Access management

Access management /visma-net-erp/help/access-management section In the Access management section, you'll find essential information for securing your company's data by managing user access and permissions effectively. 2026-02-19T17:09:06+01:00 # Access management In the Access management section, you'll find essential information for securing your company's data by managing user access and permissions effectively. After completing the initial setup of the Visma Net, the next step is to create users and assign them roles. These roles, which come as standardised, define each user's level of access to the system. When users log in, their assigned roles determine which system resources they can access. ## Restricting access to information When users successfully log in to Visma Net, they should see only the system resources they need for their daily work. Read more in the **User security** section listed below. In addition to limiting access to system entities by using roles, the Visma Net provides **restriction groups**, which give you the ability to control the visibility of records or entities of multiple types, such as General Ledger accounts, subaccounts, subaccount segment values, budgets, and supplier and customer accounts. Membership in a restriction group controls the visibility of only the entities included in the group; meanwhile, the role may allow access to all the entities of a particular type. Read more in the **Row-level security** section listed below. User security /visma-net-erp/help/access-management/user-security section In the Access management section, you can easily view user accounts that have been created for your company. 2026-02-19T17:09:06+01:00 # User security In the Access management section, you can easily view user accounts that have been created for your company. Additionally, you have the ability to create and manage customised roles, along with the access rights associated with these roles. You are then able to give access rights to users by assigning them one or more roles, based on their job tasks. About role-based access /visma-net-erp/help/access-management/user-security/about-role-based-access page Visma Net employs a role-based system to regulate access to the system. 2026-02-19T17:09:06+01:00 # About role-based access Visma Net employs a role-based system to regulate access to the system. Visma Net employs a role-based system to regulate access to the system. Instead of assigning access rights individually, users are assigned one or more roles, which are predefined sets of access rights. These roles align with their specific job responsibility and determine the levels of access granted to workspaces, windows, records, and record operations. This allows for easy and efficient management of access to system objects, as changing the access rights of a role affects all users assigned to that role. Users without any assigned roles have no access to system resources. ## Efficient user role setup for Visma Net After Visma Net is installed, you give users access to the system objects according to their responsibilities by assigning them roles. This is done in Admin which is Visma's administration panel where you manage your companies and users. Before you start managing user access within your company, be sure to create an administrative user role with full system access. This role will serve as a cornerstone for assigning additional user roles. This way you can avoid the potential risk of inadvertently locking users out of the system. ## Default roles Admin provides predefined roles to simplify role definition and administration. These roles are license roles and define the maximum number of users per company. They are initially managed and assigned in Admin, then automatically transferred to Visma Net. In the roles registry of Visma Net, they are marked as 'Default' and come with preconfigured access rights that cannot be altered or removed. In Admin you can, for instance, assign users the **Financials Administrator** or **Financials User** roles. Visma Net also includes built-in roles that are stored directly in the system. These roles are always provided and cannot be removed. Some of these roles grant users access to special functionality, while others are used by the system and should not be manually assigned to users. The following built-in roles are available in the system: Administrator : This is an internal role used by the system, for instance to run system processes. Anonymous : This role is reserved for system use. DashboardDesigner : The system automatically designates this role as a dashboard owner role for dashboards that were created in previous versions of Visma Net. We recommend that you create specific roles for users who should own particular dashboards. For details, see: [About dashboard pages](/visma-net-erp/help/customisation/manage-dashboard-pages/about-dashboard-pages/). BI : A user with this role can access the **BI Views** —that is, the pre-configured generic inquiries that are exposed through the OData protocol, such as **BI-opportunities**. Customiser : A user with this role can customise Visma Net applications. Field-level audit : A user with this role can view the audit trail directly from an audited window. Guest : Not used. Internal user : A user with this role can change personal settings, and view Help. It is automatically assigned to all user accounts linked with the **Employee** user type. Portal admin : Not used. Portal user : Not used. ReportDesigner : A user with this role can publish reports in Visma Net. Any user can create reports in Report designer, but for publishing reports in Visma Net, the user needs to be granted this role. ## Customized roles In addition to predefined roles, you are able to create new roles using the [User roles (SM201005)](/visma-net-erp/help/access-management/user-security/user-security-windows/user-roles-sm201005/) window, and assign it to as many user accounts as needed. These roles are specific to your company and can be used to remove access granted by the license roles. We recommend that you configure the roles so that a user with a role only has the access rights necessary to perform typical tasks. It is better to give a user multiple roles than to create complicated roles that overlap with existing ones. ### Example Suppose that the Accounting manager role has broader access rights than the Accountant role. Instead of giving the Account manager role the same privileges the Accountant role has, give a user in a managerial position the Accountant role along with the Accounting manager role. ## Managing User access and Roles If you need to change access rights for all users assigned to a role, you change the settings of the role instead of editing each user's permissions. When new users are hired in your organisation, you assign a role to a new user. When existing users change their position in the company, you simply change set of roles according to their new responsibilities. About access rights for roles /visma-net-erp/help/access-management/user-security/about-access-rights-for-roles section In Visma Net, you can control a role's access to system entities, which is the broadest, down to the window element level, which is the most specific. 2026-02-19T17:09:06+01:00 # About access rights for roles In Visma Net, you can control a role's access to system entities, which is the broadest, down to the window element level, which is the most specific. The available levels of access depend on the system entity type. By default, each user role has the access level specified as **Not set** to all workspaces and windows. Initially, this means that all users can view and use all system objects. > [!IMPORTANT] > The **Not set** access level indicates that all roles have access to the workspace until **Revoked** or **Granted** access rights are set to the workspace for at least one role. All roles with the **Not set** level are then denied access to the workspace. ## Roles and access rights Consider an example of some roles a business might set, as shown in the illustration below, with full **Delete** access rights shown in blue and **View Only** access rights shown in purple. ![User roles examples](/media/visma-net-erp/User%20roles%20examples.png) Note that some users have only one role assigned, while other users have multiple roles, in accordance with their responsibilities. A user's access to an entity is defined by the most permissive level of access among the roles assigned to this user. With the roles shown here, User 6 (with both the **Accounting manager** and **Supplier ledger administrator** roles assigned) has full access to budgets from the **Accounting manager** role, rather than view-only access from the **Supplier ledger administrator** role. For more information see [About levels of access rights](/visma-net-erp/help/access-management/user-security/about-levels-of-access-rights/). ## Setting up access rights in Visma Net The following table shows two methods to set up access rights for roles in two different windows in Visma Net: |||| |---|---|---| |**Window used**|[Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/)|[Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-window-sm201020/)| |**Type of access managed**|Access rights for a particular role to multiple system objects.|Access rights to a particular system object (a workspace, a window, or a window element) for multiple roles.| |**Appropriate scenario**|When you have created a new role and want to set up access to all necessary windows for it.|When you want to configure access rights workspace by workspace, or window by window.| |**Read more**|[Configure access rights for a selected user role](/visma-net-erp/help/access-management/user-security/configure-access-rights-for-a-selected-user-role/)|[Configure access rights to system objects](/visma-net-erp/help/access-management/user-security/configure-access-rights-to-system-objects/)| ### Access Rights Depending on Object Type The specific levels of access rights to system objects you select for roles depend on the object type (workspace, window, or window element) for which you are specifying access rights. For some objects, you can only permit or deny access, but for others, you can set up partial access (for example, view-only access). ## Ability to track access rights You can track access rights to different objects by using the following windows: + [Access rights by window (SM65170S)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/) Gives you the ability to build a report to view access rights by each system object (a workspace, and a window). + [Access rights by role (SM65150S)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-role-sm65150s/) Gives you the ability to view access rights by each user role.

Windows

About levels of access rights /visma-net-erp/help/access-management/user-security/about-levels-of-access-rights page With Visma Net, you can control access to system objects at broad and granular levels, down to the control of window elements, such as buttons, text boxes, and check boxes. 2026-02-19T17:09:06+01:00 # About levels of access rights With Visma Net, you can control access to system objects at broad and granular levels, down to the control of window elements, such as buttons, text boxes, and check boxes. With Visma Net, you can control access to system objects at broad and granular levels, down to the control of window elements, such as buttons, text boxes, and check boxes. Users are assigned to roles, and you give these roles the appropriate levels of access rights (or access levels) to workspaces, windows, and window elements. You have to be very careful when you assign multiple roles to a user account because these roles may have different levels of access rights to system objects. ## Access rights tier structure When configuring user roles, there are three levels of access rights to consider:

Level	Description
Workspace level	Access at an overall level, such as an entire workspace. Access on this level will also impact windows and entities.
Window-level	Access based on windows. For instance, access to a specific window, but not to the window settings. You can configure whether a role can view or edit the window information.
Entity level	Access based on functionality. For example, the ability to access and edit sales invoices, while excluding changes to currency.

## Access rights at the workspace levels The following table summarises the levels of access rights that roles can have to the **workspaces** of Visma Net.

Level	Description
Not set	Allows all roles to have access to the workspace until Revoked or Granted access level is set to the workspace for at least one role. After that, a role with this level is denied access to the workspace.
Revoked	Denies the role access to the workspace and its windows. Users with this role will not be able to see the workspace or its contents. However, users with this access level may still have access to the functionality of the windows within the workspace. They can only access these windows from other windows with commands to open them, and they cannot view the windows on the navigation pane.
Granted	Allows the role access to the workspace. You can, however, limit or revoke access to particular windows within the workspace. Only a user with a role with an access level to a window higher than Revoked can access it by clicking the workspace on the main menu and then clicking the window on the navigation pane.
View only	Allows the role access to the workspace. You can, however, limit or revoke access to particular windows within the workspace. Only a user with a role with an access level to a window higher than Revoked can access it by clicking the workspace on the main menu and then clicking the window on the navigation pane.

You can set up access rights to individual windows in the **Hidden** node (which cannot be accessed from the main menu) on the site map, but not to the node itself. ### Effects of changing access levels from Not set If you change a role's access level to a workspace from **Not set** to **Granted** or **Revoked**, and apply this access level to all nested objects, the role's access rights to workspaces and windows with the **Not set** access level are changed as follows:

If you set the access level for the workspace to	Then
Granted	the access level to the workspaces is changed to Granted, and the access level to windows are changed to Delete(which allows full access to the window and its functionality).
Revoked	the access levels to the windows are changed to Revoked.

Granted

the access level to the workspaces is changed to Granted,

and the access level to windows are changed to Delete(which allows full access to the window and its functionality).

Revoked

the access levels to the windows are changed to Revoked.

Access configuration works similarly for a workspace with the **Not set** access level and the windows within it. The capability to set up an access level to a workspace and to all objects within it at once is helpful if the role's access level to most objects within the workspace is **Delete** or **Revoked**. ### Resetting a role’s access level You can reset a role's access level to a workspace to **Not set** any time you want. While resetting access levels, you have the option to update the access level to **Not set** either for all the workspaces and windows or for only the selected workspace. Similar options are available when you set access level for a workspace to **Not set**. For a procedure that describes how to reset access rights, see: [Reset access rights to a suite or a module](/visma-net-erp/help/access-management/user-security/reset-access-rights-to-a-suite-or-a-module/). ## Access rights at the window level Within each workspace, you can set the access rights that roles have to Visma Net windows, which affects what users with those roles can access. By default, a new role has the **Not set** access level. ### Inherited access If you change access rights for a user role to a window or a window element, your changes affect only this window or window element. The level of access rights to the window is inherited by the entities and records that can be created by using the window. To make the window available in the navigation pane to a user with this role, set the access level for the window to the **View only** level or more permissive and set the access level for the workspace where the window is located to **Granted**. You can set any of the following levels of access rights to **windows**.

Level	Description
Not set	When assigned to all roles, allows all roles to have access to the window until access rights are set to any other level for at least one role. After at least one role has been assigned another level of access rights, access to the window is denied for a role with this access level.
Revoked	Denies the role access to the window and its functionality.
View only	Gives the role restricted access to the window and its functionality. This level allows users with the role to view the window and any records associated with the window (in drop-down lists on other windows). This level forbids users with the role to edit details about any record, create new records or entities of the type, and delete records.
Edit	Gives the role restricted access to the window and its functionality. This level allows users with the role to view the window, select records, and edit details about any record. This level forbids users with the role to create new records or entities of the type, and to delete records. The Clipboard button is available on the window toolbar for users with the role.
Insert	Gives the role restricted access to the window and its functionality. This level allows users with the role to view the window, select records, edit details about any record, and create new records or entities of the type. This level forbids users with the role to delete records. The Clipboard and Insert buttons are available on the window toolbar for users with the role.
Delete	Gives the role complete access to the window and its functionality. This level encompasses the capabilities of the View only, Edit, and Insert levels, while also giving users with the role the ability to delete records. For users with the role, the Clipboard, Insert, and Delete buttons are available on the window toolbar.

## Access rights to containers of window elements Each window includes containers of elements, such as nested windows, tabs, and grids. Each container includes multiple elements and actions. You can restrict access to any of these containers in the window. ### Inherited access The level of access rights a role has to the container is inherited by the entities and records created by using the container, if applicable. For instance, if you permit access for a user role to a grid, a user with this role can access all records in this grid. By default, containers inherit access level from the window to which they belong. You can set any of the following levels of access rights to the **containers**.

Level	Description
Inherited	Indicates that the role’s access to the container is inherited from its access level to the window.
Revoked	Denies the role access to the container and hides it from the window for users with the role. These users will not see the container in the window.
View only	Gives the role restricted access to the container and its functionality. This level allows users with the role to view the container and any records associated with the container (in drop-down lists on other windows), if applicable. The level forbids users with the role to edit details about any record, create new records or entities of the type, and delete records, if applicable.
Edit	Gives users with the role restricted access to the container and its functionality. This level allows users with the role to view the container, select records, and edit details about any record, if applicable. The level forbids users with the role to create new records or entities of the type, and delete records, if applicable.
Insert	Gives the role restricted access to the container and its functionality. This level allows users with the role to view the container, select records, edit details about any record, and create new records or entities of the type, if applicable. This level forbids users with the role to delete records, if applicable.
Delete	Gives the role complete access to the container and its functionality. This level encompasses the capabilities of the View only, Edit, and Insert levels, while also giving users with the role the ability to delete records, if applicable.

## Access rights to window elements By default, a role's access rights to the window elements and actions are inherited from the role's access level to the container of window elements. This includes the elements and actions to which they belong. Therefore, it is recommended to set the role's access level to the container of window elements before setting an access level to an individual element or action. Once this is done, you can then set access rights to the window elements and actions. You can set up the following levels of access rights to **window elements**.

Level	Description
Inherited	Indicates that the role’s access level to the element is inherited from its access level to the container of window elements.
Revoked	Denies the role access to the element and hides the element. A user with the role will not see the element in the window.
View only	Makes the element read-only for users with the role. A user with the role will see the element in the window but will not be able to use it.
Edit	Allows the use of the element for users with the role.

If a particular window toolbar contains window-specific buttons, you can deny access for the role to these buttons, by setting **Revoked** for the buttons. You can revoke access to some of the elements to hide their contents from users with **View only** access level. Configuring a role's access rights at the window control level requires in-depth knowledge of Visma Net functionality.

Concepts

About role-based access

Access rights level for user accounts with multiple roles /visma-net-erp/help/access-management/user-security/access-rights-level-for-user-accounts-with-multiple-roles page The level of access rights a user account has to a system object is defined by the user roles assigned to the user. 2026-02-19T17:09:06+01:00 # Access rights level for user accounts with multiple roles The level of access rights a user account has to a system object is defined by the user roles assigned to the user. ## General rule in Visma Net If a user has multiple roles assigned and the roles have different access levels to the system object, Visma Net applies the most permissive access level among the roles. The following table illustrates this with an example. |When|And|Then| |---|---|---| |A user is assigned both the **Employee** and **Sales manager** roles|The **Employee** role has the **Revoked** access level to the Inventory module, and the **Sales manager** role has the **Granted** access level to this module|the user has the **Granted** access level to the Inventory module, that is, the most permissive level.| ## Roles with inherited and defined granular levels The method of calculating access rights differs from the general rule described in the previous paragraph for a user who has been assigned multiple roles. This happens when some or all of these roles have the **Inherited** access level, which is applied to window element containers and window elements by default. For this user, the following two rules are used to calculate access rights to a window element container or window element: ### RULE 1 |IF|THEN| |---|---| |all roles have the **Inherited** access level to the particular window element container or window elements|the resulting access level is the most permissive access level of the system object at the next highest access level.| In practice, this means that a window element container will have the same access level as the window that is closest in the access hierarchy. Similarly, a window element will have the access level of the nearest element container up in the hierarchy. See example 1 below. ### RULE 2 |IF|THEN| |---|---| |you have explicitly specified an access level to the particular window element container or window element for at least one role. Let’s say you have chosen the “View only” access level to a Release button, while the other roles have the **Inherited** access level to it.|this gives you the access right that is the most permissive access level among those roles with explicitly defined access levels, that is the "View only" level. See example 3 below.| In these cases the system ignores the roles with the Inherited level of access rights, which is something to consider when making changes at the detail level. This algorithm is used to optimise the speed of loading the window. ## Access level examples: Scenarios with multiple roles The following are additional examples that illustrate the system behaviour described in this section. ### Example 1 Suppose that a user is assigned the **Employee** and the **Accountant** user roles. The **Employee** role has the **Revoked** access level to the [Customers (AR303000)](/visma-net-erp/help/customer-ledger/customer-ledger-windows/customers-ar303000/) window, and the **Accountant** role has the **Edit** access level to this window. The default access level both roles have to the window elements is **Inherited**. The user with these roles, then, has the **Edit** access level to the [Customers (AR303000)](/visma-net-erp/help/customer-ledger/customer-ledger-windows/customers-ar303000/) window and its elements. ### Example 2 Suppose that a user is assigned the **Employee** and **Accountant** user roles. Both roles have the **Insert** access level to the [Purchase invoices (AP301000)](/visma-net-erp/help/supplier-ledger/supplier-ledger-windows/purchase-invoices-ap301000/) window. You have decided to forbid users with the **Accountant** role to release invoices. For the **Accountant** role, you specify the **Revoked** access level for the **Release** button in this window. The **Employee** role has the **Inherited** access level to the **Release** button. With the settings you have specified, the user has the **Revoked** access level to the **Release** button. ### Example 3 Suppose that a user is assigned the **Employee**, **Warehouse Worker**, and **Sales assistant** user roles. All these roles have the **Insert** access level to the [Receipts (IN301000)](/visma-net-erp/help/inventory/inventory-windows/receipts-in301000/) window. The **Employee** role has the **Inherited** access level to the **Release** button on this window, the **Warehouse worker** role has the **Revoked** access level to this button, and the **Sales assistant** role has the **View only** access level to this button. As a result, the user has the **View only** access level (the most permissive level of the two explicitly defined levels) to this button.

Concepts

Configure access rights for a selected user role /visma-net-erp/help/access-management/user-security/configure-access-rights-for-a-selected-user-role section You use the Access rights by role (SM201025) window to set up access rights to multiple system objects (such as workspaces, windows, and window elements) for a customized role in Visma Net. 2026-02-19T17:09:06+01:00 # Configure access rights for a selected user role You use the Access rights by role (SM201025) window to set up access rights to multiple system objects (such as workspaces, windows, and window elements) for a customized role in Visma Net. For more information: [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/). You use the [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/) window to set up access rights to multiple system objects (such as workspaces, windows, and window elements) for a customized role in Visma Net. The following procedure describes the steps to set up access rights for a single user role, that you have customized in Visma Net. Predefined roles are managed from Admin. 1. Go to the [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/) window. 1. Select a user role in the **Role name** field. 1. In the System tree, click the system object to which you need to set up access rights as follows: + Click the **Company name** node. + Click the name of a necessary workspace. + **For a window**: Expand the node of a necessary workspace to the window level, and click the name of the workspace. + **For a window element**: Expand the node of the necessary workspace to the window element level, and click one of the following: + The window name, if you are setting up access rights to a container of window elements (that is, a sub-form, a tab, or a grid). + The name of the container of window elements, if you are setting up access rights for a window element (that is, a text field or an action). 1. In the right pane, for the row with the required system object, select the level of access rights from the drop-down list. For details, see: [About levels of access rights](/visma-net-erp/help/access-management/user-security/about-levels-of-access-rights/). 1. Click ![icon-save](/media/visma-net-erp/icon-save.png). 1. Repeat steps 2–5 for each system object to which you need to set up access rights for the selected role.

Concepts

About role-based access

Windows

Users (SM201010)

Configure access rights to system objects /visma-net-erp/help/access-management/user-security/configure-access-rights-to-system-objects section You use the Access rights by window (SM201020) to set up access rights to system objects, such as workspaces, windows, and form elements, for multiple user roles in Visma Net. 2026-02-19T17:09:06+01:00 # Configure access rights to system objects You use the Access rights by window (SM201020) to set up access rights to system objects, such as workspaces, windows, and form elements, for multiple user roles in Visma Net. For more information: [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/). You use the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/) to set up access rights to system objects, such as workspaces, windows, and form elements, for multiple user roles in Visma Net. The following procedure describes the steps to set up access rights to system objects for multiple user roles that you have customized in Visma Net. Predefined roles are managed from Admin. 1. Go to the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/) window. 1. In the System tree, expand nodes to the necessary level and click the name of the system object to which you want to set up access rights. **For example**: For a window, you expand the module node to workspace level and then the window level, and click the name of the necessary window. 1. In the right pane, select a required access rights level for all necessary user roles. For details, see: [About levels of access rights](/visma-net-erp/help/access-management/user-security/about-levels-of-access-rights/). 1. Click ![icon-save](/media/visma-net-erp/icon-save.png). 1. Repeat steps 1–3 for each system object for which you want to configure access rights.

Concepts

About role-based access

Windows

Users (SM201010)

Configure access rights for Excel export /visma-net-erp/help/access-management/user-security/configure-access-rights-for-excel-export section You can configure access rights to the Export to Excel action of only those generic inquiries that are directly added to the sitemap or that replace entry windows. 2026-02-19T17:09:06+01:00 # Configure access rights for Excel export You can configure access rights to the Export to Excel action of only those generic inquiries that are directly added to the sitemap or that replace entry windows. You can configure access rights to the **Export to Excel** action of only those generic inquiries that are directly added to the sitemap or that replace entry windows. Depending on how a generic inquiry has been added to the sitemap, you should follow one of the set of instructions below. ## Generic inquiry added as a separate screen 1. Go to the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/) window. 1. In the System tree, expand nodes to the necessary level to find the generic inquiry to which you want to set up access rights. 1. Expand the generic inquiry. 1. Expand the **Generic inquiry result** container. 1. Click the **Export** action. 1. In the right pane, select a required access rights level for all necessary user roles. For details, see: [About levels of access rights](/visma-net-erp/help/access-management/user-security/about-levels-of-access-rights/). 1. Click ![icon-save](/media/visma-net-erp/icon-save.png). ## Generic inquiry configured to replace an entry screen 1. Go to the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s/) window. 1. In the System tree, expand nodes to the necessary level to find the entry form that is replaced with the generic inquiry to which you want to set up access rights. 1. Expand the entry form. 1. Expand the container of the entry form. 1. Click the **Export** action. 1. In the right pane, select a required access rights level for all necessary user roles. For details, see: [About levels of access rights](/visma-net-erp/help/access-management/user-security/about-levels-of-access-rights/). 1. Click ![icon-save](/media/visma-net-erp/icon-save.png). Reset access rights to a suite or a module /visma-net-erp/help/access-management/user-security/reset-access-rights-to-a-suite-or-a-module section This procedure describes how you reset access rights to a module in Visma Net. 2026-02-19T17:09:06+01:00 # Reset access rights to a suite or a module This procedure describes how you reset access rights to a module in Visma Net. 1. Go to the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-window-sm201020/) window. 1. In the System tree, select a name of the module. 1. In the right pane, select the **Not set** access level for each role to which you need to reset access rights. 1. In the right pane, select the **Applies to children** check box for each role to which you need to reset access rights. 1. Click ![icon-save](/media/visma-net-erp/icon-save.png). 1. Repeat steps 2–5 for all workspaces to which you want to reset access rights. User security windows /visma-net-erp/help/access-management/user-security/user-security-windows section On the menu of Visma Net, the windows are grouped into workspace items on the left hand side of the screen. 2026-02-19T17:09:06+01:00 # User security windows On the menu of Visma Net, the windows are grouped into workspace items on the left hand side of the screen. Each item contains a workspace with tiles and categories. Access history (SM201045) /visma-net-erp/help/access-management/user-security/user-security-windows/access-history-sm201045 page In this window, you can view the log of activities that users have taken in the system, such as signing in, signing out, accessing specific forms, and publishing customisations. 2026-02-19T17:09:06+01:00 # Access history (SM201045) In this window, you can view the log of activities that users have taken in the system, such as signing in, signing out, accessing specific forms, and publishing customisations. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. ## The top part In this area, you can select a particular user, operation, and date range to view the system log for this user in this date range.

Element	Description
Username	The username of the person for whom you want to view the system log. Leave this field blank to view data for all system users.
From	The date and time that starts the range for which you want to view data. Leave this field blank if you do not want to limit the starting date and time of data.
To	The date and time that ends the range for which you want to view data. Leave this field blank if you don’t want to limit the ending date and time of data.
Operation	The operation for which you want to view data. The following operations are available: Login The user signed in to the system. Logout The user signed out of the system. Session expired The user session expired. Login failed The user tried to access the system but failed to sign in. Access screen The user accessed a window. The ID and title of the window are displayed in the Screen ID and Title columns, respectively. The event is logged only once for each window during a user session (when the user first opens the window). Email sent The user successfully sent an email. Error sending email The user’s attempt to send an email resulted in an error. Customisation published The user published a customization on a window. The ID and title of the window are displayed in the Window ID and Title columns, respectively. For more information, see the Visma Net Customisation guide. License exceeded The number of concurrent users exceeded the license limit. The login of the user who is forcibly signed out is displayed in the Username column.

## The table This table contains the log of user activities that meet the criteria specified in the top part.

Column	Description
Date	The date and time of the activity.
User name	The name of the user who performed the activity.
Operation	The operation performed by the user. (See the list of operations in the previous section.)
IP address	The IP address from which the user signed in to the system.
Window ID	The screen ID of the window that was accessed by the user.
Title	The name of the window that was accessed by the user.
Comment	The automatically generated comment.

Access rights by role (SM201025) /visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025 page In this window, you can fine-tune the access rights each role has to system workspaces, windows, and even specific window elements. 2026-02-19T17:09:06+01:00 # Access rights by role (SM201025) In this window, you can fine-tune the access rights each role has to system workspaces, windows, and even specific window elements. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can fine-tune the access rights each role has to system workspaces, windows, and even specific window elements. Also, you can create a role directly on this window and configure its access to system entities. You use this window when you want to give a particular user role access rights to multiple Visma Net system objects. For example: You might use this window to give the custom user role **Chief accountant** access to all windows of the General ledger, Cash management, and Supplier ledger workspaces. You can also set multiple roles' access rights to modules, workspaces, windows, and window elements in the [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-window-sm201020/) window. ## What to do from this window + [Configure access rights for a selected user role](/visma-net-erp/help/access-management/user-security/configure-access-rights-for-a-selected-user-role/) ## The window toolbar

Button	Description
Copy role	Copies the set of access rights of the selected role to the new role. To create and populate a new role, type the new role name in the New role name field in the New role dialog box, which appears when you click this button, and click Copy.

Copy role

Copies the set of access rights of the selected role to the new role.

To create and populate a new role, type the new role name in the New role name field in the New role dialog box, which appears when you click this button, and click Copy.

### The New role dialog box This dialog box opens when you click the **Copy role** button. By using this dialog box, you can copy the current role's set of access rights to a new role.

Element	Description
New role name	The name of the new role to which access rights will be copied.
Copy (button)	Creates a new role and copies the access rights of the current role to the new role.

## The top part You use this area to specify the name and description of a new role or to select an existing role.

Element	Description
Role name	The role name. Select a name from the list of roles or, if you’re adding a new role, type the role name.
Role description	The description of the role.

## The left pane In this pane, system workspaces are represented as first-level nodes. The top node represents the home page dashboard. Click the node icon to the left of any module to expand it and view the workspaces within it. Click the node icon to the left of any workspace to expand the node and view the hierarchical structure of the workspace. Some workspaces have a single-level list of windows, while other workspaces have more levels, which correspond to the organisation of these windows on the user interface. Click the node icon to the left of any window to expand the node and view the list of window elements, such as tabs and grids. The **Hidden** node contains system objects, such as windows and reports, that are not displayed in the site map but can be accessed through other windows. When you click any node, the right pane displays the list of its objects with the level of access rights the role has to each object. You can restrict access to these objects as well. ## The right pane In this pane, you can view and edit the access rights of the selected role for the objects of the selected node. To change a level of access rights, in the row with the appropriate object, select the needed option in the **Access rights** column.

Column	Description
Description	The name of the object.
Access rights	The access rights of the selected role for the object. For more information, see: About levels of access rights.
Applies to children	A check box that indicates (if selected) that the access rights level to a system object specified for the selected role is the same for all nested objects (children) within the object. You can change the access rights level for any nested object manually. The system clears this check box automatically when the access rights levels of the system object and its children become different.

Description

The name of the object.

Access rights

The access rights of the selected role for the object.

For more information, see: About levels of access rights.

Applies to children

A check box that indicates (if selected) that the access rights level to a system object specified for the selected role is the same for all nested objects (children) within the object. You can change the access rights level for any nested object manually. The system clears this check box automatically when the access rights levels of the system object and its children become different.

Concepts

About access rights for roles

Access rights by window (SM201020) /visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-window-sm201020 page In this window, you can view and modify the access rights of roles to system modules, workspaces, windows, and window elements. 2026-02-19T17:09:06+01:00 # Access rights by window (SM201020) In this window, you can view and modify the access rights of roles to system modules, workspaces, windows, and window elements. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view and modify the access rights of roles to system modules, workspaces, windows, and window elements. You use this window to assign access rights for multiple user roles to a particular workspace, Visma Net window, or window element. For example: You might use this window to provide access to the Configuration workspace for the **Administrator** role and to prohibit access for all other roles. You can also use the [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/) window to select a particular role and set its access to modules, workspaces, windows, and window elements. ## What to do from this window + [Configure access rights to system objects](/visma-net-erp/help/access-management/user-security/configure-access-rights-to-system-objects/) + [Reset access rights to a suite or a module](/visma-net-erp/help/access-management/user-security/reset-access-rights-to-a-suite-or-a-module/) ## The left pane In this pane, system modules are represented as first-level nodes. The top node represents the home page dashboard. You can click the node icon to the left of any module to expand it and view the workspaces within it. Also, you can click the node icon to the left of any workspace to expand the node and view the hierarchical structure of the workspace. Some workspaces have a one-level list of windows, while other workspaces have more levels, which correspond to the organisation of these windows on the user interface. You can click the node icon to the left of any window to expand the node and view the list of window elements, such as tabs, grids, fields, and actions. The **Hidden** node contains system objects, such as windows and reports, that are not displayed in the site map but can be accessed through other windows. When you click any node, the right pane display roles defined in the system and the details for each, including its level of access rights. ## The right pane In this pane, you can view and edit the access rights of the roles for the selected node. To change a level of access rights, in the row with the appropriate role, select the needed option in the **Access rights** column.

Element	Description
Role	The name of the role.
Guest role	A check box that, if selected, indicates that the role is marked as a guest role. For details, see: About role-based access.
Description	A description of the role.
Access rights	The access rights of the role for the selected object. For more information, see: About levels of access rights.
Applies to children	A check box that indicates (if selected) that the access rights level for the role specified to the selected system object is the same for all nested objects (children) within the object. You can change the access rights level for any nested object manually. The system clears this check box automatically when the access rights levels of the system object and its children become different.

Concepts

About access rights for roles

User roles (SM201005) /visma-net-erp/help/access-management/user-security/user-security-windows/user-roles-sm201005 page A role is a set of access rights to specific modules or other system entities. 2026-02-19T17:09:06+01:00 # User roles (SM201005) A role is a set of access rights to specific modules or other system entities. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. A **role** is a set of access rights to specific modules or other system entities. Some users are assigned only one role, while others are assigned multiple roles in accordance with different sets of employee responsibilities. For more information about roles, see: [About role-based access](/visma-net-erp/help/access-management/user-security/about-role-based-access/). Make sure you create an administrative role with full access to the system before you start managing user access within your company. This way, you ensure a smooth process for everyone and minimise the risk of accidentally locking users out of the system. ## The top part This area contains the summary elements of the role you are creating or viewing.

Element	Description
Role name	The unique identifier of the role. Type the name of the new role, or select a role from the list of available roles.
Role description	A detailed description of the role.

## The Membership tab On this tab, you can view the list of users to whom the role selected in the top part is assigned. For a customised role you have created in Visma Net you can update the users in the list.

Column	Description
Username	The login name of the user to whom this role is assigned.
Display name	The combination of the First name and Last name in the Users (SM201010) window of the user selected in the User name column.
Comment	Any comment that was provided for the selected user in the Users (SM201010) window.

User types (EP202500) /visma-net-erp/help/access-management/user-security/user-security-windows/user-types-ep202500 page You use this window to define user types, which are used to provide default settings for creating new users. 2026-02-19T17:09:06+01:00 # User types (EP202500) You use this window to define user types, which are used to provide default settings for creating new users. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You use this window to define user types, which are used to provide default settings for creating new users. The window is also used to define the set of roles that are available for a user of the given type and the default roles to be assigned when a user of this type is created. You can add new user types, view existing user types and modify their settings, and delete unused types from the system. ## The top part In this area, you can enter the settings for a new user type, or select an existing type to view or modify its settings.

Element	Description
User type	The unique identifier of the user type. Enter the ID of the new type, or select a user type from the list.
Linked entity	The entity associated with this user type. The following options are available: Contact You can assign this user type to external users, such as partners or contacts of customer or supplier organisations. Employee You can assign this user type to employees of your company and possibly to consultants that you consider part of your company.
Description	A description of the user type.

User type

The unique identifier of the user type. Enter the ID of the new type, or select a user type from the list.

Linked entity

The entity associated with this user type. The following options are available:

Contact: You can assign this user type to external users, such as partners or contacts of customer or supplier organisations.
Employee: You can assign this user type to employees of your company and possibly to consultants that you consider part of your company.

Description

A description of the user type.

## The Allowed roles tab You use this tab to view and update the list of roles that can be assigned to users of this type.

Button	Description
Apply to users	Applies the default roles to all users of the selected user type. You can click this button if you have added a default role to the list of allowed roles and want to assign this role all users of the selected user type. If you instead want to assign a role for a particular user, you can use the Users (SM201010) window.

Column	Description
Default	A check box that you select to assign the role to a user of this type by default. The role or roles with this check box selected will be assigned to any new user of the type. (If you change value of this field after creating users of the selected type, their user role assignment will remain unchanged.)
Role name	The role that can be assigned to the user of the type.
Role description	Read-only. The detailed description of the role.

## The Users tab You use this tab to view the list of users that are assigned to the selected user type. You can add users in this list by using the [Users (SM201010)](/visma-net-erp/help/access-management/user-security/user-security-windows/users-sm201010/) window. ## The Login creation rules On this tab, you specify the default rules that apply when a new user of this type is added.

Element	Description
Use email as login	A check box that you select to use the email address of a contact as the username of the contact for new users of this type. This policy applies only when you add a user account to a contact account by using the Contacts (CR302000) window.
Reset password on first login	A check box that you select to require new users of this type to change their password at the first login.
Require login activation	A check box that you select to require activation of a new user account. If you select this check box, new users of this type will receive an email with information on how to enable their user account.

Use email as login

A check box that you select to use the email address of a contact as the username of the contact for new users of this type.

This policy applies only when you add a user account to a contact account by using the Contacts (CR302000) window.

Reset password on first login

A check box that you select to require new users of this type to change their password at the first login.

Require login activation

A check box that you select to require activation of a new user account. If you select this check box, new users of this type will receive an email with information on how to enable their user account.

Users (SM201010) /visma-net-erp/help/access-management/user-security/user-security-windows/users-sm201010 page This window presents all user information imported from Admin including all existing users who have been granted access and their corresponding predefined roles set in Admin. 2026-02-19T17:09:06+01:00 # Users (SM201010) This window presents all user information imported from Admin including all existing users who have been granted access and their corresponding predefined roles set in Admin. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. Additionally, you can assign custom roles from Visma Net. Please note that all user management, including user creation and updates to email addresses and passwords, is performed exclusively within Admin. ## The window toolbar

Button	Description
Membership	Opens the Restriction groups by user window, where you can view or configure the user’s membership in groups. This button appears only when you are viewing an existing user.

Membership

Opens the Restriction groups by user window, where you can view or configure the user’s membership in groups.

This button appears only when you are viewing an existing user.

## The top part You use this area to see user information that has been collected from Admin.

Element	Description
Login	Required. The unique login name to authorise this user to log in to the system. Select a user name to view information about the user.
Guest account	A read-only check box that indicates (if selected) that the account is associated with a contact-related user type. For a new user, the system selects or clears this check box automatically when you select the user type. Not used.
User type	The user type of this user, which defines the set of roles available to the user, the default roles assigned to the user, and the user types for which the user can create, manage, and add users. If you are creating a user account for a contact, you must select a contact-related user type for the user or add a new user type. To add a new user type, click Edit to the right of the field to open the User types (EP202500) window in a pop-up window and add the type. This field is not available when you select a domain user.
Linked entity	An employee or contact account that is associated with the user. If the user you are creating is already defined in the system as an employee or contact account, you can select the appropriate employee or contact name in this field. This will cause relevant elements to be filled in. The user type you have selected determines whether this field can be left blank and what type of account you can select. If you have selected an employee-related user type in the User type field or left it blank, you can select an employee account or leave the Linked entity field blank. If you have selected a contact-related user type in the User type field, you must select a contact account here or add a new contact. To add a new contact account, click Edit to the right of the field to open the Contacts (CR302000) window in a pop-up window and add the contact account. When you save the added contact account, it will automatically be inserted in this field.
First name	The first name of the user.
Last name	The last name of the user.
Email	The email address of the user, which is used to send information to the user, such as a link to password reset.
Comment	Any additional user-related information that you want to add to the record.

## The Roles tab You can add and remove any customised role that was created in Visma Net and assigned to the selected user. Roles that have been transferred from Admin are labelled as "Default" and are read-only, with their management handled entirely in Admin.

Column	Description
Selected	A check box that you select to assign this role to the selected user.
Role name	Read-only. The name that identifies the role. Roles that have been transferred from Admin are labelled as “Default”.
Role description	Read-only. The description of the role.

## The Statistics tab On this tab, you can see the account usage information.

Element	Description
Account creation date	Read-only. The date and time when the account was created.
Last login date	Read-only. The date and time of the last login.
Last lockout date	Read-only. The most recent date when the account was temporarily locked out.
Last password change date	Read-only. Not in use. The date and time of the most recent password change.
Number of unsuccessful attempts to enter password	Read-only. Not in use. The number of unsuccessful attempts the user made to sign into the account. It is reset according to a value of the Reset lockout counter after x minutes field in the Security preferences (SM201060) window.
Number of unsuccessful attempts to enter recovery answer	Read-only. Not in use. The number of unsuccessful attempts the user made to enter the user recovery response.

## The IP filter tab This tab is not in use. ## Personal settings tab On this tab, you can specify a variety of default settings to be used in Visma Net for the selected user. For example, you can select one of the available certificates as the user's personal certificate for signing portable document format (PDF) files. Users can change these settings themselves in the User settings (SM203010) window.

PDF signing certificate	The certificate that the system will use for signing PDF files this user generates in Visma Net.
Time zone	The user’s time zone, which will be used to display the timestamps for documents. If a time zone is specified for the user, these timestamps will be converted to the user’s specified time zone. If no time zone is specified, documents will be time-stamped using the time settings on the server computer.
Default branch	The branch to which the selected user will be signed in by default if the user has access to multiple branches.
Home page	The dashboard to be displayed for the user on the home page of Visma Net instance.

Concepts

About role-based access

Tasks

Windows

User security reports /visma-net-erp/help/access-management/user-security/user-security-reports section The reports provide information that can be useful for employees who manage users, roles, and access rights to the system objects. 2026-02-19T17:09:06+01:00 # User security reports The reports provide information that can be useful for employees who manage users, roles, and access rights to the system objects. The reports provide information that can be useful for employees who manage users, roles, and access rights to the system objects. You can use these reports, for example, for analysing, optimising, and restructuring user accounts, user roles, and access rights. The reports can be generated in multiple formats, including PDF and HTML. Also, you can print the report you generated or send the report by email. ## User security reports There are the following reports, which contain information about users, roles, and access rights: + [Access rights by window (SM201020)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-window-sm201020/): Lists all system forms with the user roles for which access rights to the form have been set up explicitly at the window or module level. For each role, its level of access rights to the form is displayed. + [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/): Lists the roles available in the system and their access rights to system forms. Only those forms for which access rights were set up explicitly at the form, module, or workspace level are displayed in the report. + [Role list (SM65100S)](/visma-net-erp/help/access-management/user-security/user-security-reports/role-list-sm65100s/): Lists the roles available in the system and shows the list of user accounts assigned to each role. + [User list (SM65050S)](/visma-net-erp/to-be-deleted/online-help/shared-files/sm650500-ref/): Displays the existing user accounts and the properties of the accounts in summary or detailed format. Access rights by role (SM65150S) /visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-role-sm65150s section This report lists the roles available in the system and their access rights to system windows. 2026-02-19T17:09:06+01:00 # Access rights by role (SM65150S) This report lists the roles available in the system and their access rights to system windows. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. Only those windows for which access rights were set up explicitly at the window or workspace level are displayed in the report. The report has no report-specific elements. ## The report settings and options Before running a report, you set a variety of parameters in the report window. You can select a template or manually make selections that affect the information to be collected. Also, you can specify appropriate settings to print or email the report generated. ### The report window toolbar The following table lists the buttons of the report window toolbar when you are configuring a report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates to and from the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh](/media/visma-net-erp/icon-refresh.png) **Cancel**{{< /vismanet-cell >}} {{< vismanet-cell >}}Clears any changes you have made and restores default settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Run report{{< /vismanet-cell >}} {{< vismanet-cell >}}Initiates data collection for the report and displays the generated report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Save template{{< /vismanet-cell >}} {{< vismanet-cell >}}Saves the currently selected report as a template with all the selected settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Remove template{{< /vismanet-cell >}} {{< vismanet-cell >}}Removes the previously saved template. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule template{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Select schedule name** dialog box, which you can use to schedule the processing of the report. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit report{{< /vismanet-cell >}} {{< vismanet-cell >}} Opens Visma BI - Report Designer in a new browser tab, where you can edit your report. > [!NOTE] > However, if you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, you will be navigated to the [Report definitions (CS206000)](/visma-net-erp/help/general-ledger/general-ledger-windows/report-definitions-cs206000/) window to make your changes there. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export report design{{< /vismanet-cell >}} {{< vismanet-cell >}} Makes a copy of the report that you can import (for example, for another company) by using the ![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) button on the **Report versions** tab. Then you select that the copy of the report is not going to be the default version which is used when you click the **Run report** button. This button is only available for users assigned with the Report designer user role. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Select schedule name dialog box {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule{{< /vismanet-cell >}} {{< vismanet-cell >}} The schedule for report processing. Select an existing schedule, or leave the field blank and click **OK** to open the [Automation schedules (SM205020)](/visma-net-erp/help/automation/automation-windows/automation-schedules-sm205020/) window to create a new schedule for running the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merge reports{{< /vismanet-cell >}} {{< vismanet-cell >}} When this check box is selected, this report will be merged with the other reports selected for merging into one net report when processed. > [!NOTE] > You can check the reports that will be merged when processed in the [Send reports (SM205060)](/visma-net-erp/help/automation/automation-windows/send-reports-sm205060/) window. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merging order{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report in the net report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The template area Use the elements in this area to select an existing template and then use the template, share it with other users, or use it as your default report settings. The template area elements, which are available for all reports, are described in the following table. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Template{{< /vismanet-cell >}} {{< vismanet-cell >}}The template to be used for the report. If any templates were created and saved, you can select a template to use its settings for the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Default{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is marked as the default one for you. A default template cannot be shared.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Shared{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is shared with other users. A shared template cannot be marked as the default.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Locale{{< /vismanet-cell >}} {{< vismanet-cell >}} A locale that you select to indicate to the system that the report should be prepared with the data translated to the language associated with this locale. > [!NOTE] > This field is displayed if there are multiple active locales in the system. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The report toolbar The following table lists the buttons of the toolbar after you run the configured report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Buttons{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates back to the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh-report](/media/visma-net-erp/icon-refresh-report.png) **Refresh**{{< /vismanet-cell >}} {{< vismanet-cell >}}Refreshes the information displayed in the report (if any data changes were made).{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Groups{{< /vismanet-cell >}} {{< vismanet-cell >}}Adds to the report a left pane where the report structure is shown. Click a report node to highlight the pertinent data in the right pane.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-view-pdf](/media/visma-net-erp/icon-view-pdf.png) **View PDF** / **View HTML**{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report as a PDF, or displays the report in HTML format. The available button depends on the current report view; if you are viewing a PDF, for instance, you will see the **View HTML** button.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to first page (Ctrl + Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the first page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to previous page (Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the previous page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to next page (Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the next page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to last page (Ctrl + Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the last page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the browser dialog box so you can print the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Send{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Email activity** dialog box, which you use to send the report file (in the chosen format) to the specified email address.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export{{< /vismanet-cell >}} {{< vismanet-cell >}} Allows you to export the data in the chosen format: + **Excel** + **Excel with headers** (this option is only available for ARM reports) + **PDF** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report parameters tab This tab includes sections where you can specify the contents of the report depending on the current report and vary in the following regards: + How many elements and which elements are available on a particular report + Whether elements contain default values + Whether specific elements require values to be selected + Whether elements may be left blank to let you display a broader range of data ### The Additional sort and filters tab If you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, this tab is not shown in your report window. The **Additional sort and filters** tab contains additional sorting and filtering conditions: Additional sorting conditions : Defines the sorting order. You can add a line, select one of the report-specific properties, and select the **Descending** or **Ascending** sort order for the column. Additional filtering conditions : Defines the report filter. You can add a line, select one of the report-specific properties, and define a condition and its value. The list of conditions includes one-operand and two-operand conditions. To create a more complicated logical expression, you can use brackets and logical operations between brackets. ### The Print and email settings tab #### The Print settings section If you plan to print the report or save the report as a PDF, select the appropriate settings in the **Print settings** section. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Deleted records{{< /vismanet-cell >}} {{< vismanet-cell >}} Selects the visibility of the data deleted from the database. + **Hide** + **Print** + **Only** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print all pages{{< /vismanet-cell >}} {{< vismanet-cell >}}Prints all pages of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print in PDF format{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report in PDF format.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Compress PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate a compressed PDF.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Embed fonts in PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate the PDF with fonts embedded.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Email settings section If you plan to send the report as an email, in the **Email settings** section, specify the format in which the report will be sent, as well as the email subject, the recipients of copies of the report, and the email of the recipient. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Field{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Format{{< /vismanet-cell >}} {{< vismanet-cell >}} The format in which the report will be emailed: + **HTML** + **PDF** + **Excel** + **Excel with header** (this option is only available for ARM reports) > [!NOTE] > The merge function for reports in Excel format is not supported. If you want to merge a report with other reports and send an aggregated report by email, you should select either the HTML or PDF format for the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}To{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of the recipient.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Cc{{< /vismanet-cell >}} {{< vismanet-cell >}}An additional addressee to receive a carbon copy ( **Cc** ) of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Bcc{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of anyone to receive a blind carbon copy ( **Bcc** ) of the email; an address you enter in this box will be hidden from other recipients.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Subject{{< /vismanet-cell >}} {{< vismanet-cell >}}The subject of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report versions tab This tab shows the data only to users assigned with the Report designer user role If the report has multiple versions, you can select one of them. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit version{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this to edit the selection version of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Refresh dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this button to refresh the data set you have selected.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Activate{{< /vismanet-cell >}} {{< vismanet-cell >}}Temporarily activates the selected report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) **Import report design**{{< /vismanet-cell >}} {{< vismanet-cell >}} Click this button to select an exported report you want to import into this company. This button is only available for users assigned with the Report designer user role. The imported report will be set as the active report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Column{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Version{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Description{{< /vismanet-cell >}} {{< vismanet-cell >}}The description of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Active{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the report version is active.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Created{{< /vismanet-cell >}} {{< vismanet-cell >}}The creation date of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Not default dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}This check box is automatically selected if the report version is an import of an external report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} Access rights by window (SM65170S) /visma-net-erp/help/access-management/user-security/user-security-reports/access-rights-by-window-sm65170s section This report lists all system windows with the user roles for which access rights to the window have been set up explicitly at the window or workspace level. 2026-02-19T17:09:06+01:00 # Access rights by window (SM65170S) This report lists all system windows with the user roles for which access rights to the window have been set up explicitly at the window or workspace level. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. Each role's level of access rights to the window is displayed. The report has no report-specific elements. ## The report settings and options Before running a report, you set a variety of parameters in the report window. You can select a template or manually make selections that affect the information to be collected. Also, you can specify appropriate settings to print or email the report generated. ### The report window toolbar The following table lists the buttons of the report window toolbar when you are configuring a report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates to and from the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh](/media/visma-net-erp/icon-refresh.png) **Cancel**{{< /vismanet-cell >}} {{< vismanet-cell >}}Clears any changes you have made and restores default settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Run report{{< /vismanet-cell >}} {{< vismanet-cell >}}Initiates data collection for the report and displays the generated report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Save template{{< /vismanet-cell >}} {{< vismanet-cell >}}Saves the currently selected report as a template with all the selected settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Remove template{{< /vismanet-cell >}} {{< vismanet-cell >}}Removes the previously saved template. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule template{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Select schedule name** dialog box, which you can use to schedule the processing of the report. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit report{{< /vismanet-cell >}} {{< vismanet-cell >}} Opens Visma BI - Report Designer in a new browser tab, where you can edit your report. > [!NOTE] > However, if you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, you will be navigated to the [Report definitions (CS206000)](/visma-net-erp/help/general-ledger/general-ledger-windows/report-definitions-cs206000/) window to make your changes there. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export report design{{< /vismanet-cell >}} {{< vismanet-cell >}} Makes a copy of the report that you can import (for example, for another company) by using the ![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) button on the **Report versions** tab. Then you select that the copy of the report is not going to be the default version which is used when you click the **Run report** button. This button is only available for users assigned with the Report designer user role. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Select schedule name dialog box {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule{{< /vismanet-cell >}} {{< vismanet-cell >}} The schedule for report processing. Select an existing schedule, or leave the field blank and click **OK** to open the [Automation schedules (SM205020)](/visma-net-erp/help/automation/automation-windows/automation-schedules-sm205020/) window to create a new schedule for running the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merge reports{{< /vismanet-cell >}} {{< vismanet-cell >}} When this check box is selected, this report will be merged with the other reports selected for merging into one net report when processed. > [!NOTE] > You can check the reports that will be merged when processed in the [Send reports (SM205060)](/visma-net-erp/help/automation/automation-windows/send-reports-sm205060/) window. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merging order{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report in the net report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The template area Use the elements in this area to select an existing template and then use the template, share it with other users, or use it as your default report settings. The template area elements, which are available for all reports, are described in the following table. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Template{{< /vismanet-cell >}} {{< vismanet-cell >}}The template to be used for the report. If any templates were created and saved, you can select a template to use its settings for the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Default{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is marked as the default one for you. A default template cannot be shared.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Shared{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is shared with other users. A shared template cannot be marked as the default.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Locale{{< /vismanet-cell >}} {{< vismanet-cell >}} A locale that you select to indicate to the system that the report should be prepared with the data translated to the language associated with this locale. > [!NOTE] > This field is displayed if there are multiple active locales in the system. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The report toolbar The following table lists the buttons of the toolbar after you run the configured report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Buttons{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates back to the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh-report](/media/visma-net-erp/icon-refresh-report.png) **Refresh**{{< /vismanet-cell >}} {{< vismanet-cell >}}Refreshes the information displayed in the report (if any data changes were made).{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Groups{{< /vismanet-cell >}} {{< vismanet-cell >}}Adds to the report a left pane where the report structure is shown. Click a report node to highlight the pertinent data in the right pane.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-view-pdf](/media/visma-net-erp/icon-view-pdf.png) **View PDF** / **View HTML**{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report as a PDF, or displays the report in HTML format. The available button depends on the current report view; if you are viewing a PDF, for instance, you will see the **View HTML** button.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to first page (Ctrl + Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the first page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to previous page (Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the previous page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to next page (Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the next page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to last page (Ctrl + Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the last page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the browser dialog box so you can print the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Send{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Email activity** dialog box, which you use to send the report file (in the chosen format) to the specified email address.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export{{< /vismanet-cell >}} {{< vismanet-cell >}} Allows you to export the data in the chosen format: + **Excel** + **Excel with headers** (this option is only available for ARM reports) + **PDF** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report parameters tab This tab includes sections where you can specify the contents of the report depending on the current report and vary in the following regards: + How many elements and which elements are available on a particular report + Whether elements contain default values + Whether specific elements require values to be selected + Whether elements may be left blank to let you display a broader range of data ### The Additional sort and filters tab If you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, this tab is not shown in your report window. The **Additional sort and filters** tab contains additional sorting and filtering conditions: Additional sorting conditions : Defines the sorting order. You can add a line, select one of the report-specific properties, and select the **Descending** or **Ascending** sort order for the column. Additional filtering conditions : Defines the report filter. You can add a line, select one of the report-specific properties, and define a condition and its value. The list of conditions includes one-operand and two-operand conditions. To create a more complicated logical expression, you can use brackets and logical operations between brackets. ### The Print and email settings tab #### The Print settings section If you plan to print the report or save the report as a PDF, select the appropriate settings in the **Print settings** section. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Deleted records{{< /vismanet-cell >}} {{< vismanet-cell >}} Selects the visibility of the data deleted from the database. + **Hide** + **Print** + **Only** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print all pages{{< /vismanet-cell >}} {{< vismanet-cell >}}Prints all pages of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print in PDF format{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report in PDF format.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Compress PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate a compressed PDF.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Embed fonts in PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate the PDF with fonts embedded.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Email settings section If you plan to send the report as an email, in the **Email settings** section, specify the format in which the report will be sent, as well as the email subject, the recipients of copies of the report, and the email of the recipient. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Field{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Format{{< /vismanet-cell >}} {{< vismanet-cell >}} The format in which the report will be emailed: + **HTML** + **PDF** + **Excel** + **Excel with header** (this option is only available for ARM reports) > [!NOTE] > The merge function for reports in Excel format is not supported. If you want to merge a report with other reports and send an aggregated report by email, you should select either the HTML or PDF format for the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}To{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of the recipient.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Cc{{< /vismanet-cell >}} {{< vismanet-cell >}}An additional addressee to receive a carbon copy ( **Cc** ) of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Bcc{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of anyone to receive a blind carbon copy ( **Bcc** ) of the email; an address you enter in this box will be hidden from other recipients.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Subject{{< /vismanet-cell >}} {{< vismanet-cell >}}The subject of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report versions tab This tab shows the data only to users assigned with the Report designer user role If the report has multiple versions, you can select one of them. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit version{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this to edit the selection version of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Refresh dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this button to refresh the data set you have selected.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Activate{{< /vismanet-cell >}} {{< vismanet-cell >}}Temporarily activates the selected report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) **Import report design**{{< /vismanet-cell >}} {{< vismanet-cell >}} Click this button to select an exported report you want to import into this company. This button is only available for users assigned with the Report designer user role. The imported report will be set as the active report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Column{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Version{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Description{{< /vismanet-cell >}} {{< vismanet-cell >}}The description of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Active{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the report version is active.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Created{{< /vismanet-cell >}} {{< vismanet-cell >}}The creation date of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Not default dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}This check box is automatically selected if the report version is an import of an external report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} Audit inquiry (SM20503S) /visma-net-erp/help/access-management/user-security/user-security-reports/audit-inquiry-sm20503s page 2026-02-19T17:09:06+01:00 # Audit inquiry (SM20503S) This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. ## The top part

Element	Description
User name	The name of the user who has created the log. If you do not select any users, the logs of all users will be displayed.
Log date	The beginning of the log date range of the logs to be displayed.
To	The end of the log date range of the logs to be displayed.
Posted date	The beginning of the posting date range of the logs to be displayed.
To	The end of the posting date range of the logs to be displayed.
Account ID	Logs related to the account selected here will be displayed.
Module	The origin of the logs.
Transaction type	The type of the transactions to be displayed.
Show only financial years	When this is selected, only logs related to financial years will be displayed.
Show only financial periods	When this is selected, only logs related to financial periods will be displayed.
Show only SIE imports	When this is selected, only logs related to SIE imports will be displayed.

## The table

Column	Description
Log date	The date when the logged activity was performed.
User name	The name of the user who has created the log.
Activity	The logged activity.
Ref. no.	The reference number connected with the logged transaction.
Batch no.	The batch number connected with the logged transaction.
Module	The origin of the logs.
Doc. source	The source of the document: SIEImport,Importscenario.
Account	The account connected with the transaction in the log.
Amount	The amount of the transaction in the log.

Role list (SM65100S) /visma-net-erp/help/access-management/user-security/user-security-reports/role-list-sm65100s section This report lists the roles available in the system and shows the user accounts assigned to each role. 2026-02-19T17:09:06+01:00 # Role list (SM65100S) This report lists the roles available in the system and shows the user accounts assigned to each role. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. The report can be created in summary or detailed format. See below for a description of each parameter on the **Report parameters** tab. ## Report parameters On the **Report parameters** tab, use the following parameters to select the information to be displayed on the report:

Element	Description
Format	The format of the report. Select one of the following options: Detailed Displays the list of roles with the description of each role and the total number of users with the role assigned. For each role, lists the users with the role assigned and the basic information, including email address, for each user. Summary Displays the list of roles with the description of each role and the total number of users who have the role assigned.

Format

The format of the report. Select one of the following options:

Detailed: Displays the list of roles with the description of each role and the total number of users with the role assigned. For each role, lists the users with the role assigned and the basic information, including email address, for each user.
Summary: Displays the list of roles with the description of each role and the total number of users who have the role assigned.

Element	Description
Format	The format of the report. Select one of the following options: Detailed Displays the complete list of user accounts with key account properties (such as first and last name and password security options). For each account, the report lists the roles assigned to the account. Summary Displays the complete list of user accounts with key account properties (such as first and last name and password security options).

Format

The format of the report. Select one of the following options:

Detailed: Displays the complete list of user accounts with key account properties (such as first and last name and password security options). For each account, the report lists the roles assigned to the account.
Summary: Displays the complete list of user accounts with key account properties (such as first and last name and password security options).

## The report settings and options Before running a report, you set a variety of parameters in the report window. You can select a template or manually make selections that affect the information to be collected. Also, you can specify appropriate settings to print or email the report generated. ### The report window toolbar The following table lists the buttons of the report window toolbar when you are configuring a report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates to and from the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh](/media/visma-net-erp/icon-refresh.png) **Cancel**{{< /vismanet-cell >}} {{< vismanet-cell >}}Clears any changes you have made and restores default settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Run report{{< /vismanet-cell >}} {{< vismanet-cell >}}Initiates data collection for the report and displays the generated report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Save template{{< /vismanet-cell >}} {{< vismanet-cell >}}Saves the currently selected report as a template with all the selected settings.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Remove template{{< /vismanet-cell >}} {{< vismanet-cell >}}Removes the previously saved template. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule template{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Select schedule name** dialog box, which you can use to schedule the processing of the report. This button is available only when you select a template.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit report{{< /vismanet-cell >}} {{< vismanet-cell >}} Opens Visma BI - Report Designer in a new browser tab, where you can edit your report. > [!NOTE] > However, if you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, you will be navigated to the [Report definitions (CS206000)](/visma-net-erp/help/general-ledger/general-ledger-windows/report-definitions-cs206000/) window to make your changes there. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export report design{{< /vismanet-cell >}} {{< vismanet-cell >}} Makes a copy of the report that you can import (for example, for another company) by using the ![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) button on the **Report versions** tab. Then you select that the copy of the report is not going to be the default version which is used when you click the **Run report** button. This button is only available for users assigned with the Report designer user role. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Select schedule name dialog box {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Schedule{{< /vismanet-cell >}} {{< vismanet-cell >}} The schedule for report processing. Select an existing schedule, or leave the field blank and click **OK** to open the [Automation schedules (SM205020)](/visma-net-erp/help/automation/automation-windows/automation-schedules-sm205020/) window to create a new schedule for running the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merge reports{{< /vismanet-cell >}} {{< vismanet-cell >}} When this check box is selected, this report will be merged with the other reports selected for merging into one net report when processed. > [!NOTE] > You can check the reports that will be merged when processed in the [Send reports (SM205060)](/visma-net-erp/help/automation/automation-windows/send-reports-sm205060/) window. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Merging order{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report in the net report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The template area Use the elements in this area to select an existing template and then use the template, share it with other users, or use it as your default report settings. The template area elements, which are available for all reports, are described in the following table. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Template{{< /vismanet-cell >}} {{< vismanet-cell >}}The template to be used for the report. If any templates were created and saved, you can select a template to use its settings for the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Default{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is marked as the default one for you. A default template cannot be shared.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Shared{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the selected template is shared with other users. A shared template cannot be marked as the default.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Locale{{< /vismanet-cell >}} {{< vismanet-cell >}} A locale that you select to indicate to the system that the report should be prepared with the data translated to the language associated with this locale. > [!NOTE] > This field is displayed if there are multiple active locales in the system. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The report toolbar The following table lists the buttons of the toolbar after you run the configured report. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Buttons{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-edit](/media/visma-net-erp/icon-edit.png) **Parameters**{{< /vismanet-cell >}} {{< vismanet-cell >}}Navigates back to the report window to let you change the report parameters.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-refresh-report](/media/visma-net-erp/icon-refresh-report.png) **Refresh**{{< /vismanet-cell >}} {{< vismanet-cell >}}Refreshes the information displayed in the report (if any data changes were made).{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Groups{{< /vismanet-cell >}} {{< vismanet-cell >}}Adds to the report a left pane where the report structure is shown. Click a report node to highlight the pertinent data in the right pane.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-view-pdf](/media/visma-net-erp/icon-view-pdf.png) **View PDF** / **View HTML**{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report as a PDF, or displays the report in HTML format. The available button depends on the current report view; if you are viewing a PDF, for instance, you will see the **View HTML** button.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to first page (Ctrl + Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the first page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to previous page (Page up){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the previous page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to next page (Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the next page.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Go to last page (Ctrl + Page down){{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the last page of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the browser dialog box so you can print the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Send{{< /vismanet-cell >}} {{< vismanet-cell >}}Opens the **Email activity** dialog box, which you use to send the report file (in the chosen format) to the specified email address.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Export{{< /vismanet-cell >}} {{< vismanet-cell >}} Allows you to export the data in the chosen format: + **Excel** + **Excel with headers** (this option is only available for ARM reports) + **PDF** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report parameters tab This tab includes sections where you can specify the contents of the report depending on the current report and vary in the following regards: + How many elements and which elements are available on a particular report + Whether elements contain default values + Whether specific elements require values to be selected + Whether elements may be left blank to let you display a broader range of data ### The Additional sort and filters tab If you are working with a [Balance sheet (GL634000)](/visma-net-erp/help/general-ledger/general-ledger-reports/balance-sheet-gl634000/) report or any Profit and loss report or a [Profit and loss (PM64300S)](/visma-net-erp/help/project-accounting/projects-reports/profit-and-loss-pm64300s/) report, this tab is not shown in your report window. The **Additional sort and filters** tab contains additional sorting and filtering conditions: Additional sorting conditions : Defines the sorting order. You can add a line, select one of the report-specific properties, and select the **Descending** or **Ascending** sort order for the column. Additional filtering conditions : Defines the report filter. You can add a line, select one of the report-specific properties, and define a condition and its value. The list of conditions includes one-operand and two-operand conditions. To create a more complicated logical expression, you can use brackets and logical operations between brackets. ### The Print and email settings tab #### The Print settings section If you plan to print the report or save the report as a PDF, select the appropriate settings in the **Print settings** section. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Element{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Deleted records{{< /vismanet-cell >}} {{< vismanet-cell >}} Selects the visibility of the data deleted from the database. + **Hide** + **Print** + **Only** {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print all pages{{< /vismanet-cell >}} {{< vismanet-cell >}}Prints all pages of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Print in PDF format{{< /vismanet-cell >}} {{< vismanet-cell >}}Displays the report in PDF format.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Compress PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate a compressed PDF.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Embed fonts in PDF file{{< /vismanet-cell >}} {{< vismanet-cell >}}Indicates that the system will generate the PDF with fonts embedded.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} #### The Email settings section If you plan to send the report as an email, in the **Email settings** section, specify the format in which the report will be sent, as well as the email subject, the recipients of copies of the report, and the email of the recipient. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Field{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Format{{< /vismanet-cell >}} {{< vismanet-cell >}} The format in which the report will be emailed: + **HTML** + **PDF** + **Excel** + **Excel with header** (this option is only available for ARM reports) > [!NOTE] > The merge function for reports in Excel format is not supported. If you want to merge a report with other reports and send an aggregated report by email, you should select either the HTML or PDF format for the report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}To{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of the recipient.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Cc{{< /vismanet-cell >}} {{< vismanet-cell >}}An additional addressee to receive a carbon copy ( **Cc** ) of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Bcc{{< /vismanet-cell >}} {{< vismanet-cell >}}The email address of anyone to receive a blind carbon copy ( **Bcc** ) of the email; an address you enter in this box will be hidden from other recipients.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Subject{{< /vismanet-cell >}} {{< vismanet-cell >}}The subject of the email.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} ### The Report versions tab This tab shows the data only to users assigned with the Report designer user role If the report has multiple versions, you can select one of them. {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Button{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Edit version{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this to edit the selection version of the report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Refresh dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}Click this button to refresh the data set you have selected.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Activate{{< /vismanet-cell >}} {{< vismanet-cell >}}Temporarily activates the selected report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}![icon-load-from-file](/media/visma-net-erp/icon-load-from-file.png) **Import report design**{{< /vismanet-cell >}} {{< vismanet-cell >}} Click this button to select an exported report you want to import into this company. This button is only available for users assigned with the Report designer user role. The imported report will be set as the active report. {{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} {{< vismanet-table >}} {{< vismanet-header-row >}} {{< vismanet-cell header="true" >}}Column{{< /vismanet-cell >}} {{< vismanet-cell header="true" >}}Description{{< /vismanet-cell >}} {{< /vismanet-header-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Version{{< /vismanet-cell >}} {{< vismanet-cell >}}The number of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Description{{< /vismanet-cell >}} {{< vismanet-cell >}}The description of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Active{{< /vismanet-cell >}} {{< vismanet-cell >}}When this check box is selected, the report version is active.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Created{{< /vismanet-cell >}} {{< vismanet-cell >}}The creation date of the report version.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< vismanet-row >}} {{< vismanet-cell >}}Not default dataset{{< /vismanet-cell >}} {{< vismanet-cell >}}This check box is automatically selected if the report version is an import of an external report.{{< /vismanet-cell >}} {{< /vismanet-row >}} {{< /vismanet-table >}} About user access rights /visma-net-erp/help/access-management/user-security/about-user-access-rights page To access Visma Net, users must pass authentication to confirm their identity (see: About user accounts in Visma Net ). 2026-02-19T17:09:06+01:00 # About user access rights To access Visma Net, users must pass authentication to confirm their identity (see: About user accounts in Visma Net ). To access Visma Net, users must pass authentication to confirm their identity (see: About user accounts in Visma Net). Then users pass authorisation to determine their access rights to the system resources, such as workspaces and windows. Users can access only the resources they are allowed to use and perform only the actions they are authorised to based on their access rights. In this topic, user access rights in Visma Net are described. ## Configuration of user access rights You need to perform the following steps to set up access rights to system resources for users in Visma Net: 1. You create user roles in the User roles (SM201005) window according to the responsibilities of your organisation' employees who will work with Visma Net. For details, see: About role-based access. 1. You set up access rights for user roles to Visma Net resources, depending on the tasks performed by users with these user roles. For details, see: About access rights for roles. 1. You assign user roles with user accounts to provide users of your Visma Net instance with access rights to system resources. You can do this in two ways: + To assign multiple users a selected role, use the User roles (SM201005) window. For example: You use this way when you have created a new role and want to assign it to existing users. + To assign multiple roles to a selected user, use the Users (SM201010) window. For example: You use this way when you have created a new user account and want to assign it existing roles. User account configuration is described in About user accounts in Visma.net Fiancials. 1. Optional: You use user types to simplify the assignment of user roles to users. ### Ability to track access rights You can track access rights to different objects by using the following windows: + Access rights by window (SM65170S) Gives you the ability to build a report to view access rights by each system object (a workspace, and a window). + Access rights by role (SM65150S) Gives you the ability to view access rights by each user role. + Access rights by user (SM201060) Gives you the ability to view the access rights of each user to every system object. Row-level security /visma-net-erp/help/access-management/row-level-security section To give your organisation additional flexibility to the configuration of access rights for workspaces and windows, Visma Net provides restriction groups, which you can administer in the Row-level security workspace. 2026-02-19T17:09:06+01:00 # Row-level security To give your organisation additional flexibility to the configuration of access rights for workspaces and windows, Visma Net provides restriction groups, which you can administer in the Row-level security workspace. You can use restriction groups when users should have access to a window, but in this window they are allowed to see one set of entities and are not allowed to see another set of entities. In these topics you will read about ways of using restriction groups, types of restriction groups, operations that you can perform with the groups, and specific information about particular entities whose visibility you can control. About restriction groups in Visma.net ERP /visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp section Visma Net provides you with restriction groups, which are flexible tools for limiting the visibility and use of entities, such as General ledger accounts, items, and customer and supplier accounts. 2026-02-19T17:09:06+01:00 # About restriction groups in Visma.net ERP Visma Net provides you with restriction groups, which are flexible tools for limiting the visibility and use of entities, such as General ledger accounts, items, and customer and supplier accounts. In this topic, you can find information about situations where restriction groups are useful and types of entities that you can include in restriction groups. ## Restriction groups in Visma Net You can use restriction groups to do the following: + Control the visibility of sensitive data for employees of your organisation. + Relate entities to one another so that they are used only together in Visma Net windows (or so that they cannot be used together). In Visma Net, you can use specific windows to create restriction groups, view the entities included in a group, and manage the list of entities of a particular type in a restriction group. For details on the typical operations you can perform with restriction groups, see: About operations with restriction groups. ## Restriction groups with users To understand how restriction groups with users are used, consider a typical case with restriction groups that include users and general ledger accounts. ### Example Suppose that a role allows all its users to access all general ledger accounts, but for two groups of accounts, you want to provide visibility to only particular users. Restriction groups for general ledger accounts and users: ![Images_RestrictionGroups_Direct_Restriction (1)](/media/visma-net-erp/Images_RestrictionGroups_Direct_Restriction%20%281%29.png) The diagram above shows how restriction groups can address these security needs. + You define Group 1 as a restriction group that includes only appropriate accountants (User C and User D) and accounts (1, 2, and 3). + You create Group 2, which includes User Y and User Z, as well as the accounts they should work with (4, 5, and 6). ### Final visibility Among all users in the system: + Only User C and User D will see the first group of sensitive accounts (1, 2, and 3). + Only User Y and User Z will see the second group of sensitive accounts (4, 5, and 6). + Users who are not assigned to any restriction group will not see the accounts associated with either group. ## Combinations of restriction groups with users You can create restriction groups that include users in the following way: + **Users and general ledger accounts**: With these restriction groups, if your organisation has sensitive general ledger accounts, you can make these accounts visible to a limited number of employees. For details, see: [About account and subaccount security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security/). + **Users and subaccounts**: As with groups that include users and general ledger accounts, you can limit the visibility of sensitive subaccounts to employees. For performance reasons, visibility restrictions by user for subaccounts do not affect analytical (ARM) and window-based reports or general inquiries. This means that users who can view the reports and general inquiries that include subaccounts will see the full list of subaccounts. + **Users and supplier accounts**: You can define these restriction groups to make particular suppliers visible in the system to only employees who work with these suppliers. For details, see: [About supplier security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-supplier-security/). + **Users and customer accounts**: With these restriction groups, you can make particular customers visible to only employees who work with these customers. For details, see: [About customer security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-customer-security/). + **Users and general ledger budget articles**: With these restriction groups, you can limit the visibility of sensitive budget articles so that only particular users can see and work with these articles. [About security of general ledger budget articles](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-security-of-general-ledger-budget-articles/). For more information, see: + **Users and warehouses**: You can create restriction groups to display a particular warehouse (or set of warehouses) for only employees who work with this warehouse (or this set of warehouses). For details, see: [About warehouse security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-warehouse-security/). + **Users and items**: You can define these restriction groups to reduce the number of items in the lists with items, depending on the particular employee logged in to the system. [About item security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-item-security/). For more information, see: + **Users and projects**: You can define these restriction groups to configure the visibility of particular projects only to a responsible project team. + **Branches, general ledger accounts, and users**: With these restriction groups, you can allow users to work with only branch-specific accounts. + **Branches, subaccounts, and users**: You can set up these restriction groups so that the system displays to users only the branch-specific subaccounts. [About account and subaccount security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security/). ## Restriction groups without users If a restriction group does not include users, all users may view the entities that are members of the group (if their roles provide access to windows with these entities), but entities included in the group become related in a way that limits their use. ### Example Suppose that you create two groups with general ledger accounts and subaccounts as follows: + Group 1 includes Account 1, Subaccount K, Subaccount L, and Subaccount M. + Group 2 includes Account 2, Subaccount P, Subaccount Q, and Subaccount R. For simplicity, suppose that there are no other accounts and subaccounts in the system. ### Final visibility The result of these settings is the following: + A user that selects Account 1 on an entry form, will only be able to select Subaccount K, Subaccount L, or Subaccount M in a field with subaccounts. The subaccounts included in Group 2 will be hidden from the list. + A user that selects Account 2, will see Subaccount P, Subaccount Q, and Subaccount R in the field with subaccounts. The user will not see Subaccount K, Subaccount L, and Subaccount M. If you are using restriction groups to control the accounts and subaccounts that can be used together, you must create at least two groups and include all subaccounts in either of the groups. ## Combinations of restriction groups without users With the most common scenarios, you can create restriction groups that include the following system entities: + **Branches and cash accounts**: If there are multiple branches in your organisation, with these restriction groups, you can allow users in each branch to work with only branch-specific cash accounts. For details, see: [About security of cash accounts](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-security-of-cash-accounts/). + **General ledger accounts and subaccounts**: If you have subaccounts that employees must use only with particular general ledger accounts, by defining these restriction groups, you can set up lists of available subaccounts for each general ledger account. [About account and subaccount security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security/). For more information, see:

Tasks

Configure restriction groups

Windows

General ledger account access (GL104000)

About types of restriction groups /visma-net-erp/help/access-management/row-level-security/about-types-of-restriction-groups section In this topic, you will find descriptions of the different types of restriction groups in Visma Net, the differences between these types, and usage examples. 2026-02-19T17:09:06+01:00 # About types of restriction groups In this topic, you will find descriptions of the different types of restriction groups in Visma Net, the differences between these types, and usage examples. ## Types of restriction groups Visma Net provides two basic types of restriction groups, A and B. Restriction groups of both types can limit the visibility of system entities in a direct way (types **A** and **B**) and an inverse way (types **A inverse** and **B inverse**). The differences between **A** and **B** and between **A inverse** and **B inverse** are in how these groups work if the same entity is added to multiple groups. ## Descriptions of Types of Restriction Groups The following table summarises the types of restriction groups and describes how the visibility of entities is affected if a particular entity belongs to multiple groups of the type. |Group type|Restriction|Description| |---|---|---| |**A**|Direct|Makes entities included in the group visible to users who are also included in the group. Other users cannot view these entities. When a particular entity belongs to multiple groups of type **A**, if you want a user to see this entity in the system, you add the user to at least one of these groups.| |**A inverse**|Inverse|Hides the entities included in the group from users who are also included in the group. Users who are not assigned to this group can view and use the entities. When a particular entity belongs to multiple groups of type **A inverse**, if you don't want a user to see this entity, you must include this user in each of these groups. If you include the user in only one of the groups, he or she will see the entity in the system.| |**B**|Direct|Makes entities included in the group visible to users who are also included in the group. Other users cannot view these entities. When a particular entity belongs to multiple groups of type **B**, if you want a user to see this entity in the system, you need to include this user in each of these groups.| |**B inverse**|Inverse|Hides the entities included in the group from users who are also included in the group. Users who are not assigned to this group can view and use the entities. When a particular entity belongs to multiple groups of type **B inverse**, if you don't want a user to see this entity in the system, you include the user in at least one of these groups.| ## Using group A or B direct You use groups of types **A** or **B** or groups with direct restriction when you need to make entities visible to users within the group. (For groups with only entities, the direct restriction group includes entities that must be used together.) The following diagram shows how groups with direct restriction work. In the diagram, you can see four users (for example, accountants) and six entities (for example, general ledger accounts). Initially, all users can see all accounts. + Group 1 is defined to include Users С and D and Accounts 1, 2, and 3. These accounts are visible to Users С and D and hidden from Users Y and Z. + Group 2 is defined to include Accounts 4, 5, and 6 and Users Y and Z. Users Y and Z can see Accounts 4, 5, and 6, and Users С and D cannot see these accounts. ![Images_RestrictionGroups_Direct_Restriction (1)](/media/visma-net-erp/Images_RestrictionGroups_Direct_Restriction%20%281%29.png) ## Using group A or B inverse You use groups of types **A inverse** or **B inverse** or groups with inverse restriction when you need to hide entities from a small number of users. (For groups without users, an inverse restriction group includes entities that may not be used together.) See the following diagram, which illustrates how groups with an inverse restriction work. + Group 1 is defined to include Users С and D and Accounts 1, 2, and 3. Accounts 1, 2, and 3 become invisible to Users С and D and remain visible to users Y and Z. + Group 2 is defined to include Accounts 4, 5, and 6 and Users Y and Z. This hides Accounts 4, 5, and 6 from Users Y and Z, but Users С and D still can see these accounts. The final visibility for groups with inverse restriction is the opposite of the final visibility for groups with direct restriction. ![Images_RestrictionGroups_Inverse_Restriction](/media/visma-net-erp/Images_RestrictionGroups_Inverse_Restriction.png) ## Recommendations for selecting the restriction group type As you decide which type of restriction group best meets your security needs, consider the following recommendations: + When you create multiple groups with entities of the same combination of types, use groups of the same basic type (either A or B). For example if you have two restriction groups that include users and customers. Otherwise, if you were to add the same entity to multiple groups of different types, the result may not be what you expect. + To configure the required visibility of entities, you can combine direct and inverse restriction groups of the same basic type (either A or B). For an example of this, please see **Usage example 2** in About types of restriction groups. Thus, you can combine groups of types **A** and **A inverse**, and groups of types **B** and **B inverse**. + If you want to hide particular entities from the majority of users, include the entities and the users who should see the entities in a group with direct restriction (type **A** or **B** ). + If you want to hide particular entities from a small number of users, add the entities and the users who shouldn't see the entities to a group with inverse restriction (type **A inverse** or **B inverse** ).

Tasks

Configure restriction groups

About practical scenarios with Restriction groups /visma-net-erp/help/access-management/row-level-security/about-practical-scenarios-with-restriction-groups section In this topic, you will find practical situations where restriction groups can be used, each presenting a distinct problem, along with effective solutions. 2026-02-19T17:09:06+01:00 # About practical scenarios with Restriction groups In this topic, you will find practical situations where restriction groups can be used, each presenting a distinct problem, along with effective solutions. These examples explore the complexities of establishing user visibility in a business. The restriction groups in the examples contain users and entities, but the same principles apply to groups that contain only entities. ## Usage example 1 ### Problem statement Suppose that as a system administrator, you have to configure the visibility of accounts to the appropriate users considering the following: + There are four accountants in your organisation: User C, User D, User Y, and User Z. + User M is the accounting manager who controls work of the accounting department. + There are six accounts in the general ledger: Account 1, Account 2, Account 3, Account 4, Account 5, and Account 6. + Only users C and D are allowed to see Accounts 1, 2, and 3. + Only users Y and Z are allowed to see Accounts 4, 5, and 6. + User M is allowed to see all accounts. You can use either of two solutions (described below) to configure the visibility of accounts to users. #### Solution 1 You can create three restriction groups of type **A**: + Group 1: In this group, you include Accounts 1, 2, and 3 and Users C and D. + Group 2: In this group, you include Accounts 4, 5, and 6 and Users Y and Z. + Group 3: In this group, you include User M and all six accounts. #### Solution with type B If you were to use groups of type **B** instead of type **A**, all accounts would be hidden from the users included in Groups 1, 2, and 3. To make this approach work with groups of type **B**, you would need to include User M in Groups 1, 2, and 3. See **Final visibility (Group type B)** in the diagram below. ![Images_RestrictionGroups_Direct_Restriction_Intersecting_Entities](/media/visma-net-erp/Images_RestrictionGroups_Direct_Restriction_Intersecting_Entities.png) #### Solution 2 You can create two restriction groups of type **A** or **B**: + Group 1: In this group, you include Accounts 1, 2, and 3 and Users C and D. + Group 2: In this group, you include Accounts 4, 5, and 6 and Users Y and Z. + You include User M in both groups. ![Images_RestrictionGroups_Direct_Restriction_No_Intersecting_Entities](/media/visma-net-erp/Images_RestrictionGroups_Direct_Restriction_No_Intersecting_Entities.png) ## Usage example 2 ### Problem statement Suppose that as a system administrator, you have to configure the visibility of accounts to the appropriate users considering the following: + There are four accountants: User C, User D, User Y, and User Z. + There are six accounts in the general ledger: Account 1, Account 2, Account 3, Account 4, Account 5, and Account 6. + User Y works with only one sensitive account, Account 1. + User Y is not allowed to see Account 2, Account 3, Account 4, Account 5, and Account 6. + The other accountants work with all accounts except Account 1. + Only accountants have access to the Finance module. (Thus, there is no need to hide accounts from other system users.) #### Solution You can create two restriction groups, Group 1 of type **A** or **B**, and Group 2 of type **A inverse** or **B inverse**. |IF|THEN| |---|---| |you select type **A** for Group 1|you should select type **A inverse** for Group 2.| |you select type **B** for Group 1|you should select type **B inverse** for Group 2.| These groups are defined as follows: + Group 1: In this group, you include User Y and Account 1. (Other users will not see Account 1.) + Group 2: In this group, you include User Y and Accounts 2 to 6. (User Y will not see these accounts.) The following diagram illustrates the proposed solution. ![Images_RestrictionGroups_Combined_Direct_and_Inverse_Restriction](/media/visma-net-erp/Images_RestrictionGroups_Combined_Direct_and_Inverse_Restriction.png) ## Usage example 3 ### Problem statement Suppose that as a system administrator, you have to configure the visibility of accounts to the appropriate users considering the following: + There are four accountants in your organisation: User C, User D, User Y, and User Z. + There are six accounts in the general ledger of your organisation: Account 1, Account 2, Account 3, Account 4, Account 5, and Account 6. + Users С and D should work with all six accounts. + User Y should work with Accounts 1, 2, and 3 but is not allowed to see Accounts 4, 5, and 6. + User Z is a junior accountant, so this user is not allowed to see the accounts. You can use either of two solutions (described below) to configure the visibility of accounts to users. #### Solution 1 You can create two groups of type **B inverse** —Group 1 and Group 2 (see **Final visibility (Group type B inverse)** ): + Group 1: In this group, you include User Y and Accounts 4, 5, and 6. + Group 2: In this group, you add User Z and Accounts 1, 2, 3, 4, 5, and 6. #### Solution with type A inverse If you were to use groups of type **A inverse** instead of **B inverse** in this example, Accounts 4, 5, and 6 would be visible to all users because they are added in two restriction groups (see **Final visibility (Group type A inverse** ) in the following diagram). ![Images_RestrictionGroups_Direct_Restriction_Intersecting_Entities](/media/visma-net-erp/Images_RestrictionGroups_Direct_Restriction_Intersecting_Entities.png) #### Solution 2 You can create two groups of the **A inverse** or **B inverse**: + Group 1: In this group, you include User Z and Accounts 1, 2, and 3. + Group 2: In this group, you include Users Y and Z and Accounts 4, 5, and 6. The following diagram illustrates Solution 2. ![Images_RestrictionGroups_Inverse_Restriction_No_Intersecting_Entities](/media/visma-net-erp/Images_RestrictionGroups_Inverse_Restriction_No_Intersecting_Entities.png) Manage visibility with restriction groups /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups section In Visma Net, you can use restriction groups in addition to role-based access rights to configure the security of information within the system. 2026-02-19T17:09:06+01:00 # Manage visibility with restriction groups In Visma Net, you can use restriction groups in addition to role-based access rights to configure the security of information within the system. In Visma Net, you can use restriction groups in addition to role-based access rights to configure the security of information within the system. In these topics you will read about different ways of using restriction groups and specific information about particular entities whose visibility you can control. About account and subaccount security /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security page In Visma Net, you can control which users will use particular general ledger accounts and subaccounts. 2026-02-19T17:09:06+01:00 # About account and subaccount security In Visma Net, you can control which users will use particular general ledger accounts and subaccounts. To configure the security of general ledger accounts and subaccounts, you can use a combination of user roles and restriction groups. By using user roles, you can configure the access of users to branches and to all branch-specific accounts and subaccounts. With restriction groups, you can set up the visibility of particular accounts and subaccounts within branches and for certain users, and you can limit the use of subaccounts with particular accounts. ## Most common scenarios with accounts and subaccounts In this topic, you will read about using restriction groups and branch-specific roles to configure and manage the security of accounts and subaccounts. The sections below describe in detail the most common scenarios of managing the security of accounts and subaccounts. These are: + Managing the visibility by branch + Managing the visibility by user + Managing the visibility of subaccounts by account + Adding the needed objects to one restriction group to control visibility by multiple factors ## Managing the visibility by branch When your organisation consists of multiple branches (and you have created multiple branches in Visma Net ), you can configure the system so that it narrows the lists of accounts and subaccounts by branch on data entry forms. You can configure and use the restriction groups that include branches only if the **Multi-branch support** functionality is enabled in the [Enable/disable functionalities (CS100000)](/visma-net-erp/help/common-settings/enable-or-disable-functionalites/enable-disable-functionalities-cs100000/) window. ### SCENARIO Suppose that your organisation has two branches, the Headquarters office ( **HQ** in the system) and the Regional sales office ( **RS** ). The accounting department processes documents for both branches. The following table explains how to configure the visibility restrictions of accounts and subaccounts by branch.

STEP	ACTION
1	Configure user roles for each branch (for example, Branch HQ and Branch RS ).
2	Assign both roles to the user accounts of the accountants. Result: The accountants will see information for both branches in Visma Net.
3	In the General ledger accounts by branch access (GL103040) window: create two restriction groups of type A with direct restriction: the HQ Accounts group for the Headquarters office and the RS Accounts group for the Regional sales office. In the HQ Accounts group, include the Headquarters branch ( HQ ) and the accounts that should be visible within the HQ branch. In the RS Accounts group, include the Regional sales branch ( RS ) and the accounts specific to the RS branch.
4	In the Subaccounts by branch access (GL103060) window: create two restriction groups of type A with direct restriction: the HQ subaccounts group for the Headquarters office and the RS subaccounts group for the Regional sales office. In the HQ subaccounts group, include the HQ branch and the subaccounts that should be visible within this branch. In the RS subaccounts group, include the RS branch and the subaccounts specific to this branch.
5	Result: The system will narrow the lists of accounts or the list of subaccounts in data entry windows after a user selects a branch.

### Resulting visibility Suppose that an accountant is adding an invoice in the [Purchase invoices (AP301000)](/visma-net-erp/help/supplier-ledger/supplier-ledger-windows/purchase-invoices-ap301000/) window and selects the **HQ** branch in the **Branch** column of the **Document details** tab. The accountant will only see accounts added to the **HQ accounts** restriction group. ## Managing the visibility by user If your organisation has sensitive general ledger accounts and subaccounts, you can provide the visibility of these objects to only a limited set of users. For performance reasons, visibility restrictions by user for subaccounts do not affect analytical (ARM) and window-based reports or general inquiries. This means that users who can view the reports and general inquiries that include subaccounts will see the full list of subaccounts. ### SCENARIO 1 Suppose that only a chief accountant of your organisation can work with the tax payable account. The following table explains how to make this account visible only to the chief accountant.

STEP	ACTION
1	Go to the General ledger account access (GL104000) window.
2	Create a restriction group (for example, Access to VAT payable account ) with direct restriction.
3	Add the user account of the chief accountant to the group.
4	Add the tax account to the group.

### SCENARIO 2 Suppose that the subaccount for the financial department can be used only by accountants (and not by other users). The following table explains how to make this subaccount visible only to accountants. |STEP|ACTION| |---|---| |1|Go to the [General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/) window.| |2|Create a restriction group (for example, **Access to financial subaccount** ) with direct restriction.| |3|Add the user accounts of the accountants to the group.| |4|Add the subaccount for the financial department to the group.| ## Managing the visibility of subaccounts by account You can specify which subaccounts can be used with only a particular account in windows in Visma Net. This means that only the specified subaccounts will appear for selection if that account is selected. This limitation will help users to avoid errors when they select accounts and subaccounts in windows. If you are using restriction groups to control the accounts and subaccounts that can be used together, you must create at least two groups and include all subaccounts in either of the groups. ### SCENARIO Suppose that you need to restrict visibility of subaccounts for only one account. The following table explains how to solve this task. |STEP|ACTION| |---|---| |1|Create two restriction groups.| |2|In the first group with **direct** restriction, include a general ledger account and the list of subaccounts that should be related to this account.| |3|In the second group with **inverse** restriction, include the same account and subaccounts that should not be displayed after users select this account.| |4|**Result**: When users select the account in a window, they will see only one of the subaccounts included in the first group.| ### PRACTICAL EXAMPLE Suppose that the ELE-000 subaccount, which is used for electronics and computers, should be visible only after a user has selected the 12100 warehouse account, and the NSS-000 subaccount should be related to the 12200 warehouse account. The following table explains how to restrict the visibility of the subaccounts by account in this particular case. |STEP|ACTION| |---|---| |1|Go to the [General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/) window.| |2|Create the restriction group Stock item subaccounts and include the **12100** warehouse account and the **ELE-000** subaccount.| |3|Create the restriction group Non-stock item subaccounts and include the **12200** warehouse account and the **NSS-000** subaccount.| ## Visibility of accounts, subaccounts, and users If you need to limit the users who use sensitive accounts, and only particular subaccounts must be used with these sensitive accounts, you can configure restriction groups to address this task. To implement this functionality, you need to add users, accounts, and subaccounts (or subaccount segments) to the same group. ### SCENARIO Suppose that the ELE-000 (electronics and computers) and FUR-000 (furniture) subaccounts should be visible only if a user has selected the 12100 warehouse account, and that only the warehouse workers User Y and User Z should work with these accounts and subaccounts. The following table explains how to restrict the visibility in this case.

STEP	ACTION
1	Go to the General ledger account access (GL104000) window.
2	Create a restriction group, for example Restriction of warehouse accounts.
3	Add the 12100 warehouse account to the group.
4	Add the ELE-000 and FUR-000 subaccounts to the group.
5	Add User Y and User Z to the group.
6	Result: User Y and User Z will only be able to select subaccounts ELE-000 and FUR-000 in combination with warehouse account 12100 when processing a document.

## Subaccount segment values If the **By segment: all avail. segment values** lookup mode is selected in the [Segment keys (CS202000)](/visma-net-erp/help/common-settings/common-settings-windows/segment-keys-cs202000/) window for the **SUBACCOUNT** segmented key (that is, if the users of your Visma Net instance enter subaccounts by segments in windows), you manage the security of subaccount segments instead of entire subaccounts. In this case, you need to add all subaccount segments, that form a subaccount whose visibility should be restricted, to a restriction group. ## Cash account security Cash accounts are one type of sensitive accounts that you may need to secure in the system. The ways of managing the security of cash accounts differ from the ways of managing the security of general ledger accounts. For more information, see: [About the security of cash accounts](/visma-net-erp/help/cash-management/configure-cash-accounts/about-the-security-of-cash-accounts/). ## Windows for account and subaccount security In the following table, you can find the list of windows that you can use to manage restriction groups with accounts, subaccounts, and subaccount segments, and tasks that you can resolve by using each window. |Task|Window| |---|---| |To initially configure the visibility of accounts and subaccounts (or subaccount segments) to users.|[General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/)| |To initially configure the visibility of accounts by branches.|[General ledger accounts by branch access (GL103040)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-accounts-by-branch-access-gl103040/)| |To initially configure the visibility of subaccounts (or subaccount segments) by branches.|[Subaccounts by branch access (GL103060)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/subaccounts-by-branch-access-gl103060/)| |To change the visibility of an account in multiple restriction groups.|[Restriction groups by general ledger account (GL104020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-general-ledger-account-gl104020/)| |To change the visibility of a subaccount in multiple restriction groups.|[Restriction groups by subaccount (GL104030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-subaccount-gl104030/)| |To change the visibility of a subaccount segment in multiple restriction groups.|[Restriction groups by sub segment (GL104040)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-sub-segment-gl104040/)| |To change the visibility of system objects by a user in multiple restriction groups.|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| |To change the visibility of system objects by a branch in multiple restriction groups.|[Restriction groups by branch (GL103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-branch-gl103020/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/).

Concepts

About security of cash accounts /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-security-of-cash-accounts page Cash is a company's most liquid asset, which is why an organisation must have adequate controls to secure it. 2026-02-19T17:09:06+01:00 # About security of cash accounts Cash is a company's most liquid asset, which is why an organisation must have adequate controls to secure it. In Visma Net, you can control which users can view which particular cash accounts. In this topic the following scenarios of managing the security of cash accounts are described: + Managing the visibility by branch. + Managing the visibility by user. ## Multiple branches vs. single branch organisations If your organisation consists of multiple branches, you can allow users in each branch to work with only branch-specific cash accounts. You can only configure multiple branches if the **Multi-branch support** functionality is enabled in the [Enable/disable functionalities (CS100000)](/visma-net-erp/help/common-settings/enable-or-disable-functionalites/enable-disable-functionalities-cs100000/) window. If the **Multi-branch support** functionality is disabled, all cash accounts belong to a single branch and are visible to all users who are allowed to view the accounts, based on their membership in restriction groups. ## Visibility of cash accounts by branch The visibility of a cash account can be restricted based on the branch the account belongs to. Consider a user who is allowed to view multiple branches due to this user's assigned branch roles. On the data entry forms, this user can view the cash accounts of all the branches this user is allowed to view, based on the branch selected in the **Branch** field of the data entry form. This field is filled by default with the branch to which the user is currently signed in. The following steps describe how to restrict the visibility of a cash account by the branch.

STEP	ACTION
1	Go to the Enable/disable functionalities (CS100000) window.
2	Enable the Inter-branch transactions functionality, which gives you the ability to configure the automatic generation of inter-branch transactions for each document that involves multiple branches. Result: The Restrict visibility with branch check box appears in the Cash accounts (CA202000) window.
3	Go to the Cash accounts (CA202000) window.
4	Select a cash account.
5	Select the Restrict visibility with branch check box.
6	Save your changes.

Repeat steps 4-6 for each cash account whose visibility you want to control. ### Resulting visibility The table below explains how cash account access varies based on the selection of the checkbox **Restrict visibility with branch** in the [Cash accounts (CA202000)](/visma-net-erp/help/cash-management/cash-management-windows/cash-accounts-ca202000/) window. |SCENARIO|VISIBILITY OF CASH ACCOUNT| |---|---| |Check box selected for a cash account|Visible to users selecting the specified branch in the "Branch" field on data entry forms.| |Check box cleared for a cash account|Visible regardless of the selected branch.| |When the Branch field is absent on a data entry form|Visibility determined by the user's currently signed-in branch.| ## Restricting access with user roles If you want, you can restrict access to cash accounts by using branch roles in the same way as for general ledger accounts. For more information, see [About account and subaccount security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security/). ## Visibility of cash accounts by user You can control the visibility of a specific cash account to users with the help of restriction groups. Suppose that there is only one accountant in your organisation and only this person should work with a cash account in the system. The following steps describe how to restrict the visibility of the cash account by user. |STEP|ACTION| |---|---| |1|Go to the [General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/) window.| |2|Create a restriction group with direct restriction, for example **Access to cash account**.| |3|Add the user account of the accountant to the group.| |4|Add the general ledger account the cash account is linked to.| ### RECOMMENDATION We recommend that you carefully design and configure restriction groups containing accounts, so that a user can view the accounts he or she needs for work. Otherwise, a user may encounter problems with processing transactions of the linked cash accounts. ## Windows for security of cash accounts In the following table, you can find the list of the windows that you can use to manage restriction groups with cash accounts and the tasks that you can solve by using each window. |Task|Window| |---|---| |To initially configure the visibility of a general ledger account to which a cash account is linked to users.|[General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/)| |To change the visibility of a general ledger account a cash account is linked to.|[Restriction groups by general ledger account (GL104020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-general-ledger-account-gl104020/)| |To change the visibility of a general ledger account to which a cash account is linked by a user in multiple restriction groups.|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| |To change the visibility of a general ledger account to which a cash account is linked by a branch in multiple restriction groups.|[Restriction groups by branch (GL103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-branch-gl103020/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/).

Concepts

About security of general ledger budget articles /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-security-of-general-ledger-budget-articles page In Visma Net, organisations implement general access restrictions by assigning roles to users of the system. 2026-02-19T17:09:06+01:00 # About security of general ledger budget articles In Visma Net, organisations implement general access restrictions by assigning roles to users of the system. In this topic, you will read about configuring restriction groups for managing the security of sensitive general ledger budget articles. ## Restricting view with roles vs. restriction groups If a role allows a user to view or edit General ledger budget articles, the user can view all the articles, including those that might be sensitive. By using restriction groups, you can limit the visibility of sensitive budget articles so that only particular users can see and work with these articles. ## Managing the visibility of general ledger budget articles by user You can configure restriction groups that will limit the visibility of General ledger budget articles (leaf articles or nodes at any level) for users. As a result, the users not included in the group will not be able to see the budget articles (and these articles' subarticles, if there are any). Suppose that the **Wages** budget article should be available to only the chief financial officer of your organisation. The following table describes how to configure the visibility of this budget article in the [General ledger budget access (GL105030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/budget-access-gl105030/) window. |STEP|ACTION| |---|---| |1|Create a restriction group (for example, **Group for wages budget article** ) with direct restriction.| |2|Add the user account of the chief financial officer to the group.| |3|Add the **Wages** budget article to the group.| For more details about restriction groups, see: [About restriction groups in Visma.net ERP](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## Windows for security of general ledger budget articles In the following table, you can find the list of windows that you can use to manage restriction groups with general ledger budget articles and tasks that you can resolve by using each window. |Task|Window| |---|---| |To initially configure the visibility of a general ledger budget article to users|[General ledger budget access (GL105030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/budget-access-gl105030/)| |To change the visibility of a general ledger budget article in multiple restriction groups|[Restriction groups by budget article (GL105020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-budget-article-gl105020/)| |To change the visibility of a general ledger budget article by user in multiple restriction groups|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). About warehouse security /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-warehouse-security page An organisation can have multiple warehouses in Visma Net, and different groups of employees can work with these warehouses in the system. 2026-02-19T17:09:06+01:00 # About warehouse security An organisation can have multiple warehouses in Visma Net, and different groups of employees can work with these warehouses in the system. An organisation can have multiple warehouses in Visma Net, and different groups of employees can work with these warehouses in the system. In this topic, you can find information about configuring the security of warehouses in Visma Net. ## Managing multiple warehouses You can create and manage multiple warehouses in Visma Net only if the **Multiple warehouses** functionality is enabled in the [Enable/disable functionalities (CS100000)](/visma-net-erp/help/common-settings/enable-or-disable-functionalites/enable-disable-functionalities-cs100000/) window. ## Restricting access to warehouses To limit the set of employees who work with a particular warehouse, you can create restriction groups to display a warehouse only for employees who are responsible for tasks that involve this warehouse. If the employees who work with the same warehouse perform only specific tasks (such as accepting goods and creating purchase orders), you can provide access to only those windows that these employees should use. The most common scenarios of managing the security of warehouses are the following: + Managing access to windows based on functional role + Managing the visibility of particular warehouses by user ## Access to windows based on roles By using the User security windows, you can use user roles in Visma Net to give employees access to windows related to working with warehouses. A role can correspond to an area of responsibility for an employee who performs warehouse-related tasks, such as creating purchase orders, accepting goods, and preparing replenishment. If needed, you can assign multiple roles to an employee. For more information about user roles, see: [About role-based access](/visma-net-erp/help/access-management/user-security/about-role-based-access/). ### Examples of roles Consider the following examples of roles for employees who work with the Inventory module. Through the [Access rights by role (SM201025)](/visma-net-erp/help/access-management/user-security/user-security-windows/access-rights-by-role-sm201025/) window, you can administer the access you want for each of these roles. Supervisor : A role for an employee who configures the Inventory workspace and manages work with the workspace. Through the above mentioned window, this role should have access to the windows in the **Manage** and **Explore** nodes of the **Work area** tab, and to the **Configuration** tab of the Inventory workspace. Data entry clerk : A role for an employee who creates documents on data entry forms. Through the above mentioned window, you should provide access to windows in the **Enter** node of the **Work area** tab of the Inventory workspace for this role. Purchasing manager : A role for an employee who is responsible for replenishment. For this role, you should provide access to the **Replenishment** node of the **Processes** tab of the Inventory workspace, through the above mentioned window. ## Visibility of warehouses by user By default, all employees who have access to windows of the Inventory module can see all warehouses created in the system. ### Configuring restriction groups By using the windows of the Row-level security workspace, you can configure the system so that each warehouse is displayed only to users who work with this warehouse. You can use restriction groups to set up visibility of warehouses to employees. For details on restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ### Practical example Suppose that your system has the **Wholesale** and **Retail** warehouses defined, and you need to configure visibility of these warehouses to users as follows: + User S is a supervisor and should configure and manage both warehouses. + User C1 is a clerk who enters documents for the **Wholesale** warehouse. + User C2 is a clerk who enters documents for the **Retail** warehouse. The following table describes how to configure visibility of warehouses according to this example.

STEP	ACTION
1	Go to the Warehouse access (IN102000) window.
2	Create two restriction groups of type A (with direct restriction): Group 1 for the Wholesale warehouse, and Group 2 for the Retail warehouse.
3	In Group 1, include User S, User C1, and the Wholesale warehouse.
4	In Group 2, include User S, User C2, and the Retail warehouse.

### Final visibility The resulting visibility of warehouses will be the following: + User S can see both the **Wholesale** and **Retail** warehouses. + User C1 can see only the **Wholesale** warehouse. + User C2 can see only the **Retail** warehouse. ## Windows for warehouse security In the following table, you can find the list of windows that you can use to manage restriction groups with warehouses and tasks that you can solve by using each window. |Tasks|Window| |---|---| |To initially configure the visibility of a warehouse to users|[Warehouse access (IN102000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/warehouse-access-in102000/)| |To change the visibility of a warehouse in multiple restriction groups|[Restriction groups by warehouse (IN102010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-warehouse-in102010/)| |To change the visibility of warehouses to a user in multiple restriction groups|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). ## Restricting visibility of stock items In addition to managing the visibility of warehouses in whole, you can restrict the visibility of particular stock items. For details, see: [About item security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-item-security/). About item security /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-item-security page An organisation that distributes goods may have many items in stock. 2026-02-19T17:09:06+01:00 # About item security An organisation that distributes goods may have many items in stock. An organisation that distributes goods may have many items in stock. In this case, users who work with items in the system may have specific tasks and work with only particular item classes. When users create a sales order, they need to enter an item ID for each product. You can define restriction groups to decrease the lists of items a particular user sees. In this topic, you will read about managing the visibility of items to users in the system. ## Visibility of items to users The list of items from which employees should select an item for the product can be very long, which increases the probability of an entry error. By using restriction groups, you can reduce the list of items that users see on windows. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ### Example Suppose that your organisation sells furniture. Each sales manager works with furniture for a particular room, such as kitchen, living room, and bedroom. When managers create a sales order, they should select items only from the list of furniture they sell to avoid entry mistakes. Suppose that: + User K sells kitchen furniture, + User L sells living room furniture, and + User M sells bedroom furniture. The following table describes how to restrict the visibility of items to appropriate users in the system. |STEP|ACTION| |---|---| |1|Go to the [Item access (IN103000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/item-access-in103000/) window.| |2|Create restriction groups K, L and M with direct restriction.| |3|In group K, include User K and all item IDs for kitchen furniture items.| |4|In group L, add User L and all item IDs for items of the living room furniture.| |5|In group M, include User M and all item IDs for the bedroom furniture items.| ### Final visibility As a result, the visibility of the items in sales orders will be restricted in the system as follows: + User K can view and select only items for the kitchen furniture. + User L can work with only items for the living room furniture. + User M can see and select only items for the bedroom furniture. + All other users cannot see the items added to the three restriction groups in the system. ## Types of restriction groups In Visma Net, you can configure groups with direct and inverse restriction. In this topic, groups with direct restriction are used in examples for simplicity. You can use inverse restriction groups in the same way as you use direct restriction groups. For details on the types of restriction groups, see: [About types of restriction groups](/visma-net-erp/help/access-management/row-level-security/about-types-of-restriction-groups/). ## Windows for item security In the following table, you can find the list of the windows that you can use to manage restriction groups with items and the tasks that you can solve by using each window. |Task|Window| |---|---| |To initially configure the visibility of an item to users|[Item access (IN103000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/item-access-in103000/)| |To change the visibility of an item in multiple restriction groups|[Restriction groups by item (IN103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-item-in103020/)| |To change the visibility of items to a user in multiple restriction groups|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). About security of organisation branches /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-security-of-organisation-branches page If your organisation has multiple branches defined in Visma Net, you may need to control which employees get access to which branches. 2026-02-19T17:09:06+01:00 # About security of organisation branches If your organisation has multiple branches defined in Visma Net, you may need to control which employees get access to which branches. In this topic, you will read about ways to manage the security of a branch. ## Managing multiple branches You can create and maintain multiple branches in your Visma Net instance only if the **Multi-branch support** functionality is enabled in the [Enable/disable functionalities (CS100000)](/visma-net-erp/help/common-settings/enable-or-disable-functionalites/enable-disable-functionalities-cs100000/) window (for details, see: [About multi-branch support](/visma-net-erp/help/organisation-structure/about-multi-branch-support/) ). ## Restricting access to branches Because branches share some data, you may also need to control access to the shared data. Visma Net provides user access roles, which you can use to control users' access to branches, and restriction groups to limit the visibility of shared data. The most common scenarios of managing the security of company branches are the following: + Managing user access to branches + Managing the visibility of data shared between branches ## User access to branches The following table explains how to provide access to branches for users who will work in the system. |STEP|ACTION| |---|---| |1|Go to the [User roles (SM201005)](/visma-net-erp/help/access-management/user-security/user-security-windows/user-roles-sm201005/) window.| |2|Create branch-specific user roles (one role per branch).| |3|Assign these roles to user accounts. For details on user roles, see: About role-based access.| |4|Go to the [Branches (CS102000)](/visma-net-erp/help/organisation-structure/organisation-structure-windows/branches-cs102000/) window.| |5|Assign the roles to branches. That is, for each branch, in the Access role field, you select the user role created for this branch.| ### After assigning the first role Once a role is assigned to one of the branches, other branches must also have roles assigned. A branch with no role assigned will be inaccessible to any user. To allow a user to access multiple branches, assign the roles for the branches to which the user should have access. ### Access to branch data in windows If a user, based on his or her role, has access to a data entry form where this user enters a document and specifies the branch of origin, only the branches to which the user has access are available on the drop-down list. The users who have access to multiple branches can select the specific branch from the **Branches** menu in the window's title toolbar and create documents on behalf of the selected branch. ## Full branch access No matter which branch users have access to, users who have access to the following windows, based on their roles, will see and work with all branches (because users configure system objects by using these windows): + [Inter-branch account mapping - reference information](/visma-net-erp/help/general-ledger/general-ledger-windows/inter-branch-account-mapping-gl101010/) + [Branches (CS102000)](/visma-net-erp/help/organisation-structure/organisation-structure-windows/branches-cs102000/) + [Buildings (CS205010)](/visma-net-erp/help/organisation-structure/organisation-structure-windows/buildings-cs205010/) + [Company tree (EP204060)](/visma-net-erp/help/organisation-structure/organisation-structure-windows/company-tree-ep204060/) + [Restriction groups by branch (GL103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-branch-gl103020/) + [General ledger accounts by branch access (GL103040)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-accounts-by-branch-access-gl103040/) + [Subaccounts by branch access (GL103060)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/subaccounts-by-branch-access-gl103060/) ## Visibility of data within a branch Branches have some data shared between branches and some data kept as branch-specific (for details, see: [About multi-branch support](/visma-net-erp/help/organisation-structure/about-multi-branch-support/)). You may need to restrict the visibility of data that is shared but may contain sensitive information, such as general ledger accounts and subaccounts. Visma Net provides restriction groups so you can control which accounts and subaccounts are used with which branch. For details on configuring restriction groups for accounts and subaccounts, see: [About account and subaccount security](/visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-account-and-subaccount-security/). ## Windows for branch security In the following table, you can find the list of the windows that you can use to manage restriction groups with branches and the tasks that you can resolve by using each window. |Task|Window| |---|---| |To initially configure the visibility of accounts by branches|[General ledger accounts by branch access (GL103040)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-accounts-by-branch-access-gl103040/)| |To initially configure the visibility of subaccounts (or subaccount segments) by branches|[Subaccounts by branch access (GL103060)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/subaccounts-by-branch-access-gl103060/)| |To change the visibility of system objects by a branch in multiple groups|[Restriction groups by branch (GL103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-branch-gl103020/)| ## Types of restriction groups In Visma Net, you can configure groups with direct and inverse restriction. In this topic, groups with direct restriction are used in examples for simplicity. You can use inverse restriction groups in the same way as you use direct restriction groups. For details on the types of restriction groups, see: [About types of restriction groups](/visma-net-erp/help/access-management/row-level-security/about-types-of-restriction-groups/). For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). About customer security /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-customer-security page If your organisation sells goods and provides services to customers, you may have a great deal of customer-related information stored in Visma Net. 2026-02-19T17:09:06+01:00 # About customer security If your organisation sells goods and provides services to customers, you may have a great deal of customer-related information stored in Visma Net. When the employees of your organisation create documents for customers, they have to select the required customer from the full list of customers. If certain employees work with only very important customers, and other employees are not allowed to see these customers in the system for security reasons, you can create restriction groups to manage the visibility of your customers to users of Visma Net, as described in this topic. ## Visibility of customers by user By using restriction groups, you can show or hide particular customers on Visma Net windows, depending on the user who is logged in to the system. For instance, if some customers are very important to your organisation, dedicated employees might be assigned to process documents that contain information about these customers in the system. ### Example Suppose that your organisation provides cleaning services and Megabank is a very important customer of your organisation. Manager M is responsible for all operations in the systems related to Megabank, and other managers should not see Megabank in any windows of the system. The following table explains the steps to configure the visibility of this customer in the system. |STEP|ACTION| |---|---| |1|Go to the [Customer access (AR102000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/customer-access-ar102000/) window.| |2|Create a restriction group (for example, Group for Megabank) with direct restriction.| |3|Add the user account of the Manager M to the group.| |4|Add the Megabank customer to the group.| ## Default restriction groups If you use customer classes and want to include each new customer of a particular class in a restriction group automatically, you can specify a default restriction group for this class, as described in [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). ## Windows for customer security In the following table, you can find the list of the windows that you can use to manage restriction groups with customers and the tasks that you can resolve by using each window. |Task|Window| |---|---| |To initially configure the visibility of a customer to users|[Customer access](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/customer-access-ar102000/)| |To change the visibility of a customer in multiple restriction groups|[Restriction groups by customer (AR102010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-customer-ar102010/)| |To change the visibility of customers to a user in multiple restriction groups|[Restriction groups by user](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). ## Types of restriction groups In Visma Net, you can configure groups with direct and inverse restriction. In this topic, groups with direct restriction are used in examples for simplicity. You can use inverse restriction groups in the same way as you use direct restriction groups. For details on the types of restriction groups, see: [About types of restriction groups](/visma-net-erp/help/access-management/row-level-security/about-types-of-restriction-groups/). About supplier security /visma-net-erp/help/access-management/row-level-security/manage-visibility-with-restriction-groups/about-supplier-security page If your organisation buys goods and services from external organisations, your accountants manage suppliers' information and process documents. 2026-02-19T17:09:06+01:00 # About supplier security If your organisation buys goods and services from external organisations, your accountants manage suppliers' information and process documents. If your organisation works with more than 10 suppliers, accountants may work with particular suppliers only. In this case, the accountants who do not work with these suppliers should not see them in the system for security reasons and to avoid entry errors. You can use restriction groups to configure and manage the visibility of suppliers to users in the system, as described in this topic. ## Visibility of suppliers by user By using restriction groups you can configure and manage the visibility of suppliers to users in the system. This way you can make suppliers visible only to accountants who work with these suppliers in the system. If each accountant in your organisation works with specific suppliers, you can hide these suppliers from other users. For details about restriction groups, see: [About restriction groups in Visma.net ERP](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ### Example Suppose that ABComputers is your supplier of computers and office equipment, and only the senior accountant is allowed to process documents from this supplier. The following table explains the steps to configure the visibility of this supplier. |STEP|ACTION| |---|---| |1|Go to the the [Supplier access (AP102000)](/visma-net-erp/help/supplier-ledger/supplier-ledger-windows/supplier-access-ap102000/) window.| |2|Create a restriction group with direct restriction (for example: Group for ABComputers).| |3|Add the user account of the senior accountant to the group.| |4|Add the ABComputers supplier to the group.| ## Default restriction groups If you have configured supplier classes, you can specify a default restriction group for a supplier class. With this setting, all new suppliers of the class will be automatically added to the restriction group. For details, see: Setting up default restriction groups for supplier and customer classes in [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). ## Windows for supplier security In the following table, you can find the list of the windows that you can use to manage restriction groups with suppliers and the tasks that you can resolve by using each window. |Task|Window| |---|---| |To initially configure the visibility of a supplier to users|[Supplier access (AP102000)](/visma-net-erp/help/supplier-ledger/supplier-ledger-windows/supplier-access-ap102000/)| |To change the visibility of a supplier in multiple restriction groups|[Restriction groups by supplier (AP102010)](/visma-net-erp/help/supplier-ledger/supplier-ledger-windows/restriction-groups-by-supplier-ap102010/)| |To change the visibility of suppliers to a user in multiple restriction groups|[Restriction groups by user (SM201035)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035/)| For information about how to add or remove objects from a restriction group, see: [About operations with restriction groups](/visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups/). ## Types of restriction groups In Visma Net, you can configure groups with direct and inverse restriction. In this topic, groups with direct restriction are used in examples for simplicity. You can use inverse restriction groups in the same way as you use direct restriction groups. For details on the types of restriction groups, see: [About types of restriction groups](/visma-net-erp/help/access-management/row-level-security/about-types-of-restriction-groups/). Configure restriction groups /visma-net-erp/help/access-management/row-level-security/configure-restriction-groups section Restriction groups provide the capability to limit the visibility of system entities for users. 2026-02-19T17:09:06+01:00 # Configure restriction groups Restriction groups provide the capability to limit the visibility of system entities for users. Restriction groups provide the capability to limit the visibility of system entities for users. To start using restriction groups, you need to plan how to use these and configure them, as described in these topics. About preparation for configuration /visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-preparation-for-configuration page Before you start configuring restriction groups, you need to gather the information that will help you to plan your restriction groups. 2026-02-19T17:09:06+01:00 # About preparation for configuration Before you start configuring restriction groups, you need to gather the information that will help you to plan your restriction groups. Before you create and configure restriction groups, you need to follow the three steps explained in this topic, for each visibility-related task you want to resolve. ## STEP 1 - Determine whether or not to include users The following table explains when to include users in your restriction group or not. |IF|THEN| |---|---| |you need to limit the visibility of entities (for example: customers) for users,|the restriction group consists of users and entities.| |you need to restrict the visibility of entities (for example: subaccounts) when they are used with particular entities of a different type (for example: general ledger accounts),|the restriction group consists of only entities.| For details, see: [About restriction groups in Visma.net ERP](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## STEP 2 - Select the restriction group type The following tables explain the type of restriction group to use with and without users respectively. ### For a group with users |IF|THEN| |---|---| |a smaller number of users **should** see the entities,|you select a group with direct restriction.| |a smaller number of users **should not** see the entities,|you select a group with inverse restriction.| ### For a group with entities (no users) For example entities of Type 1 and Type 2 in the table below (for example subaccounts and accounts). |IF|THEN| |---|---| |the number of subaccounts that **should** be visible when an account is selected, is smaller than the number of subaccounts that shouldn't be visible,|you select a group with direct restriction.| |if the number of subaccounts **shouldn’t** be visible when an account is selected, is smaller than the number of subaccounts that should be visible,|you select a group with inverse restriction.| ## STEP 3 - Estimate the number of restriction groups You determine how many groups you need to create by using the following guidelines: |IF|THEN| |---|---| |a particular user or a set of users should (or shouldn't) see entities of different types (such as customers or general ledger accounts),|you need to create a separate restriction group for each entity type.| |multiple sets of users should (or shouldn't) see different values of entities of the same type (such as warehouses),|you need to create a separate group for each entity value or set of entity values.| |you need to control the accounts and subaccounts that can be used together,|you must create at least two groups and include all subaccounts in either of the groups.| |you want include particular combinations of entities in one group with users,|see [About restriction groups in Visma.net ERP](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/) for supported combinations of entities.| For examples of using restriction groups, see: [About practical scenarios with Restriction groups](/visma-net-erp/help/access-management/row-level-security/about-practical-scenarios-with-restriction-groups/). About operations with restriction groups /visma-net-erp/help/access-management/row-level-security/configure-restriction-groups/about-operations-with-restriction-groups page The operations that you can perform with restriction groups (such as creating the groups, adding entities to a group, deleting entities from a group, and viewing group details) depend on the window. 2026-02-19T17:09:06+01:00 # About operations with restriction groups The operations that you can perform with restriction groups (such as creating the groups, adding entities to a group, deleting entities from a group, and viewing group details) depend on the window. This topic describes the operations that you can perform with restriction groups. ## Creating a restriction group The following table explains how to create a restriction group to restrict the visibility of some system entities.

STEP	ACTION
1	Open one of the windows in the Row-level security workspace, which you can use to create restriction groups with the particular system entities you want to add. For examples of combination of restriction groups, see: About restriction groups in Visma.net ERP.
2	Enter a group name that reflects what the group limits visibility to.
3	Select the group type. For information about the types of restriction groups, see: About types of restriction groups.
4	If the group includes users, select the users that will be included in the group on the Users tab.
5	Select the values of the entity that should be included in the group on the tab with the list of entities. For example: If the entity is warehouses, you select the particular warehouses you want to include in the group.
6	Repeat this step for each entity type that you want to include in the group.
7	Save your changes.

## Deactivating a restriction group If you do not want to apply the restrictions of a group to the entities included in the group, you do the following.

STEP	ACTION
1	Open the Restriction groups (SM201030) window.
2	In the Selection area, select the restriction group you want to edit.
3	Clear the Active check box.
4	Save your changes.
5	Result: Restrictions configured in the group are no longer applied to the entities.

## Setting up default restriction groups for supplier and customer classes To simplify the process of adding new supplier and customers to restriction groups, you can specify a default restriction group for a supplier or customer class. This means that suppliers and customers of the selected class will be included in the restriction group automatically. The following table explains the steps to specify a default restriction group for a supplier class.

STEP	ACTION
1	Go to the Supplier classes (AP201000) window.
1	In the Class ID field, select the supplier class for which you want to specify the default restriction group.
2	Go to the General settings tab, and in the Default restriction group field of the Default general settings, select the default restriction group that will be used for the selected supplier class.
3	Click Apply restriction settings to all suppliers in the window toolbar, to include all entities of the class in the default restriction group.
4	Save your changes.

You perform similar steps in the [Customer classes (AR201000)](/visma-net-erp/help/customer-ledger/customer-ledger-windows/customer-classes-ar201000/) window when you want to specify a default restriction group for a customer class. ## Removing class entities from a default restriction group The following table explains how to remove all class entities from a default restriction group to cancel the visibility restriction for entities of a supplier class.

STEP	ACTION
1	Open the Supplier classes (AP201000) window.
2	Go to the General settings tab, and in the Default general settings section, clear the value in the Default restriction group field.
3	Click Apply restriction settings to all suppliers in the window toolbar.
4	Save your changes.

In the [Customer classes (AR201000)](/visma-net-erp/help/customer-ledger/customer-ledger-windows/customer-classes-ar201000/) window, you can perform similar steps to remove customers of a class from the default restriction group. ## Adding entities to an existing restriction group While addressing your everyday tasks, you may need to add users and entities to restriction groups that you have created and configured previously. Suppose that a new employee of your organisation should use accounts with limited visibility, or that new stock items have been added to the system and should be in a particular restriction group. Follow these steps to add an entity to an existing group.

STEP	ACTION
1	Go to the Row-level security workspace.
2	Open the window that displays restriction groups for the entity you want to add to the restriction group. For example: For a user, you open the Restriction groups by user (SM201035) window.
3	In the top part, select the entity that you want to add to a restriction group. For example: In the Login field, you select Todd Bloom.
4	In the table with the list of restriction groups, select the unlabelled Included check box for each group in which you want to include the selected entity.
5	Save your changes.

After you have included the entity in the restriction groups, the system applies the visibility limitations to the entity. Similarly, you can remove entities from a restriction group by clearing the **Included** check box for this group. Row-level security windows /visma-net-erp/help/access-management/row-level-security/row-level-security-windows section On the menu of Visma Net, the windows are grouped into workspace items on the left hand side of the screen. 2026-02-19T17:09:06+01:00 # Row-level security windows On the menu of Visma Net, the windows are grouped into workspace items on the left hand side of the screen. Each item contains a workspace with tiles and categories. This topic follows the listing of the category items in the Row-level security module. Customer access (AR102000) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/customer-access-ar102000 page By using this window, you can create restriction groups for managing the visibility of customer accounts to users, or modify existing restriction groups by adding or removing users or customer accounts. 2026-02-19T17:09:06+01:00 # Customer access (AR102000) By using this window, you can create restriction groups for managing the visibility of customer accounts to users, or modify existing restriction groups by adding or removing users or customer accounts. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. > [!NOTE] > You can also use the [Restriction groups by customer (AR102010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-customer-ar102010/) window to manage the visibility of customer accounts to users, but you cannot create restriction groups on this window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Element	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Customers tab On this tab, you can view the list of customer accounts defined in the system and select those to be included in the restriction group.

Element	Description
Customer no.	The number of the customer. You can click the customer number to open the Customers (AR303000) window with information about this customer.
Status	The status of the customer account, which is either Active or Inactive.
Customer name	The name of the customer as it appears on the documents.

Email account access (SM201050) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/email-account-access-sm201050 page By using this window, you can create restriction groups for managing the visibility of system email accounts to users, or modify existing restriction groups by adding or removing users or system email accounts. 2026-02-19T17:09:06+01:00 # Email account access (SM201050) By using this window, you can create restriction groups for managing the visibility of system email accounts to users, or modify existing restriction groups by adding or removing users or system email accounts. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. By using this window, you can create restriction groups for managing the visibility of system email accounts to users, or modify existing restriction groups by adding or removing users or system email accounts. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Email accounts tab By using this tab, you can view the list of system email accounts defined in the system and select those to be included in the restriction group.

Column	Description
Email address	The email address that corresponds to this system email account.
User name	The login that was specified in the system email account settings.
Password	The password that was specified in the system email account settings. The password is displayed in an encrypted window.
Included	A check box that indicates (if selected) that a system email account is included in the restriction group.

General ledger account access (GL104000) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000 page By using this window, you can create restriction groups for managing the visibility of accounts and subaccounts to users, or modify existing restriction groups by adding or removing users, accounts, or subaccounts. 2026-02-19T17:09:06+01:00 # General ledger account access (GL104000) By using this window, you can create restriction groups for managing the visibility of accounts and subaccounts to users, or modify existing restriction groups by adding or removing users, accounts, or subaccounts. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You can also use the [Restriction groups by general ledger account (GL104020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-general-ledger-account-gl104020/) and [Restriction groups by subaccount (GL104030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-subaccount-gl104030/) windows to manage the visibility of accounts and subaccounts to users, but you cannot create restriction groups on these windows. > [!CAUTION] > By restricting the visibility of accounts, subaccounts, > and branches, you also restrict the visibility of the cash accounts that are linked to > the restricted entities. > It is recommended that you carefully configure restriction groups > that contain accounts, subaccounts, and branches because including these entities in > different restriction groups may block the processing of the associated cash > accounts. ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Accounts tab On this tab, you can view the list of general ledger accounts defined in the system and select those to be included in the restriction group.

Column	Description
Account	Read-only. The account that can be included in the restriction group.
Type	Read-only. The account type, which can be Asset, Liability, Income, or Expense.
Account class	Read-only. The account class to which this account belongs.
Active	Read-only. A check box that indicates (if selected) that the account is active.
Description	Read-only. The description of the account.
Currency	Read-only. The account currency, for a currency-denominated account.

## The Subaccounts tab By using this tab, you can view the list of subaccounts defined in the system and select those to be included in the restriction group. This tab is displayed on the window when the **By segmented key** mode is selected in the **Lookup mode** field in the [Segment keys (CS202000)](/visma-net-erp/help/common-settings/common-settings-windows/segment-keys-cs202000/) window for the **SUBACCOUNT** segmented key.

Column	Description
Subaccount	The subaccount to be included in the restriction group. You can click the subaccount to open the Subaccounts - reference information window.
Active	Read-only. A check box that indicates (if selected) that the subaccount is active.
Description	Read-only. The description of the subaccount.

## The Subaccount segments tab By using this tab, you can view the list of subaccount segment values by the segment ID defined in the system and select those to be included in the restriction group. This tab is displayed on the window when the **By segment: All avail. segment values** mode is selected in the **Lookup mode** field in the [Segment keys (CS202000)](/visma-net-erp/help/common-settings/common-settings-windows/segment-keys-cs202000/) window for the **SUBACCOUNT** segmented key.

Element	Description
Segment ID	The ID of the subaccount segment. When you select a value in this field, in the Segment values table, the system displays the list of the segment values that correspond to this ID.
Column	Description
Segment value	The value of the subaccount segment to be included in the restriction group.
Active	Read-only. A check box that indicates (if selected) that the subaccount segment is active.
Description	Read-only. The description of the subaccount segment.

Concepts

About restriction groups in Visma.net ERP

General ledger accounts by branch access (GL103040) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-accounts-by-branch-access-gl103040 page By using this window, you can create restriction groups for managing the visibility of general ledger accounts to branches, or modify existing restriction groups by adding or removing branches or accounts. 2026-02-19T17:09:06+01:00 # General ledger accounts by branch access (GL103040) By using this window, you can create restriction groups for managing the visibility of general ledger accounts to branches, or modify existing restriction groups by adding or removing branches or accounts. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. By using this window, you can create restriction groups for managing the visibility of general ledger accounts to branches, or modify existing restriction groups by adding or removing branches or accounts. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). > [!CAUTION] > By restricting the visibility of accounts, subaccounts, > and branches, you also restrict the visibility of the cash accounts that are linked to > the restricted entities. > We recommend that you carefully configure restriction groups > that contain accounts, subaccounts, and branches because including these entities in > different restriction groups may block the processing of the associated cash > accounts. ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Branches tab On this tab, you can view the list of the branches defined in the system and select the branches to be included in the restriction group.

Column	Description
Branch	The ID of the branch. Branches are defined in the Branches (CS102000) window.
Branch name	The name of the branch.
Posting ledger	The default posting ledger for the branch, which is specified in the Inter-branch account mapping (GL101010) window.

## The Accounts tab On this tab, you can view the list of General ledger accounts defined in the system and select those to be included in the restriction group.

Column	Description
Account	Read-only. The account that can be included in the restriction group.
Type	Read-only. The account type, which can be Asset, Liability, Income, or Expense.
Account class	Read-only. The account class to which this account belongs.
Active	Read-only. A check box that indicates (if selected) that the account is active.
Description	Read-only. The description of the account.
Currency	Read-only. The account currency, for a currency-denominated account.

Budget access (GL105030) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/budget-access-gl105030 page By using this window, you can create restriction groups for managing the visibility of budget articles to users, or modify existing restriction groups by adding or removing users or budget articles. 2026-02-19T17:09:06+01:00 # Budget access (GL105030) By using this window, you can create restriction groups for managing the visibility of budget articles to users, or modify existing restriction groups by adding or removing users or budget articles. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You can also use the [Restriction groups by budget article (GL105020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-budget-article-gl105020/) window to manage the visibility of budget articles to users, but you cannot create restriction groups on this window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/) ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Budget tree tab By using this tab, you can view the list of budget articles defined in the system and select those to be included in the restriction group.

Column	Description
Description	Read-only. The description of the node or the budget article.
Account	Read-only. The account of the budget article. The account is displayed only for budget articles that are not nodes.
Subaccount	Read-only. The subaccount of the budget article. The subaccount is displayed only for budget articles that are not nodes.
Account mask	Read-only. The account mask for the budget article. The account mask is displayed only for budget articles that are nodes.
Subaccount mask	Read-only. The subaccount mask for the budget article. The subaccount mask is displayed only for budget articles that are nodes.
Node	Read-only. A check box that indicates (if selected) that this budget article is a node.

Concepts

Tasks

Prepare a budget

Windows

Item access (IN103000) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/item-access-in103000 page By using this window, you can create restriction groups for managing the visibility of item classes and stock items to users, or modify existing restriction groups by adding or removing users, item classes, or stock items. 2026-02-19T17:09:06+01:00 # Item access (IN103000) By using this window, you can create restriction groups for managing the visibility of item classes and stock items to users, or modify existing restriction groups by adding or removing users, item classes, or stock items. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. > [!NOTE] > You can also use the [Restriction groups by item class (IN103010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-item-class-in103010/) and [Restriction groups by item (IN103020)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-item-in103020/) windows to manage the visibility of item classes and items to users, but you cannot create restriction groups in these windows. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this box is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full Name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Item classes tab By using this tab, you can view the list of item classes defined in the system and select those to be included in the restriction group.

Column	Description
Class ID	Read-only. The ID of the item class that can be included in the restriction group.
Description	Read-only. The description of the item class.

## The Items tab By using this tab, you can view the list of items defined in the system and select those to be included in the restriction group.

Column	Description
Item ID	The ID of the item that can be included in the restriction group.
Description	Read-only. The description of the item.

Windows

Project access (PM102000) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/project-access-pm102000 page By using this window, you can create restriction groups for managing the visibility of projects to users, or modify existing restriction groups by adding or removing users or projects. 2026-02-19T17:09:06+01:00 # Project access (PM102000) By using this window, you can create restriction groups for managing the visibility of projects to users, or modify existing restriction groups by adding or removing users or projects. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You can also use the [Restriction groups by project (PM102010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-project-pm102010/) window to manage the visibility of projects to users, but you cannot create restriction groups in this window. ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that (if selected) indicates that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Projects tab By using this tab, you can view the list of projects defined in the system and select those to be included in the restriction group.

Column	Description
Project ID	Read-only. The identifier of the project.
Description	Read-only. The description of the project.
Customer	Read-only. The customer associated with the project, if this project is external. For an internal project, no customer is specified.
Template	Read-only. The template used for creating this project, if applicable.
Status	Read-only. The status of the project.

Restricted entities (SM201040) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restricted-entities-sm201040 page In this window, you can view the restriction groups that contain a particular system entity, such as an stock item, a general ledger account, or a user, and change the visibility of the entity in the system by including the system entity in other restriction groups or excluding it from groups that currently contain it. 2026-02-19T17:09:06+01:00 # Restricted entities (SM201040) In this window, you can view the restriction groups that contain a particular system entity, such as an stock item, a general ledger account, or a user, and change the visibility of the entity in the system by including the system entity in other restriction groups or excluding it from groups that currently contain it. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. If a group includes particular users, only those users can view the group entities. If a group doesn't include users, the entities of different types included in the group can be used only with group members. You can create restriction groups for managing the visibility of a system entity by using the [Restriction groups (SM201030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-sm201030/) window or the window intended for entities of this type in the **Manage** section of the Row-level security workspace. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). CAUTION: By restricting the visibility of accounts, subaccounts, and branches, you also restrict the visibility of the cash accounts that are linked to the restricted entities. We recommend that you carefully configure restriction groups that contain accounts, subaccounts, and branches because including these entities in different restriction groups may block the processing of the associated cash accounts. ## The top part In this area, you can select the system entity type and the specific entity for which you want to view or edit its membership in restriction groups.

Element	Description
Entity type	The type of system entity.
Entity	The particular entity of the type you have selected.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the **Included** column is selected for each group that contains the selected entity. You can select and clear these check boxes to change the membership of the system entity in restriction groups.

Column	Description
Included	A check box that indicates (if selected) that the entity is included in the restriction group.
Group name	The name of the restriction group.
Description	The description of the restriction group.
Active	A check box that indicates (if selected) that the restriction group is active. The system does not enforce the restrictions of an inactive group.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups (SM201030) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-sm201030 page By using this window, you can create restriction groups for managing the visibility of system entities, or modify existing restriction groups by adding or removing system entities. 2026-02-19T17:09:06+01:00 # Restriction groups (SM201030) By using this window, you can create restriction groups for managing the visibility of system entities, or modify existing restriction groups by adding or removing system entities. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. By using this window, you can create restriction groups for managing the visibility of system entities, or modify existing restriction groups by adding or removing system entities. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). For simplicity, we recommend that you create restriction groups for use in specific workspaces by using the appropriate windows in the **Manage** section of the Row-level security workspace. ## The top part In this area, you can define a new restriction group or select an existing one for editing.

Element	Description
Group name	The unique group identifier. If you are defining a new group, type the name here. If you are modifying an existing group, select the group name.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect visibility of entities to users. By default, this check box is selected.
Group type	The type of the restriction group. You can select one of the following types: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Description	The description of the group.
Entity type	Required. The type of system entity that is included in the group.
Specific type	Optional. The system entity that is used by the system for filtering restriction groups on the Restriction groups tab of the entity window. The entity type selected in this field does not affect visibility of entities included in the restriction group.
Specific module	Optional. The two-letter code of the workspace where the group is displayed, if the group should be viewed in only a specific workspace. The workspace selected in this field does not affect visibility of entities included in the restriction group.

## The table You can use this table to view the list of system entities of the selected type and include any of them to the selected restriction group.

Column	Description
Included	A check box that you select to include the entity in the restriction group.
Entity	Read-only. A field that contains the ID of the particular entity and additional information about the entity; pieces of information are separated by commas.

Restriction groups by branch (GL103020) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-branch-gl103020 page In this window, you can view the restriction groups that contain a particular branch. 2026-02-19T17:09:06+01:00 # Restriction groups by branch (GL103020) In this window, you can view the restriction groups that contain a particular branch. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You can also change the visibility of the branch in the system by including it in other restriction groups or excluding it from groups that currently contain it. You can create restriction groups for managing the visibility of branches and general ledger accounts by using the [General ledger accounts by branch access (GL103040)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-accounts-by-branch-access-gl103040/) window, and for managing the visibility of branches and subaccounts by using the [Subaccounts by branch access (GL103060)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/subaccounts-by-branch-access-gl103060/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). > [!CAUTION] > By restricting the visibility of accounts, subaccounts, > and branches, you also restrict the visibility of the cash accounts that are linked to > the restricted entities. > We recommend that you carefully configure restriction groups > that contain accounts, subaccounts, and branches because including these entities in > different restriction groups may block the processing of the associated cash > accounts. ## The top part In this area, you can select the branch for which you want to view or edit its membership in restriction groups. You can also view the posting ledger of the selected branch.

Element	Description
Branch	The branch of your organisation whose membership in restriction groups you want to view (and edit, if needed) in the table.
Posting ledger	Read-only. The default posting ledger for the selected branch. The system fills in this field automatically once you select a branch, based on the settings established in the Inter-branch account mapping (GL101010) window.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the branch. You can select and clear these check boxes to change the membership of the branch in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by budget article (GL105020) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-budget-article-gl105020 page In this window, you can view the restriction groups that contain a particular budget article. 2026-02-19T17:09:06+01:00 # Restriction groups by budget article (GL105020) In this window, you can view the restriction groups that contain a particular budget article. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular budget article. You can also change the visibility of the budget article in the system by including it in other restriction groups or excluding it from groups that currently contain it. If the selected budget article is a node or if it contains subarticles, the same visibility restrictions will be applied to the subarticles. You can create restriction groups for managing the visibility of budget articles by using the [Budget access (GL105030)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/budget-access-gl105030/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the budget article for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected budget article.

Element	Description
Budget article	The budget article whose membership in restriction groups you want to view (and edit, if needed) in the table.
Account	Read-only. The account of the selected budget article if the article is not a node.
Subaccount	Read-only. The subaccount of the selected budget article if the article is not a node.
Node	Read-only. A check box that indicates (if selected) that the selected budget article is a node.
Account mask	Read-only. The account mask used for the selected budget article if the article is a node.
Subaccount mask	Read-only. The subaccount mask used for the selected budget article if the article is a node.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the budget article. You can select and clear these check boxes to change the membership of the budget article in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by customer (AR102010) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-customer-ar102010 page In this window, you can view the restriction groups that contain a particular customer account. 2026-02-19T17:09:06+01:00 # Restriction groups by customer (AR102010) In this window, you can view the restriction groups that contain a particular customer account. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular customer account. You can also change the visibility of the customer account in the system by including it in other restriction groups or excluding it from groups that currently contain it. > [!NOTE] > You can create restriction groups for managing the visibility of customer accounts by using the [Customer access (AR102000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/customer-access-ar102000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the customer account for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected customer account.

Element	Description
Customer no.	The customer account, by its number whose membership in restriction groups you want to view (and edit, if needed) in the table.
Status	Read-only. The status of the selected customer account: Active or Inactive.
Customer name	Read-only. The name of the selected customer, which is specified in the Customers (AR303000) window.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the customer account. You can select and clear these check boxes to change the membership of the customer account in restriction groups.

Element	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by general ledger account (GL104020) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-general-ledger-account-gl104020 page In this window, you can view the restriction groups that contain a particular General ledger account. 2026-02-19T17:09:06+01:00 # Restriction groups by general ledger account (GL104020) In this window, you can view the restriction groups that contain a particular General ledger account. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular General ledger account. You can also change the visibility of the account in the system by including it in other restriction groups or excluding it from groups that currently contain it. You can create restriction groups for managing the visibility of General ledger accounts by using the [General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). CAUTION: By restricting the visibility of accounts, subaccounts, and branches, you also restrict the visibility of the cash accounts that are linked to the restricted entities. We recommend that you carefully configure restriction groups that contain accounts, subaccounts, and branches because including these entities in different restriction groups may block the processing of the associated cash accounts. ## The top part In this area, you can select the general ledger account for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected general ledger account.

Element	Description
Account	The general ledger account whose membership in restriction groups you want to view (and edit, if needed) in the table.
Type	Read-only. The type of the selected account. For more information, see: About account types and classes.
Description	Read-only. The description of the selected account.
Account class	Read-only. The class of the selected account. For more information, see: About account types and classes
Currency	Read-only. The specific currency if the selected general ledger account is a currency-denominated account. (If this field is blank, the base currency is used for the account.)

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the account. You can select and clear these check boxes to change the membership of the general ledger account in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by item (IN103020) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-item-in103020 page In this window, you can view the restriction groups that contain a particular item. 2026-02-19T17:09:06+01:00 # Restriction groups by item (IN103020) In this window, you can view the restriction groups that contain a particular item. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular item. You can also change the visibility of the item in the system by including it in other restriction groups or excluding it from groups that currently contain it. > [!NOTE] > You can create restriction groups for managing the visibility of items by using the [Item access (IN103000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/item-access-in103000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the item for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected item.

Element	Description
Item ID	The identifier of the item whose membership in restriction groups you want to view (and edit, if needed) in the table.
Description	Read-only. The description of the selected item.
Item class	Read-only. The item class of the selected item.
Item status	Read-only. The status of the selected item.
Stock item	Read-only. A check box that indicates (if selected) that the selected item is a stock item.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the item. You can select and clear these check boxes to change the membership of the item in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Windows

Restriction groups by item class (IN103010) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-item-class-in103010 page In this window, you can view the restriction groups that contain a particular item class. 2026-02-19T17:09:06+01:00 # Restriction groups by item class (IN103010) In this window, you can view the restriction groups that contain a particular item class. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular item class. You can also change the visibility of the item class in the system by including it in other restriction groups or excluding it from groups that currently contain it. > [!NOTE] > You can create restriction groups for managing the visibility of item classes by using the [Item access (IN103000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/item-access-in103000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the item class for which you want to view or edit its membership in restriction groups. You can also view the description of the selected item class.

Element	Description
Class ID	The item class (by its identifier) whose membership in restriction groups you want to view (and edit, if needed) in the table.
Description	Read-only. The description of the selected class.

## The table In this table, you can view the full list of restriction groups in the system, along with basic information about each groups. The check box in the unlabelled Included column is selected for each group that contains the item class. You can select and clear these check boxes to change the membership of the item class in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Windows

Restriction groups by project (PM102010) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-project-pm102010 page In this window, you can view the restriction groups that contain a particular project. 2026-02-19T17:09:06+01:00 # Restriction groups by project (PM102010) In this window, you can view the restriction groups that contain a particular project. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular project. You can also change the visibility of the project in the system by including it in other restriction groups or excluding it from restriction groups that currently contain it. You can create restriction groups for managing the visibility of projects by using the [Project access (PM102000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/project-access-pm102000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/) ## The top part In this area, you can select the project for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected project.

Element	Description
Project ID	The project for which you want to view (and possibly edit) related restriction groups.
Status	Read-only. The status of the selected project.
Customer	Read-only. The customer for the selected project, if the project is external. For an internal project, this field is empty.
Template	Read-only. The template used for creating the selected project, if applicable.
Description	Read-only. The description of the selected project.

## The table In this table, you can view the full list of restriction groups in the system, along with basic information about each group. The check box in the unlabeled **Included** column is selected for each group that contains the selected project. You can select and clear these check boxes to change the membership of the project in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups

Restriction groups by sub segment (GL104040) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-sub-segment-gl104040 page In this window, you can view the restriction groups that contain a particular subaccount segment value. 2026-02-19T17:09:06+01:00 # Restriction groups by sub segment (GL104040) In this window, you can view the restriction groups that contain a particular subaccount segment value. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular subaccount segment value. You can also change the visibility of the subaccount segment value in the system by including it in other restriction groups or excluding it from groups that currently contain it. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the subaccount segment value for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected subaccount segment value.

Element	Description
Segment ID	The subaccount segment (by its identifier) for which you want to select a value.
Segment value	The segment value for the selected subaccount segment. In this field, you can select the subaccount segment value for which you want to view or edit its membership in restriction groups.
Description	Read-only. The description of the selected subaccount segment value.
Active	Read-only. A check box that indicates (if selected) that the selected subaccount segment value is active.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the subaccount segment value. You can select and clear these check boxes to change the membership of the subaccount segment value in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by subaccount (GL104030) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-subaccount-gl104030 page In this window, you can view the restriction groups that contain a particular subaccount. 2026-02-19T17:09:06+01:00 # Restriction groups by subaccount (GL104030) In this window, you can view the restriction groups that contain a particular subaccount. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular subaccount. You can also change the visibility of the subaccount in the system by including it in other restriction groups or excluding it from groups that currently contain it. You can create restriction groups for managing the visibility of subaccounts by using the [General ledger account access (GL104000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/general-ledger-account-access-gl104000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). CAUTION: By restricting the visibility of accounts, subaccounts, and branches, you also restrict the visibility of the cash accounts that are linked to the restricted entities. We recommend that you carefully configure restriction groups that contain accounts, subaccounts, and branches because including these entities in different restriction groups may block the processing of the associated cash accounts. ## The top part In this area, you can select the subaccount for which you want to view or edit its membership in restriction groups. You can also view the description of the selected subaccount.

Element	Description
Subaccount	The subaccount whose membership in restriction groups you want to view (and edit, if needed) in the table.
Description	Read-only. The description of the selected subaccount.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the subaccount. You can select and clear these check boxes to change the membership of the subaccount in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by user (SM201035) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-user-sm201035 page In this window, you can view the restriction groups that contain a particular user. 2026-02-19T17:09:06+01:00 # Restriction groups by user (SM201035) In this window, you can view the restriction groups that contain a particular user. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. In this window, you can view the restriction groups that contain a particular user. You can also change the visibility of the user in the system by including the user in other restriction groups or excluding it from groups that currently contain it. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the user for which you want to view or edit its membership in restriction groups. You can also view additional information about the selected user.

Element	Description
Login	The name of the user whose membership in restriction groups you want to view (and edit, if needed) in the table.
First name	Read-only. The selected user’s first name.
Last name	Read-only. The selected user’s last name.
Comment	Read-only. The comment provided for the selected user account.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the user. You can select and clear these check boxes to change the membership of the user in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Restriction groups by warehouse (IN102010) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-warehouse-in102010 page in this window, you can view the restriction groups that contain a particular warehouse. 2026-02-19T17:09:06+01:00 # Restriction groups by warehouse (IN102010) in this window, you can view the restriction groups that contain a particular warehouse. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. in this window, you can view the restriction groups that contain a particular warehouse. You can also change the visibility of the warehouse in the system by including it in other restriction groups or excluding it from groups that currently contain it. > [!NOTE] > You can create restriction groups for managing the visibility of warehouses by using the [Warehouse access (IN102000)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/warehouse-access-in102000/) window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can select the warehouse for which you want to view or edit its membership in restriction groups. You can also view the description of the selected warehouse.

Element	Description
Warehouse ID	The warehouse (by its identifier) whose membership in restriction groups you want to view (and edit, if needed) in the table.
Description	Read-only. The description of the selected warehouse.

## The table In this table, you can view the full list of restriction groups in the system, along with some basic information about each group. The check box in the unlabelled Included column is selected for each group that contains the warehouse. You can select and clear these check boxes to change the membership of the warehouse in restriction groups.

Column	Description
Group name	Read-only. The name of the restriction group.
Description	Read-only. The description of the restriction group.
Active	Read-only. A check box that indicates (if selected) that the restriction group is active. The system does not enforce restrictions imposed by inactive groups.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.

Windows

Subaccounts by branch access (GL103060) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/subaccounts-by-branch-access-gl103060 page By using this window, you can create restriction groups for managing the visibility of subaccounts to branches, or modify existing restriction groups by adding or removing branches or subaccounts. 2026-02-19T17:09:06+01:00 # Subaccounts by branch access (GL103060) By using this window, you can create restriction groups for managing the visibility of subaccounts to branches, or modify existing restriction groups by adding or removing branches or subaccounts. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. By using this window, you can create restriction groups for managing the visibility of subaccounts to branches, or modify existing restriction groups by adding or removing branches or subaccounts. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). CAUTION: By restricting the visibility of accounts, subaccounts, and branches, you also restrict the visibility of the cash accounts that are linked to the restricted entities. We recommend that you carefully configure restriction groups that contain accounts, subaccounts, and branches because including these entities in different restriction groups may block the processing of the associated cash accounts. ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Branches tab On this tab, you can view the list of the branches defined in the system and select the branches to be included in the restriction group.

Column	Description
Included	A check box that indicates (if selected) that the branch is included in the restriction group.
Branch	The ID of the branch. Branches are defined in the Branches (CS102000) window.
Branch name	The name of the branch.
Posting ledger	The default posting ledger for the branch, which is specified in the Financial year (GL101000) window.

## The Subaccounts tab On this tab, you can view the list of subaccounts defined in the system and select those to be included in the restriction group. This tab is displayed on the window when the **By segmented key** mode is selected in the **Lookup mode** field in the [Segment keys (CS202000)](/visma-net-erp/help/common-settings/common-settings-windows/segment-keys-cs202000/) window for the **SUBACCOUNT** segmented key.

Column	Description
Subaccount	The subaccount that can be included in the restriction group.
Active	Read-only. A check box that indicates (if selected) that the subaccount is active.
Description	Read-only. The description of the subaccount.

## The Subaccount segments tab On this tab, you can view the list of subaccount segment values by the segment ID defined in the system and select those to be included in the restriction group. This tab is displayed on the window when the **By segment: All avail. segment values** mode is selected in the **Lookup mode** field in the [Segment keys (CS202000)](/visma-net-erp/help/common-settings/common-settings-windows/segment-keys-cs202000/) window for the **SUBACCOUNT** segmented key.

Element	Description
Segment ID	The ID of the subaccount segment. When you select a value in this field, in the Segment values table, the system displays the list of the segment values that correspond to this ID.

Column	Description
Segment value	The value of the subaccount segment to be included in the restriction group.
Active	Read-only. A check box that indicates (if selected) that the subaccount segment is active.
Description	Read-only. The description of the subaccount segment.

Warehouse access (IN102000) /visma-net-erp/help/access-management/row-level-security/row-level-security-windows/warehouse-access-in102000 page By using this window, you can create restriction groups for managing the visibility of warehouses to users, or modify existing restriction groups by adding or removing users or warehouses. 2026-02-19T17:09:06+01:00 # Warehouse access (IN102000) By using this window, you can create restriction groups for managing the visibility of warehouses to users, or modify existing restriction groups by adding or removing users or warehouses. This topic provides information about the elements in this window in Visma Net, such as fields, field values, buttons, and check boxes. You can also use the [Restriction groups by warehouse (IN102010)](/visma-net-erp/help/access-management/row-level-security/row-level-security-windows/restriction-groups-by-warehouse-in102010/) window to manage the visibility of warehouses to users, but you cannot create restriction groups on this window. For more information about restriction groups, see: [About restriction groups in Visma Net](/visma-net-erp/help/access-management/row-level-security/about-restriction-groups-in-visma-net-erp/). ## The top part In this area, you can enter the settings of a new restriction group or select an existing group and edit its settings.

Element	Description
Group name	The name of the restriction group. You can type a name of a new group or select an existing group.
Description	The description of the restriction group. You can type a description if this field is empty or edit an existing description.
Group type	Read-only. The type of the restriction group: A, A inverse, B, or B inverse. For more information, see: About types of restriction groups.
Active	A check box that indicates (if selected) that the restriction group is active. You can clear the check box to make the group inactive, which means that restrictions imposed by the restriction group do not affect the visibility of entities to users. By default, this check box is selected.

## The Users tab On this tab, you can view the list of users defined in the system and select those to be included in the restriction group.

Column	Description
Login	Read-only. The login of the user.
Full name	Read-only. The full name of the user.
Comment	Read-only. The additional information that has been specified for the user in the Users (SM201010) window.

## The Warehouses tab By using this tab, you can view the list of warehouses defined in the system and select those to be included in the restriction group.

Column	Description
Warehouse ID	Read-only. The identifier of the warehouse.
Description	Read-only. The description of the warehouse.

Windows

Restriction groups by warehouse (IN102010)

Related pages

Windows

Related pages

Concepts

Related pages

Concepts

Related pages

Concepts

Windows

Related pages

Concepts

Windows

Related pages

Concepts

Related pages

Concepts

Related pages

Concepts

Tasks

Windows

Related pages

Tasks

Windows

Related pages

Tasks

Related pages

Concepts

Related pages

Concepts

Related pages

Concepts

Related pages

Concepts

Tasks

Windows

Related pages

Windows

Related pages

Windows

Related pages

Windows

Related pages

Windows

Related pages

Windows