Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Sap Guru's,
I have a question regarding the working of Suim. Lets say you have the following hypothetical situation.
User: KLM1234
User Validity: 31.12.9999
Roles (1): Z_Tasks_for_administrator => Role validity till 31.12.2009
Roles (2): Z_Reporting_For_Finance => Role validity till 31.12.9999
Question:
If i run a query on 8th of September in SUIM looking for users which have e.g. access to S_TCODE SU01. This TCODE is only covered by role 1 with the end date 31.12.2009.
Will Suim report the user even if the role has an end date which has passed (31.12.2009)?
Further which of the following is best practise or preffered when a user changes function:
1. Delete the role that the user does not need anymore or
2. Put an end date for the role that is not needed anymore.
I myself have preferences for option 1, considering that somebody working for a company for 20 years and changing jobs every 3/4 years, option 2 would be from maintenance and risk perspective less desirable. Further considering SUIM it may result in not accurate results.
Waiting for your reply!
Kind Regards,
Asif
| __.____._ Copyright © 2010 Toolbox.com and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
| |  _.____.__ |
