on 07-17-2007 10:51 AM
Hi everybody
There is such situation:
We are restricting the values of infoobject using S_TABU_LIN
Everything is working fine if the user has authorization assigned only
by one role.
If the user has more then one role assigned then user has only values
authorized that are included in the first role. All authorizations from
other roles are not available
For example:
We have authorizations in 3 roles
Role1
Activity 03 ACTVT
Organization criterion for key /BIC/ZMINISTRY ORG_CRIT
Org. crit. attribute 1 * ORG_FIELD1
Org. crit. attribute 2 04 ORG_FIELD2
Org. crit. attribute 3 * ORG_FIELD3
Org. crit. attribute 4 * ORG_FIELD4
Org. crit. attribute 5 * ORG_FIELD5
Org. crit. attribute 6 * ORG_FIELD6
Org. crit. attribute 7 * ORG_FIELD7
Org. crit. attribute 8 * ORG_FIELD8
Role2
Activity 03 ACTVT
Organization criterion for key /BIC/ZMINISTRY ORG_CRIT
Org. crit. attribute 1 * ORG_FIELD1
Org. crit. attribute 2 06 ORG_FIELD2
Org. crit. attribute 3 * ORG_FIELD3
Org. crit. attribute 4 * ORG_FIELD4
Org. crit. attribute 5 * ORG_FIELD5
Org. crit. attribute 6 * ORG_FIELD6
Org. crit. attribute 7 * ORG_FIELD7
Org. crit. attribute 8 * ORG_FIELD8
Role3
Activity 03 ACTVT
Organization criterion for key /BIC/ZMINISTRY ORG_CRIT
Org. crit. attribute 1 * ORG_FIELD1
Org. crit. attribute 2 08 ORG_FIELD2
Org. crit. attribute 3 * ORG_FIELD3
Org. crit. attribute 4 * ORG_FIELD4
Org. crit. attribute 5 * ORG_FIELD5
Org. crit. attribute 6 * ORG_FIELD6
Org. crit. attribute 7 * ORG_FIELD7
Org. crit. attribute 8 * ORG_FIELD8
All of the roles are assigned to single user
The problem is that user can get only that values from /BIC/ZMINISTRY
that are authorized in role1
Values authorized in role2 and role3 are not available.
What could be a problem???
Hi
You can do it through Create a Composite Role Via T Code PFCG.
Rewards point if helpful
Thanks
Pankaj Kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi. I do not need a composite role. There are created about 70 single roles. One for each business division. If the user have assigned only one role (works with one divison), everyhing is fine. But if the user have to work with several divisions, there is a need to assign multiple roles. The responsibilities for the each user change all the time so the roles that are assigned to him change too.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.