06-26-2008 4:54 PM
Hello Experts,
I am not a security person, but we are in the process of testing ESS and having some conflicts with a users GUI (r/3) role versus the ESS role! For example, a user will not have access to Bank Information (Infotype 9) in the GUI, but will need access to edit this Infotype through ESS on their own record.
Our problem is how do we set the roles up under this scenario? If this cannot be done, how do other companies handled this scenario?
Any direction will be highly appreciated.
ECC 6.0
EP 7.0
ESS 1.0
Thanks for your time,
Mike
06-27-2008 1:11 PM
Hi Mike,
My suggestion would be to make use of P_PERNR in your ESS role only - and not P_ORGIN or P_ORGINCON.
We added all the info types that the ESS users are supposed to maintain or view in P_PERNR.
We did eventually need to add display and matchcode search for info types 0000 - 0002 so that the ESS users could make use of the Who's Who functionality in order to search for emloyees across the organisation.
Without info type 0009 in a P_ORGIN or P_ORGINCON auth object, the users will not be able to maintain in PA30.
Hope this helps.
Regards
Lucille
07-03-2008 8:18 PM