Super User
This parameter is used to define both the:
general administrator code for the system, which is unique, and must correspond to a key in the user record.
their function profile code (which is identical), but that can be assigned to other users in order to delegate administration functions. These users are considered to be administrators.
It is therefore an alphanumeric code that must correspond to a key in the user record. If no value has been assigned to this parameter, its default value is "ADMIN".
Level of localization / Global variable
This parameter is defined at the level Folder.It belongs to Chapter SUP (Supervisor) and the Group SEC (Security),The following parameters are also associated with this chapter and group :
- CHGPASS (Password management)
- MAILSAGE (Sage license e-mail address)
- NBRCON (No. full connections/licences)
- PASLNG (Length of password)
- PASSWD (Require password)
- SSOCLAOBJ (Class for LDAP search)
- SSOCONNECT (SSO connection)
- SSODOMAIN (User domain)
- SSOMAJ (Update user upon connection)
- SSOPASSWD (Control SSO password)
- SSOREFMAJ (Reference for user update)
- TABTRA (Trace system transactions)
Its values are defined by the function Users.
No global variable is associated with it.
Functions concerned
The following functions are associated with this parameter :
Setup > Users > Function profile
Setup > Users > Users
The administrators users (ie. having for function profile the code defined by this parameter in addition to the general administrator), sharing specific prerogatives with the general administrator:
- they have the right to modify the parameters of the SUP group (group that the ADMUSR variable belongs to).
- the filters on the access codes to not apply to them: they therefore have access to all the transactions, and all the data controlled by access code and to all system transactions.
- they have access to all the functions.
- they have access to differred printouts, to all the reports and to all printers.
- only they have the right to modify the import/export parameters.
- they have access to table maintenance and to the code change function.
- they have access to all the batch tasks irrespective of their level.
- only they have access to the definition of the access codes by user.
- they have the right to import and export all data.
The general administratorbenefits from a further two specific privileges:
- they have no limitations on the number of simultaneous connections.
- their menu profile is (naturally) automatically defined by the same code.
Finally the general administrator does not benefit from menus that can be parameterized (it is strictly the standard menus defined by the function table), however another administrator may use a different menu profile.
Comments
In versions later than 140, the right to create or modify users is no longer reserved as in version 130 to the administrators. From now on, the authorizations management is used to authorize any user to create or simply view the users (user management function GESAUS). By the parameterization of the associated authorizations, and by means of the access codes, the non-administrator users can be refused access to the information defining the access codes, and can be limited (via the AUZFCT parameter in the SUP chapter) to create or modify the users having the function profiles conforming to a template. It is recommended, if user management is delegated to the non-administrator users, to check the authorizations that are given to them.