on 03-26-2014 1:19 PM
Hi,
While creating roles in BRM, it picks up the default system maintained in "Action Mapping" in SPRO. I was wondering if the same role can be moved (created/modified) in multiple systems at the same time.
Please advise.
Regards,
Faisal
Hi Faisal,
Yes, if you create connection group (roles will be automatically created on each connector / system in group), maintain also parameter 3012 (Allow Role Generation on Multiple Systems).
Best regards, Andrzej
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Andrez,
Does it mean that roles will not be transported using TRs, which is a traditional method for transporting roles to different systems?
If these roles are created in multiple systems, then will they be created at once as soon as the role owner has approved or first development, then quality, and once UAT is completed in quality, it is moved to production system?
Please help me understand this further.
Regards,
Faisal
Hi Faisal,
if you create roles directly from BRM (e.g. in DEV & QA environments) those roles will be created directly in those systems together with generated profiles. BRM does not generate transports.
If your change management process requires transports to QA, you could create roles in DEV only (if you have more then one client/mandant roles could be created on all of them), then after unit testing create a transport and move them to QA and PROD.
Regards, Andrzej
Hi Andrzej / Faisal
So after generating a role from BRM in DEV, QA & PRD simultaneously, if that role was assigned to a user in PRD, this user could bypass testing in QA. Do you know any way to restrict access to generate roles in PRD, but without changing the connection group?
Thanks and regards!
Fernando
Hi Faisal, thanks for your reply.
In my BRM methodology, role generation is before testing because I need the role to be generated in QA to assign it to the user.
The thing is that when I generate the role, I can select every connector in the same connector group. So, if parameter 3012 is enabled, I could regenerate an existing role that is assigned to users in PRD without testing new changes.
If I remove Action 3 then I won't be able to generate the role and will have to create a transport request.
Regards,
Fernando
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.