This tip is relevant if you are a NetSuite administrator and you are working to setup special privileges to users under user security roles.
Background
During some UserEvent SuiteScript work, I was developing a special security role to avoid using the “Run as Administrator” deployment switch. After setting up the role and re-running my script, NetSuite continued to give me an error message. It’s is well understood that NetSuite’s fine grained security switches can be challenging to setup. So naturally, as I got this error, I kept speculating with trial and error techniques to determine what security permission needed to be granted.
Log Out and Log In
After enough tries without success, I decided to let it rest — I return the next day prepared to tackle the problem. To my surprise, the script no longer complained and it appeared that I had indeed granted the right security permission.
At that point, I realized that NetSuite must be holding a security definition in memory. When you log out, you clear that definition. When you log back in, you pull back in the definition from disk. Consequently, I now know that anytime I am working with the Role Security Permissions switches, it is best to log out and then log back in to verify work.
Marty,
There are several outside (partner) firms that have admin access to our NetSuite. It makes me a bit leery that so many folks outside our organization have access to everything about us.
Is it possible to create a sub-admin role that limits access to anything specifically HR-related? TIA.
These are good questions. In general, when you limit the access of an expert to assist, they will have greater cost to make assessments and act. The security system can be costly to tweak due to the trial and error nature to get it right. I don’t have a good general guideline except to at least keep outsiders outside of the Production system and only provide access to Sandbox.