Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Unable to rehire an employee: An HR authorization

Former Member
0 Kudos

Hi experts:

We are having problem rehiring employees that are assigned with default position and delimited org unit. We delimit org units often and rehire these people after some time to some other org units. When she tries to rehire she gets an error message in PA40 that says 'no authorization to maintian 0000 actions H2 exists'. And SU53 shows Failed Structure authorization for particular employee.

However, a user with no struc profile is able to rehire with no problem.

I tried with changing AUTSW ORGPD switch to 4 which note 339367 says will escape evaluating org unit and grants the authorization. But it still gives the same error. I basically tried all of these switches and still get the same message.

I would appreciate if somebody point me to the right direction and share what you are doing in your company with regard to when an employee is terminated and org unit gets delimited.

Thanks,

Netra

8 REPLIES 8

Former Member
0 Kudos

Any ideas, please!!!

0 Kudos

Hi Netra,

I am not hundred percent sure that this is the reason but feel it could be a reason.

When you are delimiting whats happening is essentially the relationship (A/B and the relationship number) associated for this relation is being broken.

So next time when a person(who is controlled by structural authorizations) tries to assign this delimited person to a org unit, the PD profile will not recognise the Person to be a part of the same group as was before as the relationship(IT 1001) record is removed, so the evaluation path cannot proceed to the rehire employees personnel number.

So that might be the cause.

For this very reason a person who is not a part of the structural auth(who by default has full access from a strcutural standpoint) will be able to maintain.

A solution to this could be create a PD profile with the Default Position as the root object

Custom Evaluation path

Number Obj Type A/B Rel Prior Rel. Obj Type

10 S A 008 * P

and create a PD profile for this and attach that PD profile to the HR Admin User who needs to rehire.

This would give access to the personnel number of the person whom you are trying to rehire.

The above works if you are assigning the person to a default position.

Hope this helps

Manohar

Message was edited by:

Manohar Kappala

Message was edited by:

Manohar Kappala

0 Kudos

Thanks Manohar for your response! I am going to try that out tomorrow and let you know how it goes.

Thanks,

Netra

Former Member
0 Kudos

Hi Manohar,

I implemented what you had suggested but it still gives me the same message. How do you handle teminated employees in your company? do you keep them with the same org unit or no org unit assignment because I think the base of all this problem is because the personnel no. is still attached to the org unit in IT 0001.

Please share your experience/input everybody.

Thanks,

Netra

0 Kudos

Hi,

I have not come across the this kind of scenario till now.

Because the normal data entry teams control is achieved without even going for strcutural authorizations by using the combination of Personnel area, emp grp, emp sub grp and orgkey fields.

Structural Auth is used where the ur access is changing very dynamically, say a persons manager based on reporting structure which is dynamic etc

Try the OOAC setting for ORGPD to 3 since u r saying that its still having the org unit in the 0001 IT .

or

try this attach "ALL" pd profile(which is equivalent to full access in structural authorizations) and assign the profile to user.

If he is able to do now then the problem is with the PD profile.

Otherwise its not a strutural authorizations problem might be there is something else.

Hope this helps

Manohar

Message was edited by:

Manohar Kappala

0 Kudos

Hi Manohar,

I assigned ALL pd profile to this test user as suggested by you and now he is able to do it. Like you said it looks like it is something to do with str. profile but not sure what it is. Is there a way to trace a str. auth check?

Thanks for your help. Any other ideas???

Thanks,

Netra

0 Kudos

Hi,

If your user after before has an org field attached to him.

then for granting authorizations based on that info the ORGPD field should have a value of 3 in OOAC i guess the value 1 for this field means that the access is rejected by default. with 3 for this field the access is granted by default.

For analysing structural auth errors u would get a message saying the failure is due to structural auth in su53, however the exact information is not available.

Since the u are saying the user is able to do it with ALL the role is fine i guess.

So try with this setting change and let me know if it works.

Also let me know the information capture in SU53 for this user.

Regards,

Manohar

0 Kudos

Hi Manohar,

The ORGPD switch is already set to 3 in our system. I also tried resetting it to 4 as the documentation says the system doesn't evaluate org. unit with this value but it still gives me the same error. I looked at running report RHAUTH00 to see if the person shows up in the list and the pers. no. comes up in the list but delimited in the past. Previously the SU53 was showing in Str. authorizaiton failure section listing object type P with personal # and start date of 01/01/1800 to 12/31/9999 with type INSEC and some others. But now I get the same error message but SU53 is clean. Again I am able to rehire with ALL PD profile.

Thanks again.

Netra