Reply from sheffeld on Oct 17 at 4:21 PM David,
First, thanks for all of the Basis assistance.
2nd:
a. Identify the the data elements that differentiate this divestiture
that your organization was using prior to the separation: company code,
controlling area, plant, company, warehouse, vendor, etc.;
b. Identify the authorization objects that contain these elements;
c. List the single roles that have unauthorized company data in these
auth objects via AGR_1251 or at Org Management levels via AGR_1252.
d. Use AGR_AGRS table to find the Composite Roles that contain these
targeted Single Roles.
Lastly, my $.0139 - if you have an average of 65 Composite roles for
every single role and fewer that 500,000 users (equating to 1 role for
every 50 users), this would be the perfect time to review the security
strategy, because the worst case scenario is that this will double the
number of roles to ~ 20,000. I could go into what this will cost in
implementation, maintenance and end user satisfaction, but I think that
with your demonstrated experience, you already know.
Best of luck to you!
| | | ---------------Original Message---------------
From: David Caddick
Sent: Friday, October 17, 2014 12:36 PM
Subject: Reporting Authorisation Objects For 151 Roles
Hi Bob,
I will give this a go, thank you.
Regards |
| Reply to this email to post your response. __.____._ | In the Spotlight Become a blogger at Toolbox.com and share your expertise with the community. Start today.   _.____.__ |
