Adding a user to the information base. Accounting info 1s enterprise add user

Dear readers, today we will fully examine the question of how to work with users in the 1C program, namely:

• Where are users stored?
• How to add a new one
• How to remove them

As is clear from the block above, before you learn how to add a user in 1C or remove someone who is frozen, for example, you need to know where to actually look for them. Don’t worry, it won’t take much time, especially since you will perform the rest of the operations through this place.

Let's get started:

1. Launch the 1C program using a shortcut on the desktop or any other method.
2. In the window that opens, you will first need to click on the “Salary and HR Management” item (if you are going to work with this database), then on the “Configurator” button in the right block to launch 1C in configuration mode.
3. So, our configurator opens. Now we will need to add users and set them the necessary rights. To do this, we go to the “Administration” menu. and select “Users”.
4. So we found the very place we needed. Now you can proceed with further actions.

How to add a new one?

How to kick a user out of 1C?

It is worth noting that only the administrator who added him can delete a user in 1C. That is, if from the example discussed above the personnel officer wants to remove someone, he will not be able to do this.

Therefore, if you are not an administrator, then you should contact him. If you are one, then follow these simple steps:

1. Go to the "Administration" menu, then launch the "Support and Maintenance" item.
2. Select “Active users” and left-click on the desired one.
3. Next, in the top menu block, click on the “End session” button.
4. Similar actions can be performed using the server's administrative panel. In the left branch of the tabs, click on the “Sessions” item, then in the right block, right-click on the desired user and click on the “Delete” item. Ready! You were able to delete a user in 1C.

Conclusion

01.06.2018

How to configure user access rights in a standard configuration of "1C: Enterprise Accounting" edition 3.0 so that each user can create, view and edit documents of only certain organizations.

Naturally, this creates a need for some users to be given the opportunity to work on behalf of only one or several strictly defined organizations and to limit access to data from other organizations.

In programs on the 1C:Enterprise 8.3 technology platform, this problem is solved using the mechanism for restricting data access at the RLS record level, which can be deciphered as Record Level Security (record level security) or Row Level Security (row level security).

Previously, this mechanism had to be built in configuration mode with the help of programmers. In the standard configuration of "1C: Enterprise Accounting" edition 3.0, the functionality of the access restriction mechanism across organizations is already included in the standard functionality and can be enabled and configured by an ordinary user (with administrator rights) independently without the help of specialists.

This method of setting up RLS access rights by organization can be used in the standard configuration "Enterprise Accounting" edition 3.0, both in the local version installed on the user's computer and in the cloud version of 1C: Accounting.

Let's look at setting up RLS using the example of a standard configuration of "1C: Enterprise Accounting 8" edition 3.0 ("Taxi" Interface).

Initial data.

There is an information base in which records are kept of four organizations, of which one is an individual entrepreneur and three are LLCs (see figure)

This information base will have one Administrator and three users: a chief accountant, one department head and a sales manager.

You need to configure user rights as follows:

Settings

The first step is to enable the ability to differentiate access rights by organization. To do this, in the "Administration" section, select "Setting up users and rights"

In the form that opens, in the “Access groups” subsection, check the box next to “Restrict access at the record level.”

Please note that enabling this mechanism for separating rights can lead to a significant decrease in the speed of the system (especially if it was not working quickly before) and increased performance requirements for the computer and server equipment used.
The reason for the decrease in operating speed is that additional selections are added to standard queries when accessing data, and each time the user accesses any information base data, the program will carry out additional checks.
Therefore, before enabling this setting, we recommend that you first check its effect on the speed of the program on a test copy of your infobase.

After this, in the “Users” directory, select the user whose rights we will configure and click the “Access Rights” button.

The "Administrator" profile allows access to all data of all organizations; additional configuration of administrator rights is not required. The system must have at least one user with administrator rights.

First, let's set up the rights of the chief accountant "Ivanova Anna Sergeevna", who needs to be given full access to all organizations.

The rights settings window will open.

You must select the user profile "Chief Accountant".

The chief accountant must have full access to all organizations, so in the right window, in the “Access Value” column, select “All allowed.”

To be fair, it can be noted that the “Chief Accountant” could be assigned “Administrator” rights - this would automatically give access to the data of all organizations, but then the Chief Accountant would also have system administration items in the interface.
This can be done if there is no separate administrator and his role is played by the chief accountant, but you should not assign more than one role to one user.

If the configuration describes several roles with record-level access restrictions (RLS), we do not recommend assigning more than one such role to one user (for example, accountant and HR officer), because when all queries are executed, the conditions of both RLSs will be added to their conditions using logical OR, which can lead to a decrease in the speed of query processing and, ultimately, the entire program

If the settings are made in the cloud service "1C:Fresh", then when saving the settings, the program may request confirmation of changes in access rights, for which you will need to enter the password of the user on whose behalf the settings are being made.

The next user is Vladimir Ivanovich Popov, who needs to be given full access to the documents of one organization "IP Popov V.I."

Restricting access to data can be configured in two ways: according to the “white” or “black list” principle, i.e. the user can configure access to the list of allowed organizations and then the user will have access to the data of the organization that is listed in this list, or vice versa, configure the list of prohibited organizations and then the user will have access to the data of all organizations in the information base, except for those specified in this list.

Select the “Chief Accountant” profile, in the “Type of access” column in the upper right window, select “All prohibited”. After that, in the “Allowed Values” window, click the “Add” button and select IP Popov V.I. from the drop-down menu.

Save the settings.

Let's move on to setting up the rights of the next user, Petr Nikolaevich Sidorov, who needs to be given access only to the extract of primary documents of the sales department on behalf of only two organizations: Leader LLC and Furniture Man LLC.

Select the “Sales Manager” profile. Select the access value “All denied”. In the “Allowed Values” window, first select LLC “Leader”, and then click the add button again and select the second organization LLC “Furniture Man”.

Save the settings.

If this information was useful to you, then like the article on social networks and share the link on your favorite forums))).

Online Company, 2018

How to configure user rights by organization in 1C: Accounting Enterprise edition 3.0, Limiting user access rights at the record level to data of only one organization in 1C: Accounting using the RLS (Record Level Security) mechanism, The user should see documents only of his organization in a multi-company information base 1C:Accounting, How in 1C:Accounting can I use the mechanism for restricting access at the record level (RLS - Record Level Securiy) to configure user rights to documents of only one organization? Setting up a mechanism for separating rights at the RLS (Record Level Security) record level in 1C: Accounting 8.3. In an enterprise, in one information base of the 1C: Enterprise Accounting 3.0 configuration, records are kept for several organizations and database users need to configure access so that each user can see documents of only the necessary organizations? How to allow a user to access data from only one organization in 1C: Accounting 8.3, Configuring the RLS system to limit user rights to access documents of only one organization in the 1C: Enterprise Accounting version 3.0 configuration, How to configure access restriction at the level of RLS records in a typical 1C configuration :Accounting 8.3, Access restrictions by organization in 1C:Accounting 8.3. using the RLS mechanism, How to configure user access rights to data of only one organization in 1C: Accounting 8.3, How to hide organizations for some users in 1C: Accounting 8, Setting up the RLS (Row Level Security) system in 1C: Enterprise Accounting edition 3.0, Restricting access to data of only one organization for a specific user in 1C: Accounting 8.3, How to configure user access rights by organization in a typical configuration of 1C: Enterprise Accounting edition 3.0, How to enable the ability to configure access restrictions at the record level in typical configuration of 1C: Enterprise Accounting rev.3.0, How to allow a user access to documents of only one organization in multi-company accounting in 1C: Accounting, How to configure user access rights to documents of only one organization in the 1C: Enterprise Accounting 3.0 configuration, Setting up the RLS (Record) system Level Security - restriction of rights at the record level) in the 1C: Enterprise Accounting ed.3.0 configuration, Configuring RLS mechanisms to limit a user's access rights to data of only one organization in the 1C: Enterprise Accounting ed. 3.0, Restricting access to documents of only one organization for a specific user in 1C: Enterprise Accounting 3.0, How to hide documents of one organization in a common 1C: Accounting database for one user, Several organizations are kept in one 1C: Accounting information base, how to set up RLS to could the user see documents only from his organization? An enterprise maintains multi-company accounting in one 1C:Accounting information base, and database users need to configure access so that each user can create, view and edit documents of only certain organizations? How in 1C: Accounting 8.3 using the RLS mechanism (Record Level Security - restriction of rights at the record level) to configure a restriction of document visibility for a specific user in the context of selected organizations?

By default, when creating a database on the cloud from a template, you must select a user to enter the program Administrator, with empty passwords.
It is not recommended to use this account for everyday work.
To differentiate access rights and increase the level of security, it is recommended to create user accounts and specify certain permissions for working with the database.

Creating users for 1C 8.2 databases

To create a list of users, open the database in Configurator.

Go to the "Administration / Users" menu. To manage the list of users, you must have Full rights in the database.


Click the "Add" button.

In the window that opens, fill in the fields:
Name- the name that will be displayed in the user selection list.
Full name - the name that will appear in the database when performing operations.
flag Authentication 1C:Enterprise- allows you to set a password under which the user will log into this database.
flag Show in selection list- allows you to hide or show the user in the launch window. If the user is hidden in the selection list, then you can log in using his data by directly entering his name and password.


flag Operating system authentication allows you to link an account on 42 Clouds with an account in the 1C database.
When installing this option, you will need to select from the list your login on the 42 Clouds website(tip: start typing your username to search the list).


On the "Other" tab, you need to specify for users the roles that they can perform in the database.
The list of roles depends on the user's responsibilities.
Note! To launch the database on the cloud, check the “Run thick client” and “Run thin client” flags.

After specifying the required settings, click OK. Now the created user can work in the database.

Creating users for 1C 8.3 databases

Creation of new users in such configurations as Trade Management 11.1, Enterprise Accounting (edition 3.0) occurs in the mode of working with the database, in the Users directories. Created users will be included in the Configurator automatically after creation.

Go to the menu “Administration / Setting up users and rights / Users”. Click the Add button. To manage the list of users, you must have Full rights in the database.

Enter a name, give permission to access the database (by checking the box) and select an authorization method (either entering a login and password, or logging into 1C under a domain account). The fields "Individual" and "Division" are optional and are used for analytics.

To work with the database, you need to add rights to the user in the “Access Rights” section. The set of groups can be changed and edited in the User Group Profiles directory.

Disabling access to the database

To disable access to the 1C user database, simply uncheck the “Access to the infobase is allowed” flag or change the password.
When setting up a user through the Configurator (for 1C 8.2 databases), it is enough to remove the user from the list.

Creating users for 1C 8.3 databases (Taxi Interface)

To configure access rights, log into the database in 1C Enterprise mode on behalf of the Administrator and go to the User and rights settings / Access group profiles section, click Create group.

Enter the name of the group and check the boxes for the roles available to users in this group. An example group that would allow users to use external processing includes the following roles:

• Interactive opening of external reports and processing
• Using additional reports and processing

Click Burn and Close

Return to menu Users and select an employee from the list, click Access rights. In the list of profiles, select the previously created profile. Click Record.

In this article I will look at how to work with users in:

• create a new user;
• configure rights - profiles, roles and access groups;
• how to configure rights restrictions at the record level () in 1C 8.3 - for example, by organization.

The instructions are suitable not only for the accounting program, but also for many others built on the basis of BSP 2.x: 1C Trade Management 11, Salary and Personnel Management 3.0, Small Firm Management and others.

If you are interested in setting up rights from a programmer's point of view, read.

In the 1C program interface, user management is carried out in the “Administration” section, in the “Setting up users and rights” item:

To create a new user in 1C Accounting 3.0 and assign him certain access rights, there is a “User and Rights Settings” item in the “Administration” menu. Let's go there:

The list of users is managed in the “Users” section. Here you can create a new user (or group of users) or edit an existing one. Only a user with administrative rights can manage the list of users.

Let’s create a user group called “Accounting”, and there will be two users in it: “Accountant 1” and “Accountant 2”.

To create a group, click the button highlighted in the figure above and enter a name. If there are other users in the information base who are suitable for the role of accountant, you can immediately add them to the group. In our example there are none, so we click “Save and close”.

Now let's create users. Place the cursor on our group and click the “Create” button:

In the full name we will enter “Accountant 1”, and the login name will be set to “Accountant1” (this is what will be displayed when entering the program). The password will be “1”.

Be sure to make sure that the “Login to the program is allowed” and “Show in the selection list” checkboxes are checked, otherwise the user will not see himself during authorization.

Get 267 video lessons on 1C for free:

Leave “Startup mode” as “Auto”.

Setting up access rights - roles, profiles

Now you need to specify “Access Rights” for this user. But you need to write it down first, otherwise a warning window will appear as shown in the picture above. Click “Record”, then “Access Rights”:

Select the Accountant profile. This profile is standard and configured with the basic rights required by an accountant. Click “Record” and close the window.

In the “User (creation)” window, click “Save and close”. We are also creating a second accountant. We make sure that users are enabled and can work:

It should be noted that the same user can belong to several groups.

We chose access rights for accountants from those that were included in the program by default. But there are situations when it is necessary to add or remove some right. To do this, it is possible to create your own profile with a set of necessary access rights.

Let's go to the "Access Group Profiles" section.

Let's say we need to allow our accountants to view the journal entry.

Creating a profile from scratch is quite labor-intensive, so let’s copy the “Accountant” profile:

And let's make the necessary changes to it - add the role " ":

Let's give the new profile a different name. For example, “Accountant with additions.” And check the “View registration log” checkbox.

Now we need to change the profile of the users we created earlier.

Restricting rights at the recording level in 1C 8.3 (RLS)

Let's figure out what it means to restrict rights at the record level, or, as they call it in 1C, RLS (Record Level Security). To get this opportunity, you need to check the appropriate box:

The program will require confirmation of the action and will inform you that such settings can greatly slow down the system. It is often necessary to prevent some users from seeing documents from certain organizations. It is precisely for such cases that there is an access setting at the record level.

We go again to the profile management section, double-click on the “Accountant with Additions” profile and go to the “Access Restrictions” tab:

“Access type” select “Organizations”, “Access values” select “All allowed, exceptions are assigned in access groups”. Click “Save and close”.

Now we return to the “Users” section and select, for example, the user “Accountant 1”. Click the “Access Rights” button:

Using the “Add” button, select the organization whose data will be seen by “Accountant 1”.

Note! Using a mechanism for separating rights at the record level can affect the performance of the program as a whole. Note for the programmer: the essence of RLS is that the 1C system adds an additional condition to each request, requesting information about whether the user is allowed to read this information.

Other settings

The sections “Copying settings” and “Clearing settings” do not raise any questions; their names speak for themselves. These are settings for the appearance of the program and reports. For example, if you have set up a beautiful appearance for the “Nomenclature” directory, it can be replicated to other users.