on 08-20-2014 11:40 PM
Hi,
Below configuration settings have been maintained in our system.
13 Access Request Default Roles | 2010 | 001 | Request type for default roles |
13 Access Request Default Roles | 2011 | REQUEST | Default Role Level |
13 Access Request Default Roles | 2013 | SYSTEM | Request Attributes |
In Access Management > Role Management > Default Roles, I maintained the default role based on below settings:
Attribute: System
Attribute Value: ECDCLNT100
System: ECD
Role Name: ZTEST
After processing the New User Account request, it does not assign the default role.
Is there any configuration that I am missing?
Thanks,
Jay
Dear Jay,
as far as I see the configuration seems to be OK. There are some notes in this regard and based on your SP level it solves the problem. Can you please check or let us know what's your SP level.
http://service.sap.com/sap/support/notes/2002324
http://service.sap.com/sap/support/notes/1527211
http://service.sap.com/sap/support/notes/1616092
http://service.sap.com/sap/support/notes/2007192
etc..
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
New employee request which is kicked off through new hire HR trigger was missing Object Assign action. After assigning this action, user ID in non-ECC systems is getting assigned to the default roles.
However, now a new problem is that in ECC system the roles from the position are getting added to the request and then getting assigned to the user ID directly from the request. I found the below note and it makes no sense. Roles assigned to the position should not get added to the request and should not be a direct assignment to the user. They should obviously get assigned after running PFUD.
http://service.sap.com/sap/support/notes/1575251
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Harinam.
I am bit confused about what "Default Roles" implies.
Roles assigned to position are considered default roles? If roles assigned to position get added as line items to a request which then are getting added to user ID directly, then what is point in having position based security.
i just need default role configured in Access Management > Role Management > Default Roles, to be added to the request and not the roles assigned to the user's position.
AS far as I am aware, Default roles work with the normal Access Request process, i.e. Role bassed approach.
I am unsure as to how it is meant to work with Position based provisioning. If anything, I don't think "Default roles" is what you really need for your solution. How have you set up your HR triggers to work?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.