on 10-06-2010 12:21 AM
Hi,
In the correction process, we have Developer to set a correction into 'in development' status & have Change Manager to set this correction into 'to be tested' status. There are two actions between status 'in development' & to be tested'. They are 'release transport requests' & 'pass to test'. However, security is not able to control down to the action level. It is only able to control the status level (with the authorization code to each of the status).
Status 'in development'
Release Transport Request
Pass To Test
Status 'to be tested'
So, we have a situation that a developer has access to set 'in development 'that allow them to create transport & tasks; however, they also have access to Release Transport Request. This is problematic due to our auto schedule import (every 15 minutes) from dev to qa environment.
It appeared that the authorization will control the action leading to the status change - action to perform 'pass to test' will fail due to status change.
This is standard SAP out of box correction flow. How was intended to be used?
Thanks
Kalven
Hi,
please check the following note:
[1002541 - Extended authorization checks: Single tasks|https://service.sap.com/sap/support/notes/1002541]
Regards,
Christoph
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The note 1002541 already in our system due to our Support Pack version. however, it still need to be activated.
Once we select and executed "Check for special authorizations for individual tasks in Service Desk" under Extended Authorization Checks of Transaction: /tmwflow/config_lock, we were able to restrict task "Release Transport Request" from a ChaRM Correction.
Thanks,
Kalven
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Thanks for sharing Note 1002541 - Extended authorization checks: Single
tasks.
According to the note, we have applied the following:
Object Authorization /TMWFLOW/D (Task in Development Systems)
--> Authorization field: /TWMFLOW/T
--> Value: not to have 3000 (Release Transport Request)
However, it still does not restrict access on "Release Transport
Request" action
Does anyone able to restrict the action of Release Transport Request under In Developement status?
Thanks,
Kalven
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.