We’re encountering an access denied error when trying to assign User Defined Object (UDO) roles to pricing analysts in the pricing management module on JDE 9.2.1. The error occurs specifically when assigning roles that should grant access to custom pricing UDOs we created for regional pricing strategies.
The UDO security groups appear to be configured correctly in P98OWSEC, and the roles have been created with appropriate permissions in Role Master (P95ROLE1). However, when we attempt to assign these roles to users, the system throws an access denied error and the assignment fails. Regular JDE roles assign without issues - only UDO-specific roles are problematic.
I’ve verified that the pricing analysts have base access to the pricing management module and can view standard pricing data. The issue only manifests when we try to grant them access to our custom UDO objects. Could there be a conflict between row security settings and UDO role permissions that’s blocking the assignment?
Excellent point about row security. I found several row security rules on pricing tables (F4106 and F4008) that restrict access by business unit. These rules were set up before we implemented the UDO objects. Could these pre-existing row security rules be preventing the UDO role assignment itself, or would they just limit data access after the role is assigned?
I’d also investigate row security conflicts. Row security rules can override UDO role permissions, especially in pricing modules where data is often segmented by region, business unit, or customer type. Go to Row Security Workbench (P95RSECW) and check if there are any row security rules applied to the pricing tables that your UDO objects reference. If row security is denying access at the data level, the UDO role assignment might succeed but appear to fail because users still can’t access the data. Run Security Workbench reports to identify any conflicts between row security and your UDO role definitions.
This sounds like a classic UDO security group hierarchy issue. When you created the UDO security groups, did you properly link them to the parent security groups in the User Security application? UDO roles require explicit parent-child relationships in the security hierarchy. If the UDO security group isn’t properly nested under a parent group that the user already has, the assignment will fail with access denied.