To be able to use the @MAKEMEMBERS tool, an associated object set also named @MAKEMEMBERS must be enabled by a system administrator for those users who are allowed to use the tool.
An installation has a large number of object sets, each with a large number of objects and a large user population for which the object sets must be enabled. When an object set is being enabled for a large number of users, it can be difficult to update the member lists via the object set due to locking problems. It can also take a long time, since a simple enable can involve hundreds of permissions list updates.
Consider updating the member lists in batch mode. This means that you must somehow specify the desired effect of the batch processing prior to running the batch job. Authorized users of @MAKEMEMBERS can set the member lists for a given object set. Then the batch job updates the member list, updating all affected permissions lists according to the information supplied by @MAKEMEMBERS. To ensure only authorized users make such changes, there is an object set also called @MAKEMEMBERS that must be enabled for such users.
When you are authorized to use @MAKEMEMBERS, you execute the rule and see a member list much like that for an object set’s ENABLE list. From here, you can update member list accordingly and save the list for the subsequent BATCH_ENABLE job.