- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- HR data administration and reporting - restricting...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
HR data administration and reporting - restricting access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-09-2010 9:59 PM
Hello All
We have a single role for HR data adminsitrators. There is no distinction on PA, PSA u2013 no further breakdown u2013 everyone gets to see everything and they have access to change everything. How may we restrict access? Any help would be greatly appreciated.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2010 4:49 AM
Hi,
Please let me know if you are using Structural authorizations.
For non-structural security, without any breakdown on PA, PSA, EE groups/subgroups, you may use Organizational key (VDSK1 field of Auth object P_ORIGIN) to restrict the data access.
In the standard configuration, the field is filled with the values of Personnel Area and Cost Center.In Customizing activity, you can set up Organizational Key and define your own rules for the field. Ex: Organizational Key with an employeeu2019s Organizational Unit and Cost Center. It can be configured to include any of the data from Infotype 0001 (Organizational Assignment) within HR.
The Organizational Key essentially provides an additional user-defined field to be used for security restrictions.
Hope it helps!
Thanks,
Sandipan
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2010 4:49 AM
Hi,
Please let me know if you are using Structural authorizations.
For non-structural security, without any breakdown on PA, PSA, EE groups/subgroups, you may use Organizational key (VDSK1 field of Auth object P_ORIGIN) to restrict the data access.
In the standard configuration, the field is filled with the values of Personnel Area and Cost Center.In Customizing activity, you can set up Organizational Key and define your own rules for the field. Ex: Organizational Key with an employeeu2019s Organizational Unit and Cost Center. It can be configured to include any of the data from Infotype 0001 (Organizational Assignment) within HR.
The Organizational Key essentially provides an additional user-defined field to be used for security restrictions.
Hope it helps!
Thanks,
Sandipan
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2010 5:34 AM
Sandipan,
Thank you for your response! We are not using structural authorizations. If we are to use structural authorizations how can we implement the restriction?
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2010 5:42 AM
Hi,
You are welcome. Through Structural Authorizations you can achieve restrictions of access to HR data based on user's position in the organizational plan (OM based) combined with restrictions of PA infotypes as well. You may refer to HR940 for details and also lot of documents are available on implementation of structural based security over the web. You just need to google a bit
Since you said you don't have structural based security as of now, you may as well take the approach of restricting HR data on the basis of Org Key as I described in the above post.
Good luck!
Sandipan
- SAP Managed Tags:
- Security
