cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ChaRM Job Roles

Go to solution
Former Member

on ‎07-20-2010 5:09 AM

0 Kudos

Hi,

While testing configuration, we have provided our developer the following job roles:

1. SAP_CM_SMAN_DEVELOPER

2. SAP_SOCM_DEVELOPER

3. SAP_SOCM_REQUESTER

However, he is able to authorize/reject change document. What could be the reason?

Regards,

Nayab

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-20-2010 7:13 PM
0 Kudos

In my last ChaRM implementation, we found there were lots of "opportunities" to improve on the standard delivered roles. What you are seeing is not uncommon, so make sure you continue to perform detailed security testing, ESPECIALLY if you deviate at all from the standard process.

Also follow SAP's recommendation and use copies of the delivered roles because you will make many, many updates to them.

I realize this doesn't provide a solution per se, but you need to understand that the delivered roles are not fully built out and require many changes based on your particular company's business process.

Regards,

Lori

Show replies
Show replies
Former Member
‎07-21-2010 5:16 AM
0 Kudos

Appreciate your reply Lori.

Can you please provide second level authorization of each job role that you used in your project, authorization object b_userstat. I'm confused of why sdcr_00 is provided in the standard developer's job roles.

Secondly, for urgentcorrections, we create document sdcr through slfn message. Where should the project team be defined, like who's the developer, tester, change manager etc. Each time the sdcr message is created, I've to manually assign business partners.

Regards,

Nayab

Former Member
‎07-21-2010 3:01 PM
0 Kudos

> 

> Appreciate your reply Lori.
> 
> Can you please provide second level authorization of each job role that you used in your project, authorization object b_userstat. I'm confused of why sdcr_00 is provided in the standard developer's job roles.
> 
> Secondly, for urgentcorrections, we create document sdcr through slfn message. Where should the project team be defined, like who's the developer, tester, change manager etc. Each time the sdcr message is created, I've to manually assign business partners.
> 
> Regards,
> Nayab

I don't have the detailed authorizations with me because I'm working on another customer's computer at their site, and I'm not a security expert. However, I can tell you that SDCR_00 is provided in the standard developer's job roles because some developer actions in the correction impact the change request document. For example, if a developer executes the action Withdraw Correction, the change request status is set to To Be Approved. This requires implicit authorization for developer to set a status on a change request, even though the developer would never do this manually.

To your second question, the answer would be in 2 parts:

(1) Change Manager could be set up via a rule based on information you capture in the SLFN document, such as application component. This is a standard partner function on SDCR so this is relatively simple to set up, and the steps to execute it are well documented on this forum.

(2) The other roles - developer, tester, etc. - are standard only on the correction itself. If you know them at the time of creation of the SDCR, you could create a custom partner determination schema which includes them, and then populate them on the change request, and set the copy control to pull them into the correction document. If you don't know them at the time of creation of the SDCR, you can just populate them manually on the correction (which is typical) or set up rules to define them. Note: I've found that setting up rules at this level on the correction document is not worth the effort - it's just as easy to populate them manually - but that's up to you and your process requirements.

I didn't provide detailed instructions on how to do this, but there are multiple threads on this forum that discuss it.

Good luck!

Lori

Former Member
‎07-25-2010 8:48 PM
0 Kudos

Thanks Lori. Issue is resolved as explained/suggested

Answers (0)

Ask a Question