on 09-15-2010 11:31 PM
Hi all,
Under the following scenario:
- ERM is the role management tool.
- Roles are generated from ERM to R/3 DEV System and then transported them from DEV to QA and PROD.
How would the role designer be able to transport role if we restrict access them from PFCG?
Which is the best practice for this scenario? Role designer will be using ERM for role definition but they will need to transport roles in the backend from DEV to QA and PROD.
Thanks for all. Best regards,
Imanol
Many thanks for your info FRank.
Where I could get details info regarding the authorizations objects related with PFCG in order to define a custom role for the "restricted PFCG"?
Many thanks in advance. Best regards,
Imanol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Imanol,
You can get this info regarding the authorizations objects related with PFCG in order to define a custom role for the "restricted PFCG" from the transaction SU24, where you can get the information regarding objects that you have in your system and also the objects that SAP recommends to be there with that particular transaction.
Regards,
Hersh.
Hi Imanol,
you can limit access to PFCG through S_USER_PRO and S_USER_AGR (amongst others).
S_USER_AGR ACTVT 21 is transpport authorization.
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.