Question:
All,
I would like to know if there is a way to restriced access with the administrator fields in authorization object P_ORGXX in the following way:
Administrator A - responsible for employee population A
Administrator B - responsible for employee population B
Administrator C - responsible for SOME employees in population A
Thus some employees in population A will have two administrators (A and C) but some employees in population A will only have one Administrator (A)
The populations will be random and not defined by the Org or Enterprise structure.
I am not sure if it is possible to use the Administrator Group field for this?
Thanks!
Answer:
THere are several ways P_ORGIN has a field, you can also manipulate P_ORGXX to do it as well, The question is why? A bit of detecctive controls may be more cost effective.
Answer:
John
The reason for this requirement is that we need to restrict users from seeing certain populations in the Organization but neither relationships in the Org Structure, the enterprise structure or any combination of fields in Infotype 0001 (for org key setup) support this requirement.
The employee groups are vary random throughout the Org structure and Enterprise structure which makes it difficult (I think!) to use anything else than an administrator field. It is very important that each user only see those employees that they need to and no one else. (There are data like salary data includede)
Then offcourse there may be a requirement that one employee needs to be viewed by more than one Administrator.
Any other suggested options are most welcome!
Thanks
Answer:
Then you will have to create a relationship for the PD profile to evaluate, I beleive the relationship is A021 and there is a SAP function module you can use to evaluate it, you do not need an eval path.
THe documentaiton on the PD profile screen for function module tells you the relationship and the function module.