Step 2: Add and Drop Security Groups

If you decide that you need to use the ADD/DROP option, populate the KNTA_USER_SECURITY_INT interface table and then specify ADD or DROP for the USER_SECURITY_ACTION column in the interface table.

  1. Using SQL*Loader, your favorite tool, or direct Oracle database-to-database communication, load your data into the required input columns in the following table.

  2. Include a record for each desired security group action for each user.

  3. Specify ADD or DROP for the USER_SECURITY_ACTION column.

Example of a Change in Security Groups

User A and User B exist as users of PPM and are linked to the following security groups:

  • User A => security group X

  • User B => security group Y

Using a single User Open Interface transaction, you want to change the users' security groups to the following:

  • User A => security group Y

  • User B => security group X

To do this, populate the KNTA_USER_SECURITY_INT table with the following records:

GROUP_ID USER_ID SECURITY_GROUP_NAME USER_SECURITY_ACTION
100 USER A GROUP X DROP
100 USER A GROUP Y ADD
100 USER B GROUP X ADD
100 USER B GROUP Y DROP
Table 2-1. KNTA_USER_SECURITY_INT interface table

Column

Usage

Data Type

Description

TRANSACTION_ID

Required

NUMBER

Uniquely identifies each transaction.

PARENT_TRANSACTION_ID

Required

NUMBER

Provides the transaction ID (from KNTA_USERS_INT) of the parent table being imported.

If any child table is being used, set the TRANSACTION_ID in KNTA_USERS_INT to this value.

PARENT_TABLE_NAME

Required

VARCHAR2

Identifies the table associated with this entity.

The parent_table should be derived from KNTA_USERS_INT.

GROUP_ID

Required

NUMBER

Groups all the records that should be processed at the same time.

Use only one GROUP_ID each time you run a report.

Derived from the KNTA_INTERFACE_GROUPS_S sequence.

This value should be the same as the parent's GROUP_ID in KNTA_USERS_INT.

EXISTS_FLAG

Optional

VARCHAR2

Indicates whether the user already exists.

PROCESS_PHASE

Optional

NUMBER

Indicates the current stage of the record as it is being processed.

See Process State Information for details.

PROCESS_STATUS

Optional

NUMBER

Indicates the current disposition of the record.

See Process State Information for details.

CREATED_BY

Optional

NUMBER

Identifies the USER_ID (from KNTA_USERS) for the user performing the transaction.

If left blank, the value is derived from CREATED_BY_USERNAME.

CREATED_BY_USERNAME

Optional

VARCHAR2

Identifies the USERNAME (from KNTA_USERS) for the user performing the transaction.

This is used only if CREATED_BY is left blank.

If both are left blank, the value is set to the user currently running the report.

CREATION_DATE

Optional

DATE

Indicates the transaction date.

If left blank, the current date is used.

DEST_CREATED_BY

Optional

NUMBER

Identifies the USER_ID (from KNTA_USERS) for the user performing the transaction.

If left blank, the value is derived from CREATED_BY_USERNAME

If both are left blank, the value is set to the user currently running the report.

DEST_CREATION_DATE

Optional

DATE

Indicates the date the record is created in the destination (PPM instance).

If left blank, the value is derived from CREATION_DATE.

DEST_LAST_UPDATED_BY

Optional

NUMBER

Identifies the USER_ID (from KNTA_USERS) for the user that last updated the data.

If left blank, the value is set to the set to the user currently running the report.

DEST_LAST_UPDATE_DATE

Optional

DATE

Indicates the date that the security data was last updated.

If left blank, the current date is used.

DEST_ENTITY_UPD_DATE

Optional

DATE

Indicates the date that either the user data or security data was last updated.

If left blank, the current date is used.

USER_SECURITY_ID

Optional

NUMBER

Identifies a user security when removing a user from a security group.

This is normally left blank.

This is normally left blank and is derived from the KNTA_USER_SECURITY_S sequence.

DEST_USER_SECURITY_ID

Optional

NUMBER

Identifies a user security.

This is normally left blank.

This is normally left blank and is derived from the KNTA_USER_SECURITY_S sequence.

USER_ID

Optional

NUMBER

Identifies the user.

When creating users, this is left blank and the value is derived from the KNTA_USERS_S sequence.

For existing users, this refers to the USER_ID column in KNTA_USERS.

DEST_USER_ID

Optional

NUMBER

Identifies the user.

For existing users, this refers to the USER_ID column in KNTA_USERS.

This is normally left blank and is derived from the KNTA_USERS_S sequence.

SECURITY_GROUP_ID

Required

NUMBER

Indicates the security group for the user.

Required for ADD; not required for DROP.

SOURCE_TYPE_CODE

Required

VARCHAR2

Specifies the type of external update.

This should be a specific interface or migrator name, left blank, or have a value of INTERFACE_WF.

SOURCE

Required

VARCHAR2

Specifies the source of the information. This information is not validated during an import.

For example, the name of the third-party application or a value of CONVERSION.

LOGON_IDENTIFIER

Required

VARCHAR2

Identifies the ID used for the logon. The value should be a valid USERNAME in KNTA_USERS.

Depends on the LOGON_METHOD setting in the server.conf file. If LOGON_METHOD = LOGON_ID, the LOGON_IDENTIFIER column must be populated. Otherwise, populate the USERNAME column.

USERNAME

Required

VARCHAR2

Identifies the name used for the logon. The value should be a valid USERNAME in KNTA_USERS.

Depends on the LOGON_METHOD setting in the server.conf file. If LOGON_METHOD = USER_NAME, the USERNAME column must be populated. Otherwise, populate the LOGON_IDENTIFIER column.

SECURITY_GROUP_NAME

Required

VARCHAR2

Specifies the SECURITY_GROUP_NAME in KNTA_SECURITY_GROUPS.

USER_SECURITY_ACTION

Required

VARCHAR2

Indicates the action for user security. Valid values are ADD or DROP.