- SAP Community
- Products and Technology
- Additional Q&A
- How do i make 'Valid to' and 'Valid from' fields i...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
How do i make 'Valid to' and 'Valid from' fields in Lock user request editable?
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 11-19-2014 8:22 AM
Hi,
We want the 'valid to' and 'valid from' fields to be editable in Lock user workflow. The issue is that in all other workflows (create user/ change user, etc) the fields are editable.
I checked the EUP assigned to the lock user request, but there is no setting available there.
Also, checked the 'Action' assigned in Request type for lock user request. We have selected "Lock User", "Unlock User" actions.
In MSMP, we have checked "Change request details" in the stage settings.
In spite of this, the fields are not editable while request submission (end user) as well as the stage (approver).
Can someone help me out here?
Regards,
Arti Sachdev
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Arti,
What is it that you want to achieve?
A user in a SAP system can either be in an unlocked status or locked status - but you cannot assign a validity date to the locking status (in contrast to the user account validity or the role validity). This is not a limitation of GRC, but implicit to the backend SAP system. Hence, it does not make any sense to have this field editable.
If you want to ALSO change the validity date of the user using your LOCK ACCOUNT request, you also need to assign the action to change user details.
The Lock User action will do exactly that: Lock the user.
Additionally, I don't see why you have both Lock User and Unlock User action in your request type for lock user.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Great that it now works as per your requirement.
Mind you, this still won't lock the user at some future date IMHO. That would require GRC to keep a memory of requests it needs to provision in the future (that functionality does not exist) because you cannot provide a validity date to a locking status.
What you are doing now, I assume, is limiting the validity date of the user account with the "Change User" action - which is perfectly fine! But it's good to understand that the user (although not accessible due to a future validity date) is not technically in a "locked" status.
Answers (0)
- Is there a CDS view that contains Label Type (MARA-ETIAR) and Label From (MARA-ETIFO) ? in Enterprise Resource Planning Q&A
- Country Compliance - Configure overrides for US WTPA Form fields in Human Capital Management Blogs by SAP
- Data Proposal for Sales Order Requests - Determination with Reference to Order Creation History in Technology Blogs by SAP
- Update Fields Record Learning Tool in Human Capital Management Q&A
- Global filter definition for Country Compliance WTPA forms in Human Capital Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.