on 09-18-2006 12:26 PM
The HR administrator role has been setup with P_PERNR and value E to prevent them from maintaining their own data in PA30. However, they are also an ESS user, who need access to maintain certain infotypes for their personal data. P_PERNR in the ESS role has an I value, which is overridden by E value from the HR Administrator role, hence they are prevented from maintaining their own data within ESS.
Has anyone found a method around this which stops the HR administrators changing all of the infotypes of their own data in PA30, but allows them ESS changes?
Thanks
Paul
Hi Paul
What I have seen is that we create 2 roles, HR Administrator and ESS Employee. Assign both the roles to the HR Administrator. They will be able to do both the things.
Regards
Lincoln
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
We have solved the issue by using Double checking authorization Process for payroll critical infotypes, when we had challenged by the exactly same issue.
1. We have decided that ESS role for each employee of an organization.
2. ESS role would be the central place for P_PERNR authorization check.
3. We have given HR administrator <u><b>Authorization level M, R, E and S</b></u> based upon their area of responsibility
4. Then allowed <u><b>Interpretation of assignment</b></u> for HR administrator is I
What happened by doing this:
HR administrator was able to create their own record, but it was locked and not ready for any kind of processing.
Then we have a workflow, which goes to their boss and they check the entry and they unlock for further processing.
For rest of the infotypes which are not payroll sensitive, we have given <u><b>Authorization level W</b></u> with <u><b>Interpretation of assignment as I</b></u>.
Possible values if the field is used together with one of the four first objects (the values E, D and S may only be specified together with R):
o M (read with entry helps)
o R (read),
o S (write locked record; unlock if the last person to change the record is not the current user),
o E (write locked record),
o D (change lock indicator),
o W (write data records)
* (all operations).
Hope this would be help.
Please let me know or call me at 253-382-2725 if you need any further help.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
105 | |
14 | |
10 | |
5 | |
4 | |
3 | |
3 | |
3 | |
3 | |
2 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.