dFac Roles, Security, and Access

dFac Roles

dFac Initiators can create dFac requests, which must be approved by at least one Approver. Initiators cannot view their own employee data or create a request for their own record.

dFac Approvers can approve, reject, or return dFac forms. Depending on their department's business processes, some users may have both Initiator and Approver roles. Initiator and Approver roles are handled by the Provost’s Office. Approvers must be on VPN, if working remotely, to see form attachments.

dFac Permissions

The data you can see in dFac is determined by your role and your organizational permissions. All dFac users have the “Faculty APT (dFac)” security role. This role lets you see the faculty and the dFac forms. Some dFac users also have an iForms role which enables them to use both dFac and iForms systems.

Your organizational permissions determine which faculty display using the "Search My Faculty" view. For example, if your permissions enable you to view the dFac data for members of the Cell Biology department, any faculty who either has a position in or a primary, secondary, joint, and administrative appointment in Cell Biology will be searchable using the "Search My Faculty" view.

dFac Access

To determine whether a position has dFac access, department-level administrators with adequate iForms clearance, known as SAP Security Initiators, can search by position in iForms and click on the position ID number. This opens the Security window; once it is open, click on the HR/Payroll tab, and review the column of iForms access options. If “Faculty APT (dFac)” is checked, the position holder has dFac access to at least one organization.

Click the Organizational Unit tab to review which organizations the role has access.

To determine whether a role has dFac approvals, SAP Security Initiators can search by position in iForms, and click on the position ID number. This opens the Security window; once it is open, click on the Workflow Approvals tab. In the screenshot below, the workflow approval labeled “SOM-MGM” has a checked box in the dFac column; this indicates that the position holder is a FS_LEVEL01 dFac approver for the SOM-MGM organization.

How to Request dFac Permission for New Users

If a new user needs dFac access, or if existing users need to change their organizational security (the organizations they have permission to see) here is how to submit a request.

1. Request a dFac login from their SAP Security Initiators, visible at the following address:
   http://finance.duke.edu/systems/reference/uas
2. The Security Initiator puts a login request into the Account Request database, which goes to Duke Financial Services’ Accounting Systems and Procedures.
3. Accounting Systems and Procedures requests approval from the dFac Administrator for the requestor's school. If approved, the login is created and the user is notified.