on 09-10-2010 8:08 PM
Hello, pleasure greet you
This is a doubt about how can evit RH`s users can watch dates of employees that don´t need
I have an authorization object called P_ORGIN, I agree the organization key VDSK1, but it only work at transaction PA30, it doesn´t work at others standard transactions, like S_AHR_61016309, S_ALR_87014135, PC00_M99_CLGA09
How can I configure to can achieve that as well as PA30 can restrict information.. make the same with the others standard transactions...
but i don´t want to add the organization key VDSK1 to each transaction, because is so much information and it is so important, and i think is risky move all this reports
So I relly appreciate that someone could help me
Thanks
Edited by: EliSapteam EU on Sep 10, 2010 9:12 PM
Hi,
so I understand you have set up authorization profiles with object P_ORGIN, and the restrictions just work in transaction PA30 but not in reporting. In that case it could be that the user has also authorization P_ABAP assigned for those reports or for report SAPDBPNP. This authorization object can overpass the standard HR authorization checks. Please read the documentation of this authorization object.
Regards,
Ana
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, Ana thanks to answer me
Well, I think I didnt explain fine
That I mean, is that how can i do to restrict information HR by Center
That is to say, One user in Center1, have access at standard HR authorizations, but only can visualize information about Center 1, and not of other Centers. Other user of in Center 2, have access at the same standard HR authorizations but just can visualize information about Center 2.
With the authorization object P_ORGIN when I use VDSK1 like a orgnization key, it work to restrict information by center, but only in transaction PA30 but not in reporting.
Good day..
Edited by: EliSapteam EU on Sep 14, 2010 8:02 PM
better configure a separte role with specific Tcode you want to give and assign to user
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I read the question three times but I can't still figure out what is the requirement.
S_TCODE (and for some HR transactions P_TCODE) controls access to transactions.
P_ORGIN controls infotype access to employees. You need to understand infotype concept and personnel structure to use it.
P_PERNR controls access to own data (make sure that PERNR switch is set on in transaction OOAC).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
7 | |
6 | |
3 | |
3 | |
3 | |
3 | |
3 | |
3 | |
2 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.