on 08-03-2010 3:29 PM
Hi guys,
I have the following issue:
We have users that use firefighter and we have firefighter owners. The diference in between both of the on authorizations is that firefighters have auth object GRCFF_0001 and ACTVT * while the owners only have ACTV 02, 03 and 81.
The issue we have is, currently we have a user that will perform firefighter and be a firefighter owner. Because he gets from the firefighter ID * on actvt it overwrittes the 02, 03 and 81 for the owner meaning that he is able to assign any firefighter ID he wants, while he should only be able to assign firefighters that he is owner off.
Have you seen this issue before?
As the GRC FF ID needs value 36 this overwrittes the other values coming from GRC FF owner. We have tried already the configuration option u201CFirefighter Owner Additional Authorizationu201D to YES and NO and still no solution.
Any ideas?
Many thanks
pedro
Hi,
This issue has been resolved in GRC 5.3 SP12. Please check SAP note 1168121. Check below extract from this note:
o Firefighter Owner is able to assign the Firefighter IDs for which
he is not the Owner.
Thanks
Sunny
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
SAP note 1286000 doesn't exist
The thing is: the same user needs to have role /VIRSA/Z_VFAT_FIREFIGHTER and /VIRSA/Z_VFAT_ID_OWNER as he is supposed to perform both tasks. the thing is is this compliant? Because with the authorizations coming from role /VIRSA/Z_VFAT_FIREFIGHTER user will be able to perform as owner add any user even if he is not the owner.
thx
pedro
Moved to the GRC forum...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
16 | |
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.