Using OFDM Administrator you can restict restrict access to applications (PA, TP, B&C, RTM, RM, etc.) and you can restrict applications functions also, ex.: "+Balance & Control - Create Batch ID+", "+Balance & Control - Run Batch ID+", etc.
The administer the access to applications or functions of applications OFSA utilizes "Security Profiles". There are basic seeded security profiles provided by OFSA, availables when you install it. Theese security profiles can be assigned to USERS or USER GROUPS.
OFSA has seeded user groups also. They are:
OFDM_G_XXXX, where XXXX identifies a module/application. Ex.: PA, TP, BC...
Assigning a user to a seeded OFSA user group, the user gets access to the application because the group has assigned the role and the security profile for the particular module or application.
If you need to restrict a particular function of an application, you need to create a particular SECURITY PROFILE. Defining a security profile you can give or restrict access to every functionality of every application. Examples of what you can grant in a security profile: Construct Name / Action
Batch ID - Balance and Control / Create
Batch ID - Balance and Control / Delete
Batch ID - Balance and Control / Run
Batch ID - Balance and Control / Update
Batch ID - Balance and Control / View
Configuration ID / Create
Configuration ID / Delete
To create security profiles you have a wizard and you access to it through the main menu: Wizards / Create / Security Profile
Hope it helps you,