HR Security Role -- Concerns

Former Member · ‎08-30-2013

Hi ,

For comparing two security roles related to accessing HR data, I need some help..( Authorization obj P_ORIGIN & P_ORGXX)

These roles have a field SACHP(in P_ORGXX obj) which is Administrator for HR Master data. This field has different values for the two security roles....

I want to know what is the difference that comes when we access the hr data based on the restrictions on this field(SACHP)..

If the two roles are assigned to two different users, what difference will it make in their access..???

Pls do let me know if any more data is required...

Thanks,

Former Member · ‎08-31-2013

Hi Pradeep,

If you open Infotype 0001 for any employee record, you will see a field "Administrator Group" alternatively called "Administrator Area". This allows you to group employee records based on HR Master Data, Time and Payroll.

The advantage of having the above is to allow set of users access to a group of employee record. Hence this particular filed is used in Authorization check while accessing HR Master records.

But the question is How does this authorization check happens? And the answer is fields like SACHP, SACHZ in P_ORGIN/INCON, P_ORGXX/XXCON.

So to answer your question,

Let's say two roles R1 and R2 have SACHP values 001 and 002 respectively.

When R1 is assigned to User U1, then the user will only have HR Admin rights to employee records which have Administrator Group = 001 maintained in IT0001.

Similarly for R2.

This helps in categorization and distribution of responsibility within HR Admin team. Let me know if this helps.

Thanks,

Deb

HR Security Role -- Concerns

Accepted Solutions (0)

Answers (1)

Answers (1)

In SAP Hana Cloud, do packages exist as database o...

Re: Mass Update a Zfield in Std Table with Split &...

Re: Change BW Query Initial Variable Input at runt...

Invalid value of "AppName" in MDKProject.json. It ...

Re: How to write the sum of same values into each ...