Heads up on this patch, it removes program paths for buttons on the Kinetic Home Screen for Job Tracker and Part Tracker. Easy fix but causes a lot of support calls first thing this morning.
And order entry
Well how do you fix it?
Nevermind
Edit the Home Screen, Edit the Button in question, Under “App” reselect the application such as “Job Tracker”.
Yes, major case. No ETA fix yet. Case CS0003429300:
We have identified an issue that is causing Kinetic Homepage icons to fail to open the requested form and returns the following message: “Due to security settings or module licensing process is unavailable. Contact your system administrator.” As part of security hardening, Kinetic is now verifying that the user has explicit access to individual menu items rather than the Menu Group. Development is currently reviewing the reported behavior to ensure that this is the expected result. Users that receive the message can select the form needed by going to the Menu structure and navigating to the desired item. The item will open from the Menu. Additionally, we have found that the icon can be deleted from the Kinetic Homepage and re-added from the Kinetic Homepage Designer and they will function.
Really? That seems like a wild change to make in a dot release. And it can’t really be true if simply reselecting the app fixes the problem, since one of the steps to correct the problem is not to assign explicit access to the individual menu item.
I will make a logical guess here.
I believe users started with a template I created for them for their Home Screen.
Example Job Tracker from the Production Management / Job Management menu.
Applied patch 2022.2.8
Users that got the message “Due to security setting etc…” had no access to this menu.
The fixed the Icon by then searching with their permissions and picked up Job Tracker from Production Management / Quality Assurance or somewhere else where they had permissions.
Evan! Are you kidding me, you better give me a call I have missed you!
I think you must know somebody with the same name or something…
Upgraded to 2022.2.11 over the weekend and our users are getting this as well. Any word on if this was fixed? It doesn’t look like it.
Yes.
12-20-2022 16:26:39
Update: Development and QA has completed their assessment of the Kinetic Homepage security change and determined that the KHP is correctly enforcing Menu Security down to the individual menu items for Users and Groups. We understand that this change may have been disruptive for some, but security of your system and data is paramount. All users will continue to be able to select their available menu items from the menu tree in the Kinetic Homepage. They will only see menu items allowed by their security settings. Additionally, they can simply click on the star next to the available menu items and it will be added to their Favorites menu until the icons can be replaced. If you have users that are receiving the security message for some tiles, any user can remove and replace the tiles via the Kinetic Homepage Designer. They will only be able to create tiles that their security settings permit (permitted items will display in the search under the App Link option).
We didnt have time to wait and had to recreate all the custom HP links if any users did that.
Is this fixed as we have a user that is experiencing the same behaviour and they do have access to the tracker.
Somebody should mark this as the solution, seems like its not obvious?
Hardly a viable solution though is it, having to go into each tile and repair something that was working prior to the upgrade to 2022.2.8 especially when you don’t want your users messing around with things like that,
I agree you shouldn’t have to mess with it, but those shortcuts on the Home screen
are for the user to do with what they please, by design.
If you had a user switch to a different department going from Production to Purchasing, you would change the security groups tasking them out of Production and adding them to Purchasing. They could in theory now have a Button for Job Tracker which was located under Production stop working, when the fix it by editing the button and searching again for Job Tracker they could pickup access thru their new department say for example Purchasing.
The whole menu and security system is a poor design.
I really wish they would have taken the opportunity to redo it with the UI change.
I do understand the complexity it would entail to try to maintain both though,
I wouldn’t want to do it
If anyone is interested this changes also affects MES. I have opened an Epicor Idea on it since support told me it is working as designed.
I was originally looking on this site to see if anyone found a way around for the time being. Process Calling didn’t seem to work, but maybe I entered it wrong. Does anyone know if that works using Kinetic UI?
Here is a link to the idea if you could vote, but here is also what was included for those searching this site. 2022.2 Homepage security causes a total menu security change for MES
=============================================
As stated by Epicor support, there was a security change to harden security by requiring the end user to have access to the entire menu structure that leads to the menu item in question in 2022.2 whereas in 2022.1 the user only needed access to the menuID of the menu item in question. In making that change, they revoked MES (Data Collect) screen access.
For a basic user to open any of the trackers, they now need access to the entire tree down to the menu item. This is dependent on which menuID the MES button points to. One example: MES Part Tracker opens menuID OMGO3004, I had to give the user access to Sales Management (SEC464) then Order Management (SEC044) then General Operations (SEC049) then Part Tracker (SEC183). This is the case for all trackers in MES if the user doesn’t happen to have the whole menu structure.
Since many of the base menus are structured to allow based on access above, this would give many employees access to Order Entry or other sales functions that they should not. The only way around that would be to go to every menu item and set individual security. Cloud customers would also have the added benefit of being required to copy every menu to the current company.
Epicor should have pointed those MES buttons to a process menu to have individual security or to an Executive Analysis menu as to not give excessive security out. Stop trying to tie a bunch of screens and options to a single security ID. I noticed many of the EVA skills tied to the Part Tracker security ID as well. These should all have their own ID.
As a side note, they could do the same for the trackers on the default homepage in the smart client/Web instead of making everyone modify the homepage. It probably would have been better to just have trackers on the default homepage pointing to Executive Analysis and remove entry screens for security.
Most of MES is rendered useless until we modify security. Reverting to Classic doesn’t sound like a good idea now that they are all used to Kinetic. I would also prefer not to customize the MES screen just to fix a security issue.
Here is the Process Calling I was trying, but the Call From is Invalid to Epicor, but is what is in the process menu. I assume this is not working for Kinetic.