Question: We are creating derived roles, a master role with individual derived roles.
As we know the only values that don't get pushed down are the org. values.
However we are controlling on values that are not org levels. So I would like to make them org levels, for instance company code.
I know you can create org levels in SE38 with PFCG_ORGFIELD_CREATE.
However if you do this will it make company code an org value in every role that it exists?
If so do we have to go into every role or will a value be populated automatically from the role itself?
Is it possible to pick and chose which role you want the new org levels to adhere to?
Any help would be greatly appreciated!!!
Thanks!
Answer:
I know you can create org levels in SE38 with PFCG_ORGFIELD_CREATE.
However if you do this will it make company code an org value in every role that it exists?
Yes
If so do we have to go into every role or will a value be populated automatically from the role itself?
IIRC Values in the fields will become populated as org levels without any further action required from you
Is it possible to pick and chose which role you want the new org levels to adhere to?
No. This is the downside to creating org levels. You can force individual fields in roles to ignore org level behaviour but this is on a role by role basis and not practical to maintain. If you find yourself needing to do this then your design does not suit creating additional org levels.
Answer:
If you create an org level from a field you have already used you may not get the desired results. If you have mixed values in different authorizations where they need to be descrete for different object, the creation of the org level will combine ALL the values into all the authorizations. So be careful and analyse the results of the report BEFORE commiting the results.
Answer:
Test mode
Create org level field KOSTL
Update authorization value proposals (SU24 data)
Conflicts (manual follow-up needed)
Values collected in role: SAP_CA_CL_MAINTAIN
Original values:
Authorization objectAuthorization Values
I_KOSTL T_P092043200
New org level values:
*
Values collected in role: SAP_ESSUSER
Original values:
Authorization objectAuthorization Values
P_TRAVL T_8000022406
P_TRAVL T_8000022407 *
New org level values:
*
Values collected in role: SAP_HR_REPORTING
Original values:
Authorization objectAuthorization Values
P_TRAVL T_P092020100 *
New org level values:
*
01
Thanks so much for your help!!!
Answer:
Looking at my last reply, I didn't get the entire message in.
What is in the last reply is the report that you run PFCG_ORGFIELDS_CREATE, and the results that I get.
My question is why does it say (manual follow up needed) for some of the roles.
All roles affected are at the end of the report. But it lists out conflicts above the list.
Subscribe to:
Post Comments (Atom)
Content
-
▼
2009
(154)
-
▼
March
(128)
- background job failed because of authorization
- Background Jobs
- background jobs via background users
- Background Processing VS Batch processing
- Deleting a scheduled Background job in SAP
- Schedule Manager
- how you can assign a Background work process as a ...
- How To Delete a Scheduled Job in sap
- Checking your program Background Job Status
- Availability Check on Quotation
- SD material Determination based on availability check
- Creating Multiple Materials in Material Determination
- Backward and Forward Scheduling
- SAP Authorization Concept
- SAP’s TCODE checks with the authorization tool
- Listing TCODE transactions used to view what users...
- Authorization Check
- SAP BASIS (BC) Authorization Concepts
- Unlocking a blocked admin user ID in an Oracle DB
- How to Check Missing Authorisation for User
- SAP Profile Generator tables
- Query About Tcode PFCG
- How To Compare The Roles
- Creating New User With Authorizations
- Introduction on Authorizations
- Troubleshooting authorization in SAP R/3
- Shortcut to create role with many reports /tcode
- check which authorisation objects are checked with...
- What are the Authorizations Required
- How do I go about creating an authorization group
- Frequently Asked Questions on Authorization
- What is an Authorisation Object?
- Create authorization object
- Creating an auth group and assigning a table
- creating authorization levels
- Creating Authorization profile
- creating custamizing autharization objects
- Creating new authorization object
- Creating New Organizational Levels
- S_TABU_LIN
- S_TABU_LIN set up as organizational level
- S_TCODE
- S_TCODE check after upgrade to 4.7
- s_tcode display only problem
- S_TCODE is not in change mode
- S_TCODE Lookup
- S_TCODE with * Value
- S_TRANSPRT versus S_CTS_ADMI
- S_USER_ALL
- SAP Auditor role/authorization
- SU53 Authorization Check
- Authorizations in sap
- System Administration: Authorization Concepts
- Authorization Checks
- Authorization Check
- What is authorization
- auth/new_buffering
- Auditing Information System AIS
- Interview Questions
- Audit
- Audit and/or Authorization maintenance tools
- Deletion of Vendor Consignment Records
- Archive DEFINITION
- Applying Hot Packages Using OSS Material free down...
- Audit Information System
- Emergency Role Firefighting
- The Alert Monitor CCMS
- Technical Basics: Data Supplier in CCMS
- Changing Properties and Method Assignments
- Alerts CCMS
- Monitoring Objects and Attributes CCMS
- MTE Classes and Attribute Groups ccms
- Methods CCMS
- Operating the Alert Monitor CCMS
- Tutorial for the Alert Monitor CCMS
- Start and Change Monitors CCMS
- Actions in the Alert Monitoring Tree CCMS
- Selecting Nodes in the Alert Monitoring Tree CCMS
- Elements of the Alert Monitor CCMS
- Monitor Sets CCMS
- Monitors CCMS
- Alert Monitoring Tree CCMS
- Elements of the Alert Monitoring Tree
- Properties of Monitoring Objects and Attributes
- General Properties of Monitoring Tree Elements CCMS
- Properties of Log Attributes CCMS
- Properties of Performance Attributes CCMS
- Properties of Status Attributes CCMS
- Display Types and Views of the Alert Monitor CCMS
- Displaying the Technical View: Info on MTE
- Displaying the Technical View: Method Allocation
- Displaying the Technical View: Status Data Collector
- Displaying the Technical View: Status Autoreaction...
- Displaying the Technical View: Threshold Values CCMS
- Displaying the Technical View: Central Performance...
- Processing Alerts CCMS
- Starting Methods CCMS
- Completing Alerts CCMS
- Automatically Complete Alerts CCMS
- Display Completed Alerts CCMS
-
▼
March
(128)
0 comments:
Post a Comment