09-25-2008 2:47 AM
Hi all,
Our plant at Mexico need access to a table and we created a authrization group and assigned it to that table.
then i added that correspoding tcode(which contained the requested table) to parent role ( given access to S_TABU_DIS only for that specific authoization group)
But when i distributed the change, it was distributed to all child roles including US and Mexico.
Is there any way that i can keep this one only for Mexico Child roles and not for US child roles.
Thanks,
SSSSSS
09-25-2008 4:37 AM
Hello Sun,
The whole point of having a Parent--child role concept is that the common objects will be added to the parent role and then distributed to all the child roles. And the values contained in the auth objects will be customized.
Well, if you want S_TABU_DIS specifically for the Mexico plants, you have to manually maintain the object in the Mexico plant roles.
Then the question is, is the Z(custom)Transaction needed in the praent role anymore since the related object is not.
One option could be to leave the transaction in the parent role but maintain S_TABU_DIS with the specific auth group in the local roles manually.
The other option is to create a specific role for this purpose and assign only this to the Mexico plants. (if this is worth the effort)
Regards,
Prashant
09-25-2008 4:37 AM
Hello Sun,
The whole point of having a Parent--child role concept is that the common objects will be added to the parent role and then distributed to all the child roles. And the values contained in the auth objects will be customized.
Well, if you want S_TABU_DIS specifically for the Mexico plants, you have to manually maintain the object in the Mexico plant roles.
Then the question is, is the Z(custom)Transaction needed in the praent role anymore since the related object is not.
One option could be to leave the transaction in the parent role but maintain S_TABU_DIS with the specific auth group in the local roles manually.
The other option is to create a specific role for this purpose and assign only this to the Mexico plants. (if this is worth the effort)
Regards,
Prashant
09-25-2008 5:25 AM
Hi Prasanth,
but if you change the authorizations manually in child role, when i make the next modification in parent role and push the changes, it will overwrite the authorizations that i maintained locally in child roles, isn't?
thanks,
SSSS
09-25-2008 7:11 AM
> but if you change the authorizations manually in child role, when i make the next modification in parent role and push the changes, it will overwrite the authorizations that i maintained locally in child roles, isn't?
That is correct and it is expected behaviour. I advise you to create a separate role for this table maintenance. Especially since you've created a custom transactions for maintaining this specific table. The parent-derived concept is not meant to have differences in transactions between parents and children or amongst the children.
Edited by: Jurjen Heeck on Sep 25, 2008 3:49 PM (typo, nothing serious)