Share via


Microsoft BHOLD Suite - How to use Model Loader files

Overview

The BHOLD Model Loader is a file based utility program that can be used to initialize or update a BHOLD Role Model. The utility takes an XML files and imports that file into a BHOLD database. One application that you can use to generate a Model Loader XML file is BHOLD Model Generator, but you can also create a new Model Loader XML file from scratch.

One common use of Model Loader is the scenario where an existing BHOLD Role Model is exported in an XML dataset that can be consumed by the Model Loader utility to merge changes from a staging environment into a production model.

This document describes the format dataset that is being generated by Model Generator and can be consumed by Model Loader.

Model Generator and Model Loader can also be used to port an existing production BHOLD Role Model to a staging environment.

For more information about Model Generator, please refer to http://technet.microsoft.com/en-us/library/dn320950(v=ws.10).aspx

For information about using Model Loader, please refer to http://technet.microsoft.com/en-us/library/dn320947(v=ws.10).aspx

↑ Return to top


Dataset organization

The input for Model Loader is a standard XML file. The model is partitioned by the following sequence of objects:

  • BHOLD Extensible Object Definitions
  • Applications and Permissions
  •  Organizational Tree
  • Roles and Permission
  • Role Policies
  • Role Tree
  • Object Ownerships
  • Organizational Unit & Role binding
  • Users
  • Application Accounts
  • Explicit Role & User binding

All XML elements need to following common format:

Element Attribute Description
Object element   BHOLD object name, like:

·         object

·         role

·         orgunit

  Name The unique name of a BHOLD Object.
  Other Object Specific
Sub element   Object bindings, parent to child.
Example(s)
<object name=’User’> … </object> References the BHOLD User object.
<role name=’clerk’>…</role> References, creates or updates a BHOLD Role object named clerk.
<role name=’clerk’>         <user name=’kevin’ alias=’kevd/> </role>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Bind a user with the alias kevd to the role.

 

Model loader can be used to remove objects from a target model by using the obsolete element.

Element Attribute Description
Sample(s)
<role name=’clerk’>     <obsolete>         <user name=’kevin’ alias=’kevd/>     </obsolete> </role>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Unbind a user with the alias kevd from the role.

<obsolete>      <role name=’clerk’>         <obsolete>           <user name=’kevin’ alias=’kevd/>          </obsolete>     </role> </obsolete>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Unbind a user with the alias kevd from the role.

3.      Deletes the role

 

↑ Return to top


Object elements

Orgunit element

Element Attribute Description
orgunit   Defines an organizational unit to be referenced, created or deleted.  When the top most organizational unit in the dataset is not found in the target model then it created under the root an organizational unit.
  name Required. The unique name of an organizational unit.
  type Optional. The organizational unit type name. Organizational unit may be classified. For display, documentation & synchronization purposes only.
  Any other attribute Optional. The defined extensible attributes for the BHOLD OrgUnit object.
Possible parent elements
  orgunit Optional. Any child organizational unit.
  role Optional. Any role to be bound either effective or optional to organizational unit.
     
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  orgunit Optional. Any child organizational unit.
  role Optional. Any role to be bound either effective or optional to organizational unit.
  user Optional. Any user or person who is member of the organizational unit.
  supervisor Optional. Bind an internal authorization object to the organization unit.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Example
<orgunit name=’acme laundry services’> … </object> A BHOLD OrgUnit, named acme laundry services, is created under the root.
<orgunit name=’acme laundry services’>       <orgunit name=’going green’ type=’project’ /> </orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD Orgunit, named going green, is:

a.       Referenced and moved as child.

b.      Is created as child.

c.       The orgunit type is changed to project.

Note: The project type must have been declared priorly.
<orgunit name=’acme laundry services’>       <user name=’kevin’ alias=’kevd/> </orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD User, named Kevin, is:

a.       Referenced and bound as member.

b.      Is created as member.

↑ Return to top


 Application element

Element Attribute Description
application   Defines an application to be referenced, created or deleted.
  name Required. The unique name of an application.
  parameter Required. The application type name. Application may be classified. For display, documentation & synchronization purposes only.
  description Optional. A descriptive text for the application.
  module Obsolete.
  protocol Obsolete.
  Any other attribute Optional. The defined extensible attributes for the BHOLD Application object.
Possible parent elements
     
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  permission Optional. Any authorization object within the application to which users may be granted access.
  account Optional. The user account for persons bound to this application.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
  supervisor Optional. Bind an internal authorization object to the application.
Example
<application name=’acme laundry services’> … </object> A BHOLD Application, named acme laundry services, is created under the root.
<application name=’acme laundry services’>       <permission name=’createorder’ description=’Create a work order’ /> </application>

1.      A BHOLD Application, named acme laundry services, is reference or created under the root.

2.      A BHOLD Permission, named createorder, is:

a.       Referenced and updated.

b.      Is created as application member.

↑ Return to top


Permission element

Element Attribute Description
permission   task   Defines a permission to be referenced, created or deleted.
  name Required. The unique name of a permission.
  description Optional. A possible explanation or description of a permission.
  cat Optional. Used to declare a permission as context adaptable.
  max-roles Optional. The maximum number of roles to which this permissions may be bound.
  max-users Optional. The maximum number of users to which this permissions may be granted.
  Any other attribute Optional. The defined extensible attributes for the BHOLD Permission object.
Possible parent elements
  Application Optional. The parent application for the permission.
  role Optional. The role to which the permission is to be bound.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  permission Optional. Any authorization object within the permission to which users may be granted access.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
  supervisor Optional. Bind an internal authorization object to the permission.
Example(s)
<permission name=’acme laundry services’> … </object> A BHOLD Permission, named acme laundry services, is referenced.
<application name=’acme laundry services’>       <permission name=’createorder’ description=’Create a work order’ /> </application>

1.      A BHOLD Application, named acme laundry services, is reference or created under the root.

2.      A BHOLD Permission, named createorder, is:

a.       Referenced and updated.

b.      Is created as application member.

↑ Return to top


 Role element

Element Attribute Description
role   Defines a role to be referenced, created or deleted.
  name Required. The unique name of a role.
  Proposed Optional. Declare how the role will be bound to an organization unit. Only valid when binding.
  cat Optional. Used to declare the role as context adaptable. Context adaptable permissions may only be bound to roles who are declared as context adaptable.
  sv Optional. Used to declare the role as a supervisor role.
  Inherit-roles Optional. Declares that the role will be inherited by child organizational units. Only valid when binding roles to organizational units.
  max-sub-roles Optional. The maximum number of child roles to be bound to this role.
  max-users Optional. The maximum number of users which may be granted this role.
  max-permissions Optional. The maximum number of permissions which may be bound to this role.
  replace-permissions Optional. Declares that all permission sub elements will replace the existing role permission content in the target model.
  replace-roles Optional. Declares that all role sub elements will replace the existing role content in the target model.
  replace-users Optional. Declares that all user sub elements will replace the existing role members in the target model.
  Any other attribute Optional. The defined extensible attributes for the BHOLD Role object.
Possible parent elements
  role Optional. Any child role.
  role Optional. Any role to be bound either effective or optional to role.
     
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  role Optional. Any child role.
  role Optional. Any role to be bound either effective or optional to role.
  user Optional. Any user or person who is member of the role.
  supervisor Optional. Bind an internal authorization object to the organization unit.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Example(s)
<role name=’acme laundry services’> … </object> A BHOLD Role, named acme laundry services, is created.
<role name=’acme laundry services’>       <role name=’going green’ type=’project’ /> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A BHOLD Role, named going green, is:

a.       Referenced and moved as child.

b.      Is created as child.

<role name=’acme laundry services’>       <user name=’kevin’ alias=’kevd/> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created.

2.      A BHOLD User, named Kevin, is: Referenced and bound as member.

<role name=’acme laundry services’ proposed=’yes’>       <orgunit name=’shiproom’ /> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created.

2.      A BHOLD Orgunit, named shiproom, is referenced and created if needed.

3.      The role is bound optionally to the orgunit.

<orgunit name=’shiproom’ />    <role name=’acme laundry services’ proposed=’yes’> </orgunit>

1.      A BHOLD Orgunit, named shiproom, is referenced and created if needed.

2.      A BHOLD Role, named acme laundry services, is reference or created.

3.      The role is bound optionally to the orgunit.

↑ Return to top


Rule/Policy element

Element Attribute Description
and   Defines a policy for a role to be referenced, created or deleted.
  name Required. The unique name of a role.
Parent elements
  role Required. The role for which a policy is to be created.
Sub elements
  Avp Optional. The conditions to be applied.
Example(s)
<role name=’acme laundry services’>       <and name=’must be local’ >            <avp  name=’workplace’ value=’local’   />       </and> </role>

3.      A BHOLD Role, named acme laundry services, is reference or created under the root.

4.      A policy, named must be local, is created.

5.      The condition is the user’s workplace attribute value must be local.

 

Element Attribute Description
avp   Definies a binary condition for a policy.
  name Required. The unique name of a role.
  Value Require. The value to be tested.
Parent elements
  And Required. The policy for which the condition is created.
Sub elements
     
Example(s)
<role name=’acme laundry services’>       <and name=’must be local’ >            <avp  name=’workplace’ value=’local’   />       </and> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A policy, named must be local, is created.

3.      The condition is the user’s workplace attribute value must be local.

↑ Return to top


 User element

Element Attribute Description
user   Defines a user to be referenced, created or deleted.
  Alias Required. The unique and default alias or account name. The alias is used as the user’s  primary key.
  name Required. The non unique name of a user.
  language Optional. The language name. Defines the display language for the user in the BHOLD standard user interface.
  relationship Optional. When two user objects are linked then this attribute declares the relationship between these two objects.
  max-roles Optional. The maximum number of active roles which may bound to this user.
  max-permissions Optional. The maximum number of permissions which may be bound to this user.
  enddate Optional. The date on which the user must be terminated. On enddate all user authorization are revoked.
  disabled Optional. Declares the user as enable or disabled. A disabled user remains member of any orgunit, role or application but will loose all permissions.
  Any other attribute Optional. The defined extensible attributes for the BHOLD User object.
Possible parent elements
  Application Optional. The parent application for the user.
  role Optional. The role to which the user is to be bound.
  orgunit Optional. The organizational unit to which the user is to be bound.
  user Optional. A secondary user to which the user is to be bound.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  orgunit Optional. The organizational to which the user is to be bound.
  role Optional. The role to which the user is to be bound.
  user Optional. A secondary user to which this user is bound.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
  supervisor Optional..
Example(s)
<orgunit name=’acme laundry services’>       <user name=’kevin’ alias=’kevd/> </orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD User, named Kevin, is:

a.       Referenced and bound as member.

b.      Is created as member.

↑ Return to top


 Application account or User Alias element

Element Attribute Description
alias   Defines a user to be referenced, created or deleted.
  name Required. The application specific user name or account.
  Any other attribute Optional. The defined extensible attributes for the BHOLD User object.
Parent elements
  Application Required. The application for which account are set.
  user Required. The user for which an application account is created.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Sample(s)
<application name=’acme laundry services’>       <user name=’kevin’ >            <alias name=’XVK123’ />       </user> </application>

1.      Application acme laundry services is referenced to define account.

2.      A BHOLD User, named Kevin, is referenced.

3.      The account XVK123 is created for user Kevin on application acme laundry services.

↑ Return to top


Supervisor element

Element Attribute Description
supervisor   A supervisor role is a role with built-in behavior with BHOLD.
  name Required. The unique name of a role.
  Any other attribute See the role element for attribute details.
Possible parent elements
  application Optional. The application being managed with this supervisor role.
  Role Optional. The role being managed with this supervisor role.
  permission Optional. The permission being managed with this supervisor role.
  orgunit Optional. The organizational unit being managed with this supervisor role.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
  application Optional. The application being managed with this supervisor role.
  Role Optional. The role being managed with this supervisor role.
  permission Optional. The permission being managed with this supervisor role.
  orgunit Optional. The organizational unit being managed with this supervisor role.
  User Optional. The user who is granted supervisorship over the supervisor role content.
  obsolete Optional. Declares the sub elements of the object element must be purged from the target.
Sample(s)
<supervisor name=’acme laundry services sv role’> … </supervisor> A BHOLD Role, named acme laundry services sv role’, is created.
<role name=’acme laundry services’>       <supervisor name=’acme laundry services sv role’ /> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A BHOLD Supervisr Role, named acme laundry services sv role, is:

a.       Referenced or created and bound for supervisorship of the role.

<supervisor name=’acme laundry services sv role’ >       <user name=’kevin’ alias=’kevd/> </supervisor>

1.      A BHOLD Role, named acme laundry services sv role, is reference or created.

2.      A BHOLD User, named Kevin, is: Referenced and made supervisor of all objects bound to the supervisor role.

↑ Return to top


Clearance element

 

Element Attribute Description
clearance   Forces controlled cleaning of the target BHOLD Role Model
  empty-roles Optional. Will delete all empty roles.
  unused-roles Optional. Will delete all roles not bound to any user.
  unused-permissions Optional. Will delete all permissions not granted to any user.
  obsolete-users Optional. Will delete all users without any granted permission.
Example
< clearance empty-roles=”yes”  unused-roles=”yes”  unused-permissions=”yes”  obsolete-users=”yes”  /> All unused and empty roles, permissions and users are deleted.

↑ Return to top


Object element

Element Attribute Description
object   References a built-in extensible BHOLD object.
  name Required. The BHOLD object name. Must be Role, OrgUnit, Application, Permission, User or Account.
Possible Sub elements
  attributeset Optional. Defines a group of ordered attributes on an extensible.
Example(s)
<object name=’Role’> … </object> References the BHOLD Role object.
<object name=’OrgUnit’>       <attributeset name=’WorkFlow’ >             …       </attributeset> </object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.

↑ Return to top


Attributeset element

Element Attribute Description
attributeset   References or creates an group of attributes to be bound to BHOLD Extensible objects.
  name Required. The attribute set name.   Note: Attribute sets can be bound to multiple BHOLD Extensible objects.
  english The display name in English.
  dutch The display name in Dutch.
  visible Optional. Declares the attribute to be visible or invisible in the BHOLD Administrative User Interface.
Possible parent elements
  object Optional. The BHOLD Extensible object to which the attribute set is to be bound.
Possible Sub elements
  attribute Optional. Defines the attributes contained in the set.
Example(s)
<object name=’OrgUnit’>       <attributeset name=’WorkFlow’ >            <attribute name=’Approver1’ … />            <attribute name=’Approver2’ … />       </attributeset> </object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.

3.      References or creates attributes Approver1 and Approver2.

4.      Bind the attributes to the set.

↑ Return to top


Attribute element

Element Attribute Description
Attribute   References or creates attributes to be bound to BHOLD Extensible objects through attributes sets.
  name Required. The attribute name.   Note: Attribute can be bound to multiple BHOLD Extensible objects.
  english Required. The display name in English.
  dutch Optional. The display name in Dutch.
  type Optional. The data type for the attribute.
  ength Optional. The maximum number of characters.
  default defaultvalue Optional. A default value.
     
Possible parent elements
  attributeset Optional. Defines the attributes contained in the set.
Possible Sub elements
  Attributevalue Optional.
Example(s)
<object name=’OrgUnit’>       <attributeset name=’WorkFlow’ >            <attribute name=’Approver1’ … />            <attribute name=’Approver2’ … />       </attributeset> </object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.

3.      References or creates attributes Approver1 and Approver2.

4.      Bind the attributes to the set.

↑ Return to top


Example of a Model Loader file 

<?xml version="1.0" encoding="UTF-16"?> 
<bhold> 
  <!--ObjectTypes - Attribute Sets - Attributes-->
  <object name="Application"> 
    <attributeset name="Attestation Attributes" english="Attestation Attributes"> 
      <attribute name="steward1" english="steward1" /> 
    </attributeset> 
  </object> 
 
  <object name="OrgUnit"> 
    <attributeset name="Custom OrgUnit Attributes" english="Custom OrgUnit Attributes"> 
      <attribute name="Managers_CorporateKey" english="Managers_CorperateKey" /> 
      <attribute name="OU_Description" english="OU_Description" /> 
    </attributeset> 
  </object> 
 
  <object name="Permission"> 
    <attributeset name="Custom Permission Attributes" english="Custom Permission Attributes"> 
      <attribute name="Application_Owner_ID" english="Application_Owner_ID" /> 
    </attributeset> 
 
    <attributeset name="test" english="test"> 
      <attribute name="Address" english="Address" /> 
      <attribute name="B1EnforceABARepeatInterval" english="B1EnforceABARepeatInterval" /> 
      <attribute name="B1EnforceABAStartHour" english="B1EnforceABAStartHour" /> 
      <attribute name="bholdAliasFormula" english="bholdAliasFormula" /> 
    </attributeset> 
  </object> 
 
  <object name="Role"> 
    <attributeset name="Common Role Attributes" english="Common Role Attributes"> 
      <attribute name="ManagedByFIM" english="ManagedByFIM" /> 
      <attribute name="Role_Class" english="Role_Class" /> 
      <attribute name="RoleType" english="RoleType" /> 
    </attributeset> 
 
    <attributeset name="Custom Role Attributes" english="Custom Role Attributes"> 
      <attribute name="Role_Description" english="Role_Description" /> 
    </attributeset> 
  </object> 
 
  <object name="System"> 
    <attributeset name="bholdAttestationSettings" english="bholdAttestationSettings"> 
      <attribute name="bholdAttestationServiceInterval" english="bholdAttestationServiceInterval" /> 
    </attributeset> 
  </object> 
 
  <object name="User"> 
    <attributeset name="Common User Attributes" english="Common User Attributes"> 
      <attribute name="Email" english="Email" /> 
    </attributeset> 
 
    <attributeset name="Custom User Attributes" english="Custom User Attributes"> 
      <attribute name="Days_lst_log" english="Days_lst_log" /> 
      <attribute name="Employee_Type" english="Employee_Type" /> 
      <attribute name="Job_Title" english="Job_Title" /> 
      <attribute name="Status" english="Status" /> 
      <attribute name="steward1" english="steward1" /> 
      <attribute name="Valid_NDA" english="Valid_NDA" /> 
    </attributeset> 
  </object> 
 
  <!-- START OF Create applications and permissions -->
  <application name="Active Directory" module="" parameter="0" protocol=""> 
    <Permission name="Department Share (CAP)" description="Department Share (CAP)" /> 
    <Permission name="Domain administrator" description="Domain administrator" /> 
    <Permission name="File Share (CAP)" description="File Share (CAP)" /> 
  </application> 
  <!-- END OF   Create applications and permissions -->
 
  <!-- START OF Build of organization structure -->
  <orgunit name="root" type="root"> 
    <orgunit name="Test123" type="root" /> 
    <orgunit name="The Company" type="root" Managers_CorperateKey="ABERCROMBIEKIM" OU_Description="The Company"> 
      <orgunit name="BU1 Finance" type="root" Managers_CorperateKey="ABOLROUSHAZEM" OU_Description="BU1 Finance"> 
        <orgunit name="Financial Administration" type="root" Managers_CorperateKey="ADAMSTERRY" OU_Description="Financial administration"> 
          <orgunit name="Accounts Payable" type="root" Managers_CorperateKey="AFFRONTIMICHAEL" OU_Description="Accounts Payable" steward1="AFFRONTIMICHAEL" /> 
          <orgunit name="Control" type="root" Managers_CorperateKey="AGARWALNUPUR" OU_Description="Control" /> 
          <orgunit name="Finance" type="root" Managers_CorperateKey="AGARWALMANOJ" OU_Description="Finance" /> 
        </orgunit> 
      </orgunit> 
    </orgunit> 
  </orgunit> 
  <!-- END OF   Build of organization structure -->
 
  <!-- START OF Roles definitions -->
  <role name="Accountant" Role_Description="Accountant"> 
    <task name="Select-Invoice-For-Payment" description="Select-Invoice-For-Payment" /> 
  </role> 
 
  <role name="Accounts Payable Clerk" Role_Description="Accounts Payable Clerk"> 
    <task name="Ticket Creation" description="Ticket Creation" /> 
    <task name="View-Payment-Overview" description="View-Payment-Overview" /> 
    <task name="View-Production-Status" description="View-Production-Status" /> 
    <task name="GgpApp-Create-invoice" description="GgpApp-Create-invoice" /> 
    <task name="GgpApp-Invoice-overview" description="GgpApp-Invoice-overview" /> 
    <task name="GgpShr-Invoice-Overdue-Overview" description="GgpShr-Invoice-Overdue-Overview" /> 
    <task name="GgpShr-Monthly-reports" description="GgpShr-Monthly-reports" /> 
  </role> 
  <!-- END OF   Roles definitions -->
 
  <!-- START OF Role Supervisorships -->
  <role name="Accounts Payable Clerk"> 
    <supervisor name="SV-Accounts Payable Clerk-Regular" /> 
  </role> 
 
  <role name="Attestor"> 
    <supervisor name="SV-Attestor-Regular" /> 
  </role> 
 
  <orgunit name="The Company"> 
    <supervisor name="SV_The Company" /> 
  </orgunit> 
  <!-- END OF  OrgUnit Supervisorships -->
 
  <!-- START OF Role rules (ABA) -->
  <role name="SV_3rd party manufacturing"> 
    <and> 
      <avp name="Job_Title" value="Manager" /> 
    </and> 
  </role> 
 
  <role name="SV_Accounts Payable"> 
    <and> 
      <avp name="Job_Title" value="Manager" /> 
    </and> 
  </role> 
  <!-- END OF   Role rules (ABA) -->
 
  <!-- START OF Roles structure -->
  <role name="Accountant"> 
    <role name="Invoice Approval" /> 
  </role> 
  <!-- END OF   Roles structure -->
 
  <!-- START OF Link effective roles the organization structure -->
  <orgunit name="root"> 
    <role name="TestRole123" cat="yes" /> 
  </orgunit> 
  <!-- END OF   Link effective roles the organization structure -->
 
  <!-- START OF Add users to the organization structure -->
  <orgunit name="root"> 
    <user name="Root" alias="ILM-VM-SERVERAD\Administrator" language="en" /> 
  </orgunit> 
 
  <orgunit name="BU1 Finance"> 
    <user name="Abolrous, Hazem" alias="ABOLROUSHAZEM" language="en" Days_lst_log="5" Email="Abolrous.Hazem@Contoso.com" Employee_Type="Internal" Job_Title="Sales Representative" Status="Active" Valid_NDA="Y" /> 
  </orgunit> 
  <!-- END OF   Add users to the organization structure -->
 
  <!--Application User Aliases-->
  <application name="Active Directory"> 
    <user name="ABOLROUSHAZEM"> 
      <alias name="ABOLROUSHAZEM" /> 
    </user> 
 
  <application name="Payments_Processor"> 
    <user name="ALLENMICHAEL"> 
      <alias name="ALLENMICHAEL" /> 
    </user> 
  </application> 
 
  <!-- START OF Activate roles for users -->
  <role name="SV_BU1 Finance"> 
    <user name="Abolrous, Hazem" alias="ABOLROUSHAZEM" language="en" /> 
  </role> 
  <!-- END OF   Activate roles for users -->
 
</bhold>

↑ Return to top