12-16-2008 1:24 AM
Hi,
I'm implementing Structural Auths for a HCM implementation. The regular security is working for the regular users. My requirement was for 5 global managers, and I do need structural auths for them. My question is, in using position based security, do I need to assign all positions a structural auth, or can I just assign the managers one, and have a dummy structural auth? It's kind of unclear in the documenation how to handle users that don't need them? Thanks so much.
12-16-2008 1:38 PM
Hi Gigi
If you only want to use structural security for the Five managers, just assign the structural authorization to those five - (that is to their positions).
All users who are not assigned a to structural profile will get the structural profile assigned to SAP* in OOSB.
You can then restrict the structural access for the rest of the organization by creating at "Dummy" structural profile and assign it to SAP* in OOSB, or if you do not want any additional structural control, leave the SAP* user with the profile ALL, The structural access will then remain unchanged for the rest of your organisation
Regards
Morten Nielsen
12-16-2008 8:50 AM
Hello Gigi,
Thw basic idea behind indirect provisioning would be to create a role/position and define authorizations based on them. Then you provide all these positions etc to users directly, using various HR transactions.You can get a list of documents for the same topic from the websites, which you need to discuss with some HR consultant as this knd of provisioning involves a lot of HR activities, rather majorly its all about HR indirect provisioning.
Regards,
Hersh.
12-16-2008 1:38 PM
Hi Gigi
If you only want to use structural security for the Five managers, just assign the structural authorization to those five - (that is to their positions).
All users who are not assigned a to structural profile will get the structural profile assigned to SAP* in OOSB.
You can then restrict the structural access for the rest of the organization by creating at "Dummy" structural profile and assign it to SAP* in OOSB, or if you do not want any additional structural control, leave the SAP* user with the profile ALL, The structural access will then remain unchanged for the rest of your organisation
Regards
Morten Nielsen