Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from ashwinsharma201 on Jun 30 at 8:38 AM Hi,
You can check auth object S_USER_GRP with in the role and check if user
group X has been maintained not to reset pw. you can remove that user group
to enable any admin to reset the pw.
You can list out the user groups, for which only limited access to be given
via role e.g to Help Desk to reset dialogue users only . in such case you
can maintain the auth object S_USER_GRP and restrict to reset of PW reset.
Thanks
| | | ---------------Original Message---------------
From: Geetha
Sent: Monday, May 04, 2015 11:57 PM
Subject: User Group Authorisation Bypassed When IDs Are Not Assinged to Valid User Groups
Have come across a scenario, wherein access is restricted to reset password only for users mapped to User Group X.
The system responds as expected and fails when any users with User Group Y is submitted for password reset.
But the action is successful when I try to rest password for IDs that do not have a valid user group mapping.
Meaning we could change password for any user IDs without a user group mapping.
Suggestions and solutions welcome.
- G |
| Reply to this email to post your response. __.____._ | In the Spotlight Become a blogger at Toolbox.com and share your expertise with the community. Start today.   _.____.__ |
