRNO1 Not a Valid user for Branch SM BRNO2 Password for Branch User cannot be null SM BVALUE1 1 Back value days cannot be null SM C0050 Invalid Branch Code SM C0051 Function ID Already attached SM C0052 Branch or Function id should not be null 4 11 ORACLE Error Code Message
78. horization Limit n In this screen you can choose to e Define user specific limits e Link a Limits Role to the User Profile e Maintain No Limits The manner in which FLEXCUBE handles each of the above options is explained below 2 10 9 1 Specifying User Specific If you choose to maintain User Limits you will need to specify the following details e Limit Currency e Maximum Transaction Amount e Authorization Limit When a user processes a transaction the system will convert the transaction amount if the transaction is in a different currency to the currency in which the limit amount is expressed based on the Standard Mid Rate During authorization or approval of a transaction if the amount exceeds the limits maintained for the specific user the system will display an override message When such an override is sought the user will be allowed to continue processing depending upon the sensitivity assigned to the override The implementers at your installation configure this sensitivity depending upon your requirements If it has been configured as ignore or warning the user can continue processing despite exceeding the input limit by selecting OK in the override message window or select Cancel to terminate the processing If configured to be an error the user cannot proceed with the transaction without authorization The system will validate the user authorization limit at the following stages of a trans
79. horized Open 001 31581401 2012 03 14 2012 03 15 31581402 2011 09 02 Authorized Open 001 31581A05 2012 03 21 2012 03 22 31581402 2011 09 02 Authorized Open 30300405 2011 10 01 2011 10 01 30300403 2011 09 30 Authorized Open 001 31581401 2013 03 02 2013 03 30 31581402 2011 09 05 Authorized Open 001 31581401 2014 03 02 2014 03 31 31581402 2011 09 05 Authorized Open 30300405 2013 06 30 2013 06 30 30300412 2013 06 30 oO 4 Oo The following details are displayed e Authorization Status e Record Status e Branch Code e User ID e Leave From e Leave To e Maker ID e Maker Date Stamp e Checker ID e Checker Date Stamp The above screen be used only for viewing the holiday summary of the user specified in the User Holiday Maintenance screen Hence all the query fields such as Authorization Status Branch Code User ID etc will be disabled 2 49 ORACLE For more information about viewing holiday details for any user profile refer the section Viewing Holiday Summary Details in this document 2 10 15 Centralized Role The centralization role can be linked to a user here You can view centralized role maintained for the user profile in the Centralized Role screen Click Centralized Role button to invoke this screen Centralized Role Mapping Centralized Role Mapping 101 Role Role Description If the multi branch operational parameter is enabled and the cen
80. iewing User Activities You can view a log of activities of Oracle FLEXCUBE users through the User Activity screen Note that you can view user activities only through Oracle FLEXCUBE host system This screen is not available for viewing in the branch installations You can invoke this screen by typing SMSUSRAC in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button The screen is displayed as below User ID 28 az Function Id 28 0 Advanced Search ETZAN 000000 Records per pagez 15 x 1 zofz 1 UserID IP Address Branch Code Function Id Sequence Number System Start Time mm oS oF uo o om oc c oa T 757 oO oe ON O a ug mum moms o m gem Bm EN D mo 5m moo d You can query for records based on the following criteria e UserID e Branch Code e Function ID Click Search button Based on your preferences the system identifies all records satisfying the criteria and displays the following details for every record e UserID e IP Address e Branch Code e Function ID e Sequence No e System Start Time e System End Time e Exit Flag 3 11 Viewing Branch Status You can view the host connectivity status of various branches through the Branch Status screen You can invoke this screen by typing SMSBRNST in the field at the top right corner of the App
81. ill uniquely identify the Role Limit throughout the system A Role Limit is distinct from the User Role in that the Role Limit is designated for the specific purpose of enabling you to set transaction amount processing limits that you wish to impose on a user Description You can specify a brief description for the Role Limit being defined 2 22 ORACLE 2 7 1 1 Limits Currency Here you will indicate the currency in which the limits transactions amounts will be expressed If a user captures a transaction in a different currency Oracle FLEXCUBE will convert the transaction amount to the Limits Currency and then perform the validations For currency conversions the system will use the mid rate of the STANDARD exchange rate type maintained in your system Input Limit Specify the maximum amount that a user to which the limits role is associated is allowed to process while entering a transaction Authorization Limit Specify the maximum amount that a user to which the limits role is associated is allowed to process while authorizing a transaction Working of the Limits Input Limit If the transaction amount exceeds the input limit maintained for the Role the system displays an override message Selection of the OK button in the message window will allow the user to continue despite exceeding the limits If the user selects the Cancel button he will not be able to continue with transaction processing Authorization
82. ing role criteria The following options are available for section e All Roles e Selected Role ID Specify a valid Role ID for which you want to generate the report from the adjoining option list if you have selected Selected 5 13 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated 5 21 ORACLE Body of the Report The following details are displayed as body of the generated report Field Name Field Description Role ID Indicates role ID Role Description Indicates role description Functions Allowed Indicates function allowed for the role Branches Allowed Indicates branch code and name of the branches allowed Account Class Allowed Indicates the account class and description of the account classes allowed Users Attached Indicates the User ID Name and the branch of the Users attached 5 14 User Profile Report The User Profile report provides details of the user profile You can inv
83. inning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section 5 19 ORACLE Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report Field Name Field Description Start Date Indicates the start date of the event User ID Indicates user ID Creator Indicates creator s ID Authorizer Indicates authorizers ID code Home Branch Indicates home branch code Role ID Indicates role ID to which the user ID is mapped 5 13Role Profile Created Report The Role Profile Created report provides details of the role profile created You can invoke the screen by typing the code SMRPRLPR in the field at the top right corner of the Application tool bar and click on the adjoining arrow button 5 20 ORACLE Role Profile Report Report For All Roles Selected Role Id Report Format PDF PrinterAt Client v Report Output Print Printer You can specify the following parameters Report For You can generate the report based on the follow
84. ion key contains irrelevant characters Wrong activation key SM 00502 Installation with this key already done Cannot duplicate SM 00503 Installation not done Contact BSA or i flex representative SM 00510 No branches defined for user SM 00520 Could not delete function Role attached SM 00530 Could not delete function Users attached SM 00540 Could not delete function SM 00550 Function successfully saved SM 00560 Function not implemented SM 00610 No functions defined for the user SM 00612 You are not logged on SM 00900 Process completed SM 00901 Please select user ids to Enable SM 00998 Password should be alphanumeric SM 00999 First and last letter cannot be numeric SM 01000 Invalid password Bad sign on SM 01001 Invalid name Bad sign on SM 01002 Successive invalid logins Forced disable SM 01003 Cumulative invalid logins Forced disable SM 01004 Password expired Password changed SM 01005 User initiated password change SM 01006 Forced password change SM 01007 Status enabled 4 6 ORACLE Error Code Message SM 01008 Status put on hold SM 01009 No of licensed users for modules exceeded SM 01010 No of licensed users for bank exceeded SM 01011 Wrong activation key entered SM 01012 Duplicate terminal ID encountered SM 01013 SMS user profile cleared SM 01014 Restricted access program invoked by control clerks SM 01015 User profile definition form invoked SM 01016 Role
85. iority Cancel Change Node Install Test Check Link Contract Change Branch In Change Message Release Change Media Branch Move Hold Test Input Change Address Change Force Release Fund Suppress Delete Print FT Upload Move To Queue Change Address In Auth Change Message Auth Rights Change Force Cover Match Reinstate Change Priority Auth Cancel Auth Change Node Release Change Media Auth Branch Move Hold Auth Test Input Change Address D OA C 0 0 D Oo a Queue Rights 100 Queuex Check against the messaging operations for which you want to grant the permission Granting rights pertaining to operations on messages You can grant permissions for the following operations on outgoing messages e Generating a message e Printing a message e Placing a message on hold e Releasing a message on hold e Canceling a message e Inserting a testword e Reinstating a message e Changing the priority of a message e Request information relating to Status of a message e Request cancellation of a message e Changing the media through which a message is transmitted e Changing the address to which a message is to be sent e Moving a message to another branch e Changing the node from which a message should be generated 2 19 ORACLE e Authorization of any of the operations listed above in respect of outgoing messages You can grant permissions for the followin
86. ist with none of the branches selected 2 11 ORACLE 2 Defining Functions Any function that is a part of the system should be defined through the Function Description Maintenance screen before it is available for execution Mostly our professionals carry out this activity You can modify the description of the function that appears in the Application Browser through this screen You can invoke this screen by typing SMDFNDSC in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Function Description Function Id Name Module List Type f User Function Id Menu Head Type String Maintenance Available Tanking Required Automatic End of Day aware Log Event Customer Access Dual Authorization Remarks Required Excel Export Required Multi Branch Access Field Log Required Auto Authorization Head Office Function Duplicate task check ooo DP oO contro string for functions and reports Duplicate Check Fields Function Description 1010 Language Code Main Menu Sub Menu 1 Sub Menu 2 Balloon Help Description Field Properties Date Time Mod No Checker Record Status Date Time Authorization Status The following details are captured here Function Identification Select the Function id for which you want to give access rights from the option list Module Select the module to which the Function id has t
87. its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third party content products and services Oracle Corporation and its affiliates will not be responsible for any loss costs or damages incurred due to your access to or use of third party content products or services
88. l for querying purpose Description Provide a description of what modification is being done on selected user ids User Id Select the User Id to be changed from the option list provided Name Name of the user specific to the selected user id will be displayed in this field Password Password of the selected user id will be displayed here This field will be editable only if the Auto Generation Required option is not selected at the application level If the Auto Generation Required option is checked the password will be auto generated by the application 2 9 ORACLE Reset Password Select this checkbox to reset the password in case of user ids where password needs to be auto generated 2 4 Creating Common Branch Restrictions To recall in the Branch Restrictions maintenance you have identified those applications and operations for which you intend to maintain branch restrictions Having done this you must proceed to create the appropriate common branch restrictions for each branch administrator You can maintain these restrictions in the common Branch Restrictions screen You can invoke this screen by typing SMDBRRES in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button This can be done only at the head office branch Branch Restrictions UserBranch Jaz Description Restriction Type Description Branch Restriction Allowed Disallowed
89. lication tool bar and clicking on the adjoining arrow button The screen is displayed as below 3 10 ORACLE Branch Code Branch 28 Branch Status o Advanced Search 00000 mj Reset Records 15 4 1 1 y M Branch Code Branch Name Branch Status amp You query for records based on the following criteria e Branch Code e Branch Name e Branch Status Click Search button Based on your preferences the system identifies all records satisfying the criteria and displays the following details for every record e Branch Code e Branch Name e Branch Status 3 11 ORACLE 4 Error Codes and Messages 4 4 Error Codes Error Code Message SM 00001 Unauthorized installation Contact Oracle Financial Services representative SM 00002 Licensed number of users exceeded Try again after a while SM 00003 Guest ids can sign on only via change branch function SM 00004 Invalid login SM 00005 User already logged in SM 00006 User status is disabled Please contact your system administrator SM 00007 User status on hold Contact your system administrator SM 00008 Your time level does not permit you to log in Contact your branch system administrator SM 00009 Please change password now SM 00010 Password file missing or corrupt SM 0001 1 Contact your system administrat
90. manager If you do not check this box the user can view create authorize and amend the transactions of the customers assigned to other relationship managers This is applicable to the users created with their role as Relationship Manager Show Dashboards Check this box if you want the system to display all the Dashboards assigned to your User Role on the landing page Alerts on Home Check this box if you want the system to display the Alerts relevant to you on the landing page Auto Authorize To indicate that a user is allowed to perform automatic authorization you must enable the Auto Authorize option in the User Maintenance screen If automatic authorization has been enabled for a function branch and user profile and such a user has rights for both input and authorize operations any record maintained by such a user in the corresponding function maintenance or online screens will be automatically authorized when the Save operation is performed Example You have enabled automatic authorization for the following branches in the Branch Parameters Branch Automatic Authorization Enabled 000 Yes 001 No 002 Yes In the Function Description maintenance automatic authorization has been enabled for the following functions 2 32 ORACLE Function Automatic Authorization Enabled Customer Information Maintenance Yes LD Contract Online Yes Customer Account Mainten
91. mer id of the staff is linked with the user id created for the staff Qu amend or authorize operations will fail with invalid account CIF message if you try to amend or authorize own or other staff CIF account details The view restriction will not apply to the transaction or contract screens in which the other staff accounts are involved The view restriction will not apply to the Oracle FLEXCUBE reports ELCM User ID Specify the ELCM user ID which will be used by ELCM system to perform the ELCM maintenance User ID would be unique across all the instances of FCUBS and it should be controlled operationally 2 31 ORACLE ELCM User ID Specify the ELCM user ID which will be used by ELCM system to perform the ELCM maintenance User ID would be unique across all the instances of FCUBS and it should be controlled operationally Multi Branch Access Required Check this box if you need to configure dual access framework for the specified User ID Other RM Customer Access Restricted You can restrict the users access to the transactions of the customers who are assigned to a different relationship manager Check this box to restrict the user from viewing creating authorizing or amending the transactions of the customers who are not assigned to him her The customers not assigned to the RM include the customers assigned to other relationship managers as well as those who are not assigned to any relationship
92. n Required Multi Branch Access Other RM Customer Access Restricted Show Dashboards Alerts on Home Restricted Password Rights Account Classes General Ledgers Disallowed Functions Users Holiday Group Restriction Centralized Role Dashboard Mapping Maker Checker Date Time Date Time Record Status Authorization Status Specify the following details User Identification Specify the user identification This ID identifies the user whose profile you are defining In a user ID you can use alphabets in upper or lower case numbers 0 to 9 _ underscore The number of characters in a User ID should be greater than or equal to six and less than 12 2 27 ORACLE Name Specify the name of the user Classification e Staff All internal users of the bank can be classified as Staff You can include any of the functions available in the system in the user profile e Branch This indicates a branch user This is used to identify a branch user and branch specific user maintenance for Branch user 2 10 1 1 Restrictions on User Profile Administration A branch administrator can create modify or delete user profiles only in the Head Office Home branch of the administrator or in those branches that are allowed for the restriction type USRADMIN in the Common Branch Restrictions When the administrator of a branch attempts to create a new user in the User Profile screen the branches available in the Home
93. n To invoke this screen type SMRONSTA in the field at top right corner of the Application tool bar and click the adjoining arrow button Online Screen Performance Statistics Report Report 1 Function Action Report Format PrinterAt Client Report Output Printer Specify the following details Function Specify the function ID for which performance statistics need to be collected The adjoining option list displays all transaction related function IDs available in the system You can select the appropriate one You can also leave this field blank if you have mentioned the action This will imply that the report needs to be generated for the given action across all function IDs Action Specify the action that needs to be performed on the function ID The adjoining option list displays all operations for the functions IDs available in the system You can select the appropriate one You can also leave this field blank if you have mentioned the action This will imply that the report needs to be generated for the given function ID across all actions o Both the function and the action cannot be null at a time 5 7 1 Contents of the Online Performance Statistics Report The parameters specified while generating the report are printed at the beginning of the report The contents of this report are discussed under the following heads Header The Header carries the title of the report information
94. n Number Field Name Indicates Field Name New Value Indicates New Value Old Value Indicates Old Value Maker ID Indicates Maker ID Maker Date Indicates Maker Date Checker ID Indicates Checker ID Checker Date Indicates Checker Date 5 12New User Created Report The New User Created report provides details of the new users created You can invoke the screen by typing the code SMRNWUSR in the field at the top right corner of the Application tool bar and click on the adjoining arrow button 5 18 ORACLE New User Created Report Select Details Al Single Branch Code User Creation From Date To Date ReportFormat PDF Printer At Client Report Output Print Printer You can specify the following parameters Branch Options You can generate the report based on the following branch criteria The following options are available for section e All e Single Branch Code Specify a valid branch code for which you want to generate the report from the adjoining option list if you have selected Single User Creation You can specify the following parameter From Date Specify date from when you want to generate the report from the adjoining calendar To Date Specify date till when you want to generate the report from the adjoining calendar Contents of the Report The parameters specified while generating the report are printed at the beg
95. n the field after it was modified Date amp Time The date and time of the transaction Authorizer ID The of the person who authorized the transaction Date amp Time The date and time when the transaction was authorized Record Stat The status of the record 5 7 ORACLE Auth Stat The authorization status Function ID The function ID Mod Number The module number Table Name The table name 5 5 nactive Users Aging Analysis Report This report gives details of users who have not used the system over a certain period You should enter the period when you invoke the report The details are sorted in ascending order of the date from which the user has not used the system Click OK button if you want to generate this report To come out of this screen without generating the report click Exit button 5 5 1 Contents of the Inactive Users Aging Analysis Report User ID The ID of the user who has not been using the system Inactive Since The date from which the user has not accessed the system Status The status of the user enabled disabled hold inactive Inactivity Period The number of days for which the user has not used the system 5 6 SMS User Inactive Log Report This report gives details of users who have not used the system over a certain period You should enter the period when you invoke the report The details are sorted in a
96. nces pertaining to their own accounts e Post transactions to the staff accounts or create contracts for staff members even if the user is restricted to view print balances contract information pertaining to other colleagues e Incase of balance exception during transaction posting the balance will not be displayed The Exception Message will only state that the account will be overdrawn on account of the transaction e Posttransactions and view transaction information until the contract is authorized After authorization such users cannot access the contract The only exception is that when the user has captured a contract the user will be allowed to view the details till the contract gets authorized LDAP DN The LDAP Details that have been maintained in the SSO screen have to be input here Clicking on the Validate button validates the LDAP details entered in the Single Sign On The application will verify if only one user ID in FLEXCUBE UBS is mapped to the subject DN while authentication via SSO Time Level Time level is defaulted to nine here You can specify the time level you need to maintain at the User level if needed You can specify values between zero and nine Time level can be specified at two levels at the Branch level and at the User level If you need to login then the time level maintained at your User Profile should be greater than or equal to that maintained at the Branch level 2 30 ORACLE Time
97. nitiated by the system The system defaults to a value of 30 which can be changed If you change it the number of days you specify here should be between 15 and 180 days inclusive Password Repetitions You can stipulate the number of previous passwords that cannot be set as the new current password when a password change occurs The system defaults to a value of three i e when a user changes the user password the user s previous three passwords cannot be set as the new password You can change the default and if you do you can specify a number between one and five inclusive The following example illustrates how this works Example While setting up the Bank Level Parameters you have given a value of 2 in the Password Repetitions field Mr Smith is a user of the system with the following details USERID SMITH Password STEELE If Mr Smith wants to change his password he should invoke the Change Password screen He cannot choose his old password STEELE again He now enters his new password as SMITHS Smith wants to change his password for the second time As the last two passwords cannot be used Password Repetitions 2 in the Bank Level Parameters table he cannot enter either STEELE or SMITHS as his new password He should enter a different password The number you specify here should be greater than or equal to 1 and less than or equal to 5 Minimum Days between Password Changes You can specify the minimum num
98. nment This software or hardware is developed for general use in a variety of information management applications It is not developed or intended for use in any inherently dangerous applications including applications that may create a risk of personal injury If you use this software or hardware in dangerous applications then you shall be responsible to take all appropriate failsafe backup redundancy and other measures to ensure its safe use Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws Except as expressly permitted in your license agreement or allowed by law you may not use copy reproduce translate broadcast modify license transmit distribute exhibit perform publish or display any part in any form or by any means Reverse engineering disassembly or decompilation of this software unless required by law for interoperability is prohibited The information contained herein is subject to change without notice and is not warranted to be error free If you find any errors please report them to us in writing This software or hardware and documentation may provide access to or information on content products and services from third parties Oracle Corporation and
99. nt to define the holiday period The adjoining option list displays all the valid user profiles maintained in the system You can select the appropriate one Leave From Select the start date for the holiday period from the adjoining calendar Leave To Select the end date for the holiday period from the adjoining calendar The user will not be allowed to log in within the specified holiday range Remarks Specify a brief description for the holiday 2 24 ORACLE You can maintain multiple holiday slots for a user but the system will not allow including a specific day in more than one slot 2 9 Viewing Holiday Summary Details You can view holiday periods maintained for any user profile in the Users Holiday screen You can also invoke this screen by typing SMSUSHOL in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button The screen is as shown below E User Holiday Summary Authorization Status Record Status z Branch Code E User ID Leave From Leave To Advanced Search Records per page 15 z 1 OF 1 Authorization Status Record Status Branch Code UserID LeaveFrom LeaveTo MakerID Maker Date Star Z E E You can query for records based on the following criteria e Authorization Status e Record Status e Branch Code e User ID e Leave From e Leave To Click Search b
100. nvoke this screen by typing SMDSOPRM in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button LDAP Maintenance LDAP Host LDAP Port LDAP Admin Id LDAP Password LDAP Base Time Out Duration Seconds Input By Authorized By Modification Number Authorized Open Date Time Date Time The following details can be maintained in this screen LDAP Host Indicate the machine or server name where LDAP Oracle Internet Directory is installed LDAP Port Specify the network Port number where the LDAP Oracle Internet Directory listen to the Server LDAP Admin id Specify the admin user id of the LDAP Oracle Internet Directory LDAP Password Specify the Password for the LDAP Admin User which is provided during installation LDAP Base Specify the directory information tree DIT structure under which the data is to be stored which is provided during installation This is used while validating the user present in the LDAP Oracle Internet Directory 3 6 ORACLE Time Out Duration Sec You can stipulate the allowable idle time in seconds that a user can spend without performing any activity after logging in to the system 3 8 Maintaining Transaction Status Control The Transaction Status Control Maintenance screen allows the user to define the various action buttons depending on the status of the contract You can invoke this screen by typing
101. o be mapped All Functions are mapped to specific modules Name Specify the executable to open the Function Id Type Select the type of Function Id here from the drop down list The options available are e Form e Report e Stored Procedure 2 12 ORACLE Menu Head Select the menu head from the drop down list The options available are e Module e Report You can then specify the rights to the different actions for the functions by checking against the action These actions can be e Static Maintenance Functions gt New Define a new record gt Copy Copy details of an existing record gt Delete Delete an existing record gt Close Close an existing record Unlock to amend an existing record gt Reopen Reopen an existing record Print Print the details of selected records Authorize Authorize any maintenance activity on a record e Contracts and on line transaction processing Reverse reverse an authorized contract Rollover to manually roll over an existing contract into a new contract gt Confirm to indicate the counterparty or broker confirmation of a contract Liquidate to manually liquidate a contract Hold to put a contract on hold gt View to see the details of the contract e Reports gt Generate to generate reports gt View view the reports gt Print print the reports To delete the access rights given for a Function select the Function ID and click delete icon
102. o is logged into the system is forced out However the ID of the user still continues to have a status of Currently Logged In In such a situation the user will not be allowed to log in to the system again Such User IDs can be cleared through the Clear User Profile screen You can invoke this screen by typing CLRU in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Clear User User id Branch Code Records 10f1 Branch Code User ld User Name 73 004 36697T1 PRAHLAD 71004 SIVAKAN SIVAKANNAN 1004 SIVAAUTO SIVAKANNAN You can search for the users based on the following parameters e User Id e Branch Code Once you have specified the parameters click Fetch button The system lists the following details of the users who have logged into the application e Branch Code e User ID e User Name 3 1 ORACLE To force log out a user check the box against the relevant user record and click Clear button The system will display a message to confirm the clear operation To force log out all the users in a page check the box against the header row which will select all the users in the page Further click the Clear button The selected users are logged off from the application 3 2 Changing the System Time Level The time level is allotted at two levels at the system branch level and at the user level For a user to be able to login the time level for the user p
103. of the Application tool bar and click the adjoining arrow button The screen is as shown below Security Management Violation Log Report Date Range From Date To Date Time Range 00 00 00 23 59 59 Date ant Time User Id ReportFormat PDF Printer At Client Report Output Print Printer Indicate the following details Date Range Indicate the date range From Date Indicate the date from which you want to generate the violations report using the adjoining calendar To Date Indicate the date until which you want to generate the violations report using the adjoining calendar Time Range Specify the time range that should be considered for the violations report Sort By Indicate the mode of sorting data in the report by choosing one of the following options e Date and Time 5 3 ORACLE e User Identification Purge Check this box to indicate that the report can be purged Click OK button to generate the report 5 2 1 Contents of the Security Management System Violations Log Report The contents of this report are discussed under the following heads Header The Header carries the title of the report information on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report Body of the report The following details are displa
104. oke the screen by typing the code SMRPUSPR in the field at the top right corner of the Application tool bar and click on the adjoining arrow button User Profile Report Report For All Users Selected User ld Report Format PDF Printer At Client v Report Output Print Printer You can specify the following parameters Report For 5 22 ORACLE You can generate the report based on the following user criteria The following options are available for section e All Users e Selected User ID Specify a valid User ID for which you want to generate the report from the adjoining option list if you have selected Selected 5 14 1 Contents of the Report The parameters specified while generating the report are printed at the beginning of the report Other content displayed in the report is as follows Header The following details are displayed in the header section Field Name Field Description Branch Indicates Branch Code and Branch Name Branch Date Indicates Current Date of the Branch User ID Indicates User ID Date amp Time Indicates the Date and Time when the report was generated Module Indicates module for which report is generated Body of the Report The following details are displayed as body of the generated report Field Name Field Description Branch Indicates branch code User ID Indicates User ID
105. opulated SM PRDO2 Deletion not allowed as periods beyond 1 exist for the financial cycle SM PRDOS The period end date has to be the last day of a month SM PWCO1 Password same as previously used password SM QRY 01 The form is in the enter query mode Please click on the exit toolbar button or exit menu item to get to the normal mode SM QRY01 The form is in the enter query mode Please click on the exit toolbar button or exit menu item to get to the normal mode 4 14 ORACLE 5 Reports 5 1 Events Log Report The Events Log report gives details of all events that occurred over a period in time You can specify the period for which you require the report when you invoke the report function To invoke the screen to generate this report type SMRPEVLG in the field at top right corner of the Application tool bar and click the adjoining arrow button Events Log Report For Type All Users Selected Users User ld From Date To Date Purge ReportFormat PDF Printer At Client v ReportOutput Print Printer Report For Indicate the user of the report by choosing one of the options e All Users e Selected Users From Date Indicate the start date by using the adjoining calendar To Date Indicate the end date by using the adjoining calendar Purge Check this box to purge the document Click OK to generate the re
106. or Oracle built in problem SM 00012 SMTBS passwords table missing or entries not found SM 00014 Password due to expire on 1 SM 00015 User profile expired Contact branch system administrator SM 00016 Your time level does not permit you to launch this function SM 00030 This function is currently not available for execution SM 00031 This form 1 is not available Contact your branch system administrator SM 00032 The time level in the branch has changed Your time level does not permit you to execute any functions SM 00033 The number of users currently executing functions in this module has exceeded the license limit SM 00034 This function is not available for customer access SM 00035 This function is not available for staff access 4 1 ORACLE Error Code Message SM 00036 Function ID is not correct Enter function ID again SM 00037 Main menu and sub menu descriptions cannot be same SM 00040 Wrong password Enter password again SM 00041 The new and confirmed passwords do not match Enter passwords again SM 00042 The password entered is restricted Try another password SM 00043 The password entered has already been used Try another password SM 00044 Length of password is less than 1 characters SM 00045 Length of password is more than 1 characters SM 00046 The password string contains special characters that are not allowed Retype
107. porate Group Description System describes the group code selected by the user User will be able to query or modify the account details only for those customers whose group code is allowed to him If a user tries to query or modify the account of the customer whose group code is restricted for him system will display the following error message User is restricted to query or modify the account 2 47 ORACLE 2 10 13 Disallowed Functions You can restrict certain functions from being performed by a user You can specify such restrictions in the Disallowed Functions screen Click Disallowed Functions button to invoke this screen Disallowed Functions Function Disallow 1010 Function Click add icon to add a record under the Function list Into each added field select the required function by clicking the adjoining option list 2 48 ORACLE 2 10 14 Users Holiday You can view holiday periods maintained for the user profile in the Users Holiday screen Click Users Holiday button to invoke this screen The screen is as shown below User Holiday Summary Authorization Status Record Status Branch Code aL User ID Leave From 2 Leave To ESTE Records per page 15 14 4 1 Of 1 Authorization Status Record Status Branch Code User ID Leave From Leave To Maker ID Maker Date St Authorized Closed 000 30300M03 2011 09 05 2011 09 30 30300A03 2011 09 02 Aut
108. port 5 1 1 Contents of the Events Log The contents of this report are discussed under the following heads 5 1 ORACLE Header The Header carries the title of the report information on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report Body of the report The following details are displayed in the report User ID The user who initiated the event Function Description The name of the function that activated the event Start Time The time at which the event was initiated End Time The time at which the event was successfully completed or was aborted If the event has not been completed or Not Yet is displayed here Branch Code The code allotted to the branch Terminal ID The system ID where the application is launched System Start Time The time when the user starts the application System End Time The time when the user signs out of the application Total time spent on individual functions by individual users is also provided 5 2 ORACLE 5 2 Security Management System Violations Log Report Any attempt at violating the security of the system will be reported in the Security Violations report You can generate this report for a particular period To invoke the screen to generate this report type SMRPVLLG in the field at top right corner
109. rd Restrictions 10f1 Password x To add a password to the Password list click add icon To select a record in the list use the check box beside it After you listed the restrictive passwords in the Password list click Ok button to save the password restrictions 2 3 User Details Modification in Bulk You can change or reset user passwords in bulk if you have the system admin rights After modification of the user list click Save The modified user list will be stored in a temporary table The lists of users which are modified and mapped with a unique sequence number will not be available until the particular sequence number is authorized When the particular sequence number is authorized those user details will be changed and updated 2 8 ORACLE You can invoke this screen by typing SMDCHPWD the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button User Credentials Change New Sequence Number Process Date Description 10H08 gt M User Identification Password Reset Password 0 m Maker Date Time Checker Date Time Record Status Authorization Status In this screen the following information is to be provided Sequence Number Click on New icon to generate a new Sequence Number Process Date Select a date by clicking on the calendar icon beside the field This field is generally usefu
110. re You can further obtain information specific to a particular field by placing the cursor on the relevant field and striking F1 on the keyboard 1 2 Audience This Manual is intended for the following User User Roles Role Function Oracle FLEXCUBE To set up the initial startup parameters in the individual client Implementers workstations To set up security management parameters for the Bank SMS Administrator for To set the SMS bank parameters To identify the Branch level SMS Administrators SMS Administrator for To create User and Rsddole profiles for the branches of your bank the Branch Will also grant access to the various functions to the Users A Oracle FLEXCUBE Any user of Oracle FLEXCUBE whose activities are traced by the user SMS module 1 3 Abbreviations Abbreviation Description FC Oracle FLEXCUBE AEOD Auto End of Day BOD Beginning of Day EOD End of Day EOTI End of Transaction Input EOFI End of Financial Input 1 1 ORACLE Abbreviation Description The System This term is always used to refer to Oracle FLEXCUBE SI Standing Instructions MM Money Market RM Relationship Manager 1 4 Glossary of Icons This User Manual may refer to all or some of the following icons 1 5 Related Documents The Procedures User Manual 1 2 ORACLE 2 Security Management 2 1 Introduction Controlled
111. rofile should be greater than or equal to that of the system The time level can be between zero and nine You can change time level of the branch by using the Change Time Level screen You can invoke this screen by typing SMDCHGTL in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Click Users button for a display of the details of users who are currently logged in This screen shows a list of all users who are currently logged in and their respective Time Levels When the Time Level of the branch is changed the system validates and displays a message if the Time Level of any of the Users is lesser than that of the newly changed value These users can continue to log onto and work on the system till they log off When they try to log in back the System validates and only allows such users access whose time levels are greater than that of the system Change Time Level Branch Current Time Level L J New Time Level Users User Time Level HHE Ee Input Authorized By Modification Date Time Date Time Number Authorized Open 3 2 ORACLE 3 3 View Current Users The user of a branch can view a list of all the users logged in from the current branch or from any other the branches through the Current Users screen Current Users Current Branch All Branches CURRENT USERS Terminal User Id Start Time The following det
112. s corresponding to each of the above function categories Click on a button to view the corresponding screen 2 6 3 Branch Restriction You can specify the branches to which the role profile is associated and for which it is available Click Branch Restriction button in the Role Maintenance screen The Branch Restriction screen is opened Branch Restriction Branch 100 Branch Branch Name c Branch Restriction Allowed Disallowed You can maintain a list of branches for which the role is either e Allowed e Disallowed Choose the Allowed option to maintain an allowed list and the Branch Restrictions list will show the list of allowed branches Choose the Disallowed option to maintain a disallowed list of branches If you maintain an Allowed list then the role profile will be available only for those branches that you specify in the Branch Restrictions list Similarly if you maintain a Disallowed list then the role profile will not be available only for those branches that you specify in the Branch Restrictions list 2 17 ORACLE After choosing either the Allowed or Disallowed option click add icon to add a record under the Branch Restrictions list Into each added record field select the required branch from the adjoining option list 2 6 4 Account Class Restriction You can restrict the role from using certain account classes that are maintained in Oracle
113. s in addition to the Teller role You can do this at the User Profile level for the branch you are allowed 2 21 ORACLE 2 7 Defining a Limits Role Oracle FLEXCUBE allows you to place restrictions on the amount specified by a user when processing a transaction You can also restrict users with authorization rights from authorizing transactions with amounts beyond a specific limit To achieve this you can define Input Limits and Transaction Authorization Limits for a user at the time of maintaining a User Profile in Oracle FLEXCUBE The input limits and authorization limits will be made applicable to the following types of transactions e Payment transactions FTs e Single Entry Journal transactions e Multi Offset transactions e Teller transactions Oracle FLEXCUBE allows you to maintain different Role Limits which can then be linked to a user profile The limits defined for the attached role will be applicable to the user profile to which it is linked The Role Limits are maintained in the Role Limits Maintenance screen You can invoke this screen by typing SMDRLMNT in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button Role Limits Maintenance Role ld Description Limits Currency Input Limit Authorization Limit Input By Authorized By Modification Date Time Date Time Number Authorized Open Role Identification The Id that you specify here w
114. scending order of the date from which the user has not used the system In the Application Browser this report is available under the SM module 5 8 ORACLE To invoke the screen Security Maintenance Inactive Users Report type SMRPINST in the field at top right corner of the Application tool bar and click the adjoining arrow button Security Maintenance Inactive Users Report ReportFormat PDF Printer At Client Report Output Print Printer 5 6 1 Contents of the Inactive Users Log Report The contents of this report are discussed under the following heads Header The Header carries the title of the report information on the branch code the ID of the user who generated the report the date and time at which it was generated the branch date the modules covered in the report Body of the report The following details are displayed in the report User ID The ID of the user who has not been using the system Home Branch The home branch of the bank Last Signed On The date from which the user has not accessed the system Inactive For In days The number of days for which the user has not used the system 5 9 ORACLE 5 7 Online Performance Statistics Report This report lists the maximum minimum and average execution time for different actions across transactions in Oracle FLEXCUBE You can generate this report using the Online Screen Performance Statistics Report scree
115. sword Length 2 5 ORACLE Minimum Number of Lower Case Characters in Password You can define the minimum number of lowercase characters allowed in a user password The allowed lower case characters are from the US ASCII character set only The system validates these specifications only when a user chooses to change the password If you do not specify the limits the following default values will be used e Minimum No of Lower Case Characters 1 e Maximum No of Numeric Characters Maximum Password Length Minimum Number of Upper Case Characters in Password You can define the minimum number of upper case characters allowed in a user password The allowed upper case characters are from the US ASCII character set only The system validates these specifications only when a user chooses to change the password If you do not specify the limits the following default values will be used e Minimum No of Upper Case Characters 1 e Maximum No of Numeric Characters Maximum Password Length 2 2 6 Branch Restrictions for Specific Applications You can restrict administrators of branches from performing operations related to specific functions in branches other than their home branch These are referred to as Branch Restrictions for Specific Applications You can also maintain a list of branches in which the administrator of a certain branch is allowed restricted to perform specific operations These other restrictions are referred to as
116. tes the total number of users 5 17 User Entitlement Report The User Entitlement report provides user entitlement details You can invoke the screen by typing the code SMRUSRENN in the field at the top right corner of the Application tool bar and click on the adjoining arrow button User Entitlement Report User Entitlement User Status Enabled Disabled Both Branch Options User Options All All Single Single Branch B User ld ReportFormat PDF Printer At Client Report Output Print Printer You can specify the following parameters User Entitlement You can specify the following parameters 5 28 ORACLE User Status You can generate the report based on the following user status criteria The following options are available for section e Enabled e Disabled Branch Options You can generate the report based on the following branch criteria The following options are available for section e All e Single Branch Code Specify a valid branch code for which you want to generate the report from the adjoining option list if you have selected Single User Options You can generate the report based on the following user criteria The following options are available for section e All e Single User ID Specify a valid user ID for which you want to generate the report from the adjoining option list if you have selected Single 5 17 1 Contents of th
117. the following e P Processed e U Unprocessed After defining the message click Exit button to exit from the screen 2 55 ORACLE For more details on how the destination user can view the alert messages refer section titled Unprocessed Alerts in the chapter Getting Started with Oracle FLEXCUBE in Procedures User Manual 2 13Single Sign On SSO Enabled Environment Provided you have opted for the SSO Enabled option at bank level you can log in from an LDAP Oracle Internet Directory external system into Oracle FLEXCUBE through the screen shown below Connect to 10 184 74 163 21 xj e nl The server 10 184 74 163 at LDAP User Name Password requires a username and password User name Password ORACLE FLEXCUBE UNIVERSAL BANKING Login User ID Password Theme Default After successful authentication and authorization of the user is carried out by the LDAP Oracle Internet Directory a request is forwarded to gain access into Oracle FLEXCUBE On clicking the Submit button you can directly get into Oracle FLEXCUBE without specifying Oracle FLEXCUBE user id and password 2 56 ORACLE 3 Associated Functions 3 1 Clearing a User ID When a User logs into the system the system maintains a record of the user with the date and time of login On a successful normal log out this record gets deleted Occasionally you may come across a situation when a user wh
118. tion to place no restrictions on the user The user will be allowed to specify any amount during transaction processing Likewise users with authorization rights will be allowed to authorize transactions without any restrictions on the amount involved in the transaction 2 44 ORACLE 2 10 10 Branches To specify the branches from which the Staff and Branch users of the bank can operate you must use the Branches screen Click Branches button in the User Maintenance screen and Branches screen will be displayed as shown below L Branches Branch Restriction Allowed Disallowed Branches 1010 Branch Branch Name You can maintain a list of branches to which the user is either e Allowed e Disallowed To maintain an allowed list of branches choose the Allowed option Then the Branch Restrictions list will show the list of allowed branches To maintain a disallowed list of branches choose the Disallowed option If you maintain an allowed list then the user profile will be available only for those branches that you specify in the Branch Restrictions list Similarly if you maintain a disallowed list then the user profile will not be available only for those branches that you specify in the Branch Restrictions list Any branch that is Disallowed will not appear to that user in his Change Branch list After choosing either the Allowed or Disallowed option click add icon to add a record under the
119. tralization roles are defined then the roles are automatically assigned to the branches based on the branch restricted details specified in the user maintenance screen You can also include additional list of normal roles from the Roles sub screen You cannot assign a centralized role to a subset of allowed branches of a user You have to manually assign the normal role to each applicable branch 2 50 ORACLE 2 10 16 Dashboard Mapping If you checked the Show Dashboards check box in the main page of the User Maintenance Screen then you can map the specified User to one are more Dashboards in the Dashboard Maintenance sub screen Click Dashboard Mapping button to invoke this screen Dashboard Maintenance User Identification Name 10f1 Function id Description Sequence Number Clause Wizard Where Clause Show In Dash board The system defaults the following from the main screen e User Identification e Name Click Populate button the system displays DFls mapped to the specified User Role The system defaults the following details e Function ID Function ID of the Dashboard assigned to the User e Description Description of the Dashboard You can maintain the following details for the dash Sequence Number Specify the sequence number based on the User preference 2 51 ORACLE Clause Wizard Click to invoke Dashboard Condition sub s
120. tsof the Report das ied ede e ede e ede eade edi eR d der dn 5 19 5 13 ROLE PROFM E CR ATE D REPORT Lace e reel ORO OT UN du ie eee A IV 5 20 3 13 1 Contents of the Report issu dut qe d edv bie i be fete edu Dro E E dcbet itn 5 21 9 14 USBR PROFILE REPORT 5 S a ee EN IR EHE 5 22 24 1 Contentsof the Report sag dte eo ed eda bie n ise Beste edu rete EO creber sd ita 5 23 5 15 ROEEPROFIEE REPORT tese tete ee tede ee i nie nite aia NI 5 24 3 15 1 Contentsof the Report iu sse iere ro e Rede ec d ia dr t edv Doe da oi Ra etn 5 25 5 16 USBREROLESUMMARY RE OR eec Er o arb ORO UTE NR 5 26 D161 Contents of the Report i ssec ded ego ed ede be n p fti edu Doe voted uta 5 27 S I7 USER ENTITLEMENT REPORT 5 28 6 DATA Contents of the Report e e tase t Re RE EXE EU REPE RE 5 29 SCREEN GLOSSARY 6 1 FUNCTION ID LIST 1 About this Manual 1 1 Introduction This Manual is designed to help you to quickly get familiar with the Security Management System SMS module of Oracle FLEXCUBE It provides an overview of the module and takes you through the various stages in setting up and using the security features that Oracle FLEXCUBE offers Besides this User Manual you can find answers to specific features and procedures in the Online Help which can be invoked by choosing Help Contents from the Help Menu of the softwa
121. utton Based on your preferences the system identifies all records satisfying the criteria and displays the following details for every record e Authorization Status e Record Status 2 25 ORACLE Branch Code User ID Leave From Leave To Maker ID Maker Date Stamp Checker ID Checker Date Stamp 2 26 ORACLE 2 10 Defining a User Profile A User Profile defines the activities that a user can carry out on the system It also contains the user ID the name through which the user will access the system and the password The user profiles will be effective only after dual authorization You can create User Profiles through the User Maintenance screen You can invoke this screen by typing SMDUSRDF in the field at the top right corner of the Application tool bar and clicking on the adjoining arrow button The User Maintenance screen is shown below User Maintenance New User Details User Identification Name User Reference Language Home Branch Customer No Department Code Department Description Tax Identifier LDAP DN Time Level Amount Format Date Format Supervisor Identification Supervisor Name User Password Password Password Changed On Email Invalid Logins Cumulative Successive User Status Classification Status Changed On Last Signed On ELCM User ID Auto Authorization Start Date End Date Enabled Hold Disabled Locked Staff Branch Staff Customer Restrictio
122. ve Login Max Authorization Limit Indicates Max Authorization Limit 5 30 ORACLE 6 Screen Glossary 6 1 Function ID List The following table lists the function id and the function description of the screens covered as part of this User Manual Function ID Function Description CSDERMSG Error Messages Maintenance SMDBANKP SMS Bank Parameters Maintenance SMDBRRES Branch Restrictions SMDCHGTL Change Time Level SMDCUUSR Current Users SMDDPTMT Department Maintenance SMDFNDSC Function Description Maintenance SMDHOTKY Hot Keys Maintenance SMDLNGCD Language Code Maintenance SMDRLMNT Role Limits Maintenance SMDROLDF Role Maintenance SMDSOPRM Single Sign On Maintenance SMDTXNST Transaction Status Control Maintenance SMDUSALR User Alerts Maintenance SMDUSHOL User Holiday Maintenance SMDUSRDF User Maintenance SMRBASTA Batch Performance Statistics Report SMRCONTL Change Control Log Report SMREVNLO Event Log Report SMRMCLOG Changes Log Report SMRNWUSR New User Created Report SMRONSTA Online Screen Performance Statistics Report 6 1 ORACLE Function ID Function Description SMRPCHLG Report SMRPEVLG Events Log SMRPINST Security Maintenance Inactive Users Report SMRPRLPR Role Profile Created Report SMRPUSPR User Profile Report S
123. yed in the report User ID The user who was involved in the security management system violation Start Time The time at which the security management system was violated Message The error message if any displayed by the system during validation Function The description of the function that was executed by the user which Description resulted in the violation Terminal ID The terminal ID of the terminal onto which the user was logged 5 3 User Profile Report The details of all the user profiles that have been defined are available in the form of a report The User Profile Report gives details of user profiles maintained for all or specific users It includes e The functions attached to the role e roles to which the user is attached e Amount limits for each user e Branches in which the user can operate e Currencies the user can use e Customers the user can deal with e Restrictive passwords defined for the user 5 4 ORACLE To invoke the screen to generate this report type SMDCUUSR in the field at the top right corner of the Application tool bar and click the adjoining arrow button The screen is as shown below Current Users Current Branch All Branches CURRENT USERS W Branch Terminal User Id Start Time 5 3 1 Contents of the User Profile Report Branch Code and Name The code allotted to the branch and the full name of the branch Dat
124. you can copy the existing profile on to the new one Select Copy from the Actions menu in the Application toolbar or click copy icon A list of existing role profiles will be displayed Click on the one you want to copy All the details of the profile except the Role ID will be copied and displayed Enter a unique Role ID You can change any of the details of the profile before saving it 2 6 8 Closing a Role Profile A Role Profile should be closed only if there are no users linked to it Thus before closing a role profile you should modify each user profile attached to it and delete the link to the role Select Close from the Actions menu in the Application toolbar to delete an existing role profile If the role is linked to any user a warning message will be displayed This message will bring your attention to the fact that the user profile to which the role is linked will not be the same if the role profile is closed You will be prompted to confirm the closure The Role Profile will be closed only if you confirm the Closure 2 6 9 Defining Roles for Oracle FLEXCUBE Branch Users You can define a role with functions typically performed by you from Oracle FLEXCUBE Branch system You can maintain the role Teller and select the branch function from the Web branch button In case you wish to give access of the host functions to the Teller you can attach role like ALLROLES or other role with host function
Download Pdf Manuals
Related Search