cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access Control Engine usage

Go to solution
Former Member

on ‎12-31-2013 6:33 AM

0 Kudos

Dear CRM experts,

Really liked the conpect of the ACE engine. I serfed the SCN and found ACE topic last from 2009 year.

Is it mean that ACE so popular or not actual / usable ?

Do CRM-experts use it currently

Any updates for  ACE from SAP

Want to start use it but also want to know every issues we can be forced with ...

Best Regards

Daniyar

Show replies
Show replies
Answer
View Entire Topic
jorge_ocamposbenito
Contributor
‎12-31-2013 9:45 AM
0 Kudos

Hi Daniyar,

Yes, ACE is being used, but it's only performed when authorization concept isn't enough to manage authorizations.

Most of the SAP CRM projects doesn't need ACE.

You can read the ACE help for SAP CRM EHp3 -> CRM Access Control Engine - SAP Library

I let you more info about ACE, if you need it:

CRM Access Control Engine - CRM - SCN Wiki

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d05af13a-e011-2a10-4b9e-a458f2779...

SAP CRM: How ACE (Access Control Engine) works

http://www.consultingcy.com/SAP_CRM_General_Authorization_ACE.htm

SAP CRM Technical Tutorials by Naval Bhatt.: Configuration & Implementation of CRM Access Contro...

Please mark as correct if helps.

Happy new year.

Best regards.

Show replies
Show replies
Former Member
‎12-31-2013 10:34 AM
0 Kudos

Hi,

Happy new year !!

Glad to hear that ACE still beign used, can give more explanation to "When aturhozation concept isn't enough"

Some examples when is better stay with authorization concept or switch to ACE.

Rg Dan

jorge_ocamposbenito
Contributor
‎12-31-2013 10:42 AM
0 Kudos

Hi Daniyar,

It deppends each scenario. You have to use ACE when you want to control, on object level, which users authorization to read, modify or delete.

As you can read in  http://www.consultingcy.com/SAP_CRM_General_Authorization_ACE.htm

"Large and complex (international) CRM installations all face the same problem: how do we show the users only the data that they need to see? We don’t mean authorizations related to functionality, but related to business content. Imagine you run a big business and have a million customers worldwide. Then a sales rep responsible for a group of customers in Belgium should not see any customers from Asia in his search results. Or a sales rep with responsibility for a certain branche should not be bothered with customers of other branches. Furthermore, if the structure of the sales organisation changes, you don’t want to end up changing all kind of authorization profiles.

To solve these issues, SAP came up in CRM for the PCUI with a pretty nice solution: CRM-ACE. This stands for Access Control Engine and is a framework to calculate user dependent access rights on object level. It originates from Channel Management but works in all PCUI functionalities. Now ACE works for SAP CRM Web UI as well."

For example: You can use ACE to define that a partner manager has read authorization and write authorization for her leads, read authorization for the leads of her colleagues, and read authorization and write authorization for all prospects of the company.


This scenario needs ACE because with standard authorization objects we cannot model this authorization scenario.

I hope that helps.

Please mark as correct if helps.

Happy new year.

Best regards.

Former Member
‎12-31-2013 3:27 PM
0 Kudos

Hi Jorge,

Ok here you go, thanks a bit more undestanding now.

See you in 2014

Regards Daniyar

Ask a Question