- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- User Groups/SUGR
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
User Groups/SUGR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2008 6:34 PM
Hello All - I have a question with "User Groups" can we assign/maintain authorizations using tcode SUGR, I use SUGR to maintain security reports (like user group test user, contractors, basis, developers...so on)
My question is can we assign authorization using groups like we do in Netweaver UME...In UME we can maintain auth, roles>groups and Groups>users
Please let me know what you all think on this?
Thanks.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2008 7:15 PM
The SUGR user groups are for protecting administration activities on the user master record itself (like reset password, etc).
It is used in a couple of other places as well in the system, but most of them are outdated approaches and seems to be fading away.
For reporting purposes you can use the Groups tab (and also assign a multiple of groups to a user) but that does not natively assign authority on the strength of belonging to a certain group.
For your own applications and reports you could do that, but I think an authority-check is better.
You could also quite easily develop an application which does assign a role (or profile) to users based on them belonging to a certain group, much like you can if they belong to a certain position on the HR side. I think you can even select users based on the group in SU10.
But you cannot replace (or suppress) security based on the group - or better said, I would not recommend trying to do it. It is a bit like having custom tables where the names of the users are maintained who can do something - there are a number of threads here about how confusing, intransparent and unscalable those approaches are.
My 2 cents,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2008 7:15 PM
The SUGR user groups are for protecting administration activities on the user master record itself (like reset password, etc).
It is used in a couple of other places as well in the system, but most of them are outdated approaches and seems to be fading away.
For reporting purposes you can use the Groups tab (and also assign a multiple of groups to a user) but that does not natively assign authority on the strength of belonging to a certain group.
For your own applications and reports you could do that, but I think an authority-check is better.
You could also quite easily develop an application which does assign a role (or profile) to users based on them belonging to a certain group, much like you can if they belong to a certain position on the HR side. I think you can even select users based on the group in SU10.
But you cannot replace (or suppress) security based on the group - or better said, I would not recommend trying to do it. It is a bit like having custom tables where the names of the users are maintained who can do something - there are a number of threads here about how confusing, intransparent and unscalable those approaches are.
My 2 cents,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2008 1:45 PM
Thanks Julius, appreciate your suggestion...I think you deserve big $ not cents
Thanks Again.
- SAP Managed Tags:
- Security
