Worflows based on roles

Hi,
Is it possible to have multiple workflows and trigger them based on roles. For example, I have a workflow with, say, 6 steps and I want to trigger it when a person with 'Marketing' role tries to update a record. Then I have a different workflow with, say, 8 steps that I would like to trigger when a person with 'Power User' role tries to update a record. Is it possible to have different workflows for different types of roles?
If it is not possible then what are the workarounds? Suggestions are welcome.
Regards,
-Y

Hi,
    Yes, its always possible to assing workflow events to users depending upon there roles.  and its also possible to have n number of workflows with different users or roles assigned to each.
   Q: How its done?
   A: Firstly to create a workflow you need to select the workflow table from the drop down list of tables in the data manager(It will be the last table in the list).  then u right click in the right side area of the window and select ADD, this will add a new workflow to your repository.  The person using whose user id and password you logged in is the owenr of the workflow(Basically its the Admin).  Next when you go to the workflow diagram in MicroSoft Visco you can add different workflow events in that. when you assing an workflow event or activity then there you can specify who is process these step; it depends on the user name or the role.  When you requre it to be 'Marketing role'  select it from the drop down list.
You have select roles where ever required.
CHARAN
Lead, Follow or Get out of Way

Similar Messages

  • How to setup the security based on roles in Organization.

    Hi,
    How to setup the security based on roles in Organization.
    For example:Few users are Manager and a few user are Non Manager .Manager should have access to all work data including Non Manager and Non Manager should access based role.How to setup this? How OBI server identify the user role?
    kindly let me know.
    Regards.,
    CHR

    Hi,
    You need to have Back End support to achieve this. In Back End you need to create two groups . You need to know what joins has to be made for which group (which is more important) and also make session variable for the userrole (with SQL supporting it). In the BMM layer, we need to put the security join conditions in the 'where clause'.
    And make a common report. User loggin in with the respective userid will have userrole and joins assigned in the Back end. And they will be viewing the report according to their access.
    Hope this will solve your problem.
    Regards
    MuRam

  • Workflow based on role

    Hi all,
    Please let me know, how to create a workflow based on specific Roles.
    I know it's a bit silly query, but i have got struck here.
    Thanks,
    Shash

    Hi Shashi,
    You can maitain the Approval limit in personilization tap "APPROVAL LIMIT" sothat workflow will
    pics Approvers based on role.
    Hope this is use full
    Bestregards

  • Selection of people based on Roles

    Hi Experts,
    This is related to Appraisals. How to select people based on Roles in 360 degree Appraisals. For eg: If sales employee has to be appriased by external customers, vendors..how to select those people as part appraisers.
    Please advice..
    Thanks!

    hope ur problem cleared and let me know if anything
    hey in SDN greeting will be said by rewrding points sont forget that
    u can serach sdn for the materials
    thanks
    sikindar

  • BAM views based on roles

    Hi All,
               Is it possible to have single BAM view with all the necessary details and based on roles only specific field should be viewed.
    Thanks

    Hi ChampBoss,
    BAM  views are nothing but SQL views. You can't restrict users for certain fields in views. BAM activities relates to SQL tables and BAM views are SQL views. BAM views are meant to providing authorisation over the BAM-Activities. Restricting the views
    to the data of the BAM-activities based on the roles.
    You can't restrict the views of the BAM-view's fields.  But what you can do is
     create new multiple views of the BAM-activities. new Views with fewer fields which you want to show to user.
    Completely hide all the users from the existing view ( from which you want to restrict the users for the view-fields, if you don't want you can delete it. Otherwise just hide is from other roles.)
    Provide access to the news BAM-views based on the user role.
    If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

  • Restrict Dashboard based on Role

    Hi
    Is it possible to Restrict Dashboards based on Role. I want hide out-of-the-box dashboards and display custom dashboards based on Role.
    Regards
    Sundar

    Hi,
    but note that the Look In function is not available in the custome web tab. this is really a shame because the lookin allows managers to see the data in different ways. If any of you found a way to get the look in functionaliyt into the web tab, I would love to find out.
    Regards,
    Gonzalo

  • Customize the privileges based on role i mean just assign the privileges to security gurop?

    how to create and configure privileges like how to assign privileges to help desk, server administrator, desktop administrator if any way to customize the privileges based on role i mean just assign the privileges to security gurop?

    Yes, you can read the Wiki you started here: http://social.technet.microsoft.com/wiki/contents/articles/20292.delegation-of-administration-in-active-directory.aspx
    Mainly, you can create security groups, delegate them rights on your platforms and then just add/remove users to these groups.
    This posting is provided AS IS with no warranties or guarantees , and confers no rights.
    Ahmed MALEK
    My Website Link
    My Linkedin Profile
    My MVP Profile

  • GRC AC10 Agent based upon Role Attributes

    Hi Experts,
    Need your help on the issue.
    We are trying to achieve below configuration-
    After the Access request is generated, at the first stage, the approver should be selected based upon the business process of the role. If there are multiple roles with different Business Processes and their approvers, all of them should approve the request and then request should go to the next stage.
    There is also a field Business Process in the Access Request Screen which denotes the User's association with Business Process and not of the role. We are able to trigger the approval based upon this field, but we can;t find any option of approver selection based upon the business process of the role.
    Can some one show a way to achieve that?
    We are facing another problem, when the request is approved based upon the field Business Process in the Access Request screen, we are not able to find the request in next stage, it is still showing in the same stage while the role attached is only one and no other approver defined.
    What could be the reason behind it? Any help is highly appreciated.
    Thanks in advance,
    Sabita

    Hello Sabita,
    You can use the transaction : GRFNMW_DBGMONITOR_WD to check the logs.
    What i understand from your requirement and what would be my approach.
    1) Approvers who will be ROLE OWNERS
    > In this case 1st thing is you should upload few ROLES( NWBC>Access Mgmt-->Role Import) with all the details i.e function area, company , role owner, alternate approver
    ---> Now create a "Custom Initiator from SPRO >GRC>AC>workflow for access control>Define  Worflow Related to MSMP rules for Process ID SAP_GRAC_ACCESS_REQUEST
    Run Tx: BRF+ , and you will see a rule created , drill down to "Expression-->Decision Tree"
    and use "Table settings" to select "Condition Column" & "Result Rule sets", where you can configure the Custom Initiator
    Now run Open MSMP workflow config window
    1) Process Global settings ( Notification details if necessary)
    2) Maintain Rules (add your custom initiator rule )
    3) Maintain agents ( check & if not present add Role owner agent)
      i.e. GRAC_AR_ROLE_OWNER  (This will satisfy 1 st requirement)
    Create a new agent as BSM and mapp them as "directly mapped user" , similarly for the 3rd stage you can use directly mapped user.
    4)Variables & Templates --> Skip
    5)Maintain Path ( add 3 stages as required i.e role owner, BSM & security officer)
    Now for each stage click on "modify Task Settings" & click on individual check boxes as relevant , you can select "All approvers" or "Any one approver", Approve Request based on System & Role , or Request .
    Same applies to all the other 2 stages.
    6) Maint Route Mapping  --> put the path ID created in previous stage and save and activate.
    I hope this should give you some fair idea.
    Thanks
    Victor

  • OIM 11g R2 - AD provisioning based on Role and Access Policy

    Hi, for Active Direcotry integration i used some prepopulation plugin for populationg resource form (based on http://fusionsecurity.blogspot.sk/2013/01/populating-request-attributes-in-oim.html).
    It's work fine - requested account was fully provisioned.
    Can i use this plugins for Role based provisioning?
    I try to create access policy and associated role but when attached the role to the user and run Evaluate User Policies Job, account can't be provisioned.
    In diagnostic.log i found.....
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Immediate consequences are returned with event - InitiatePolicyEvaluationAndProvisioning
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Next Waiting child process is ..........6380 sync = false
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] First Waiting child process is ..........6380
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Kernel executing default validation with process id, event id, entity and operation 6,380.0.Resource.ACCESS_POLICY_BASED_PROVISION
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Kernel completed the child orchestration - 6380.6379
    [oracle.iam.platform.kernel.dao] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Inserting records for orchestration cleanup
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Completed orchestration with action result - 113

    Hi, all
    I try to fill Access policy Process Form. Account request was created and provisioned when field AD Server and Organization Name was filled in, but pre-population plugin doesn't fired
    The question is.... How can i use pre-population plugin for populating request dataset used with request generated by access policy....
    Is it possible to use plugins for requests generated based on access policy?
    a.

  • Hiding buttons in the standard web template based on roles

    Hi,
    In the standard web template, the requirement is to hide few buttons based on the authorization.
    Can this be achieved by assigning the roles? If not what is the work around?
    Regards
    Narayana

    Narayana,
    Restricting the Buttons is not feasible thru Role restrictions, you need to work around with the WAD..
    Action Events with Btn Clck.
    Cheer's
    HVR.

  • EAM ID based or Role based? Why settle for just one?

    G'Day All,
    I've raised a question in the following blog, however I would like to open it up to other people as well so they might get something out of it and in the process might share their own thoughts on the matter at hand.
    ID-Based Firefighting vs. Role-Based Firefighting
    So this is where I am at this point:
    From what I can gather so far, my understanding of EAM ID/ROLE based is as follows:
    - Id Based: Logs in using own U.ID and through GRAC_SPM accesess FFID from the GRC Server and logs into the system assigned to them (ECC, SRM, CRM etc)
    Only one user at a time can use a FFID.
    Firefighter need not exist in every system assigned to them due to central logon however they need to exist in the GRC system
    Knows exactly when FFID is being used as he/she has to login so has a psychological effect (good thing)
    Better tracking of FF tasks - Specific log reports with Reason Codes. Bonus point from Auditors!
    Two Log ins so potential to commit fraud. (1 action using own UserID and 1 action using FFID)
    Could be hard to track and find out when a fraud has been committed so can be a problem with auditors.
          ID Based -> GRAC_SPM : TCode for Centralised FFighting -> You will see FFIDs assigned to you
          ID Based -> /n/GRCPI/GRIA_EAM : TCode for DCentralised FFighting -> You can see  the FFIDs assigned to you
    - Role Based: Logs into the remote system only using U.ID, so everything gets logged against that one ID. 
    Multiple users can use the FFROLE at once.
    Firefighter has to exist in every system assigned to them - so multiple logons.
    Hard to differentiate between FF tasks and normal tasks as no login required  So easy to slip up
    Time consuming to track FF tasks - No Specific log reports. No Reason Codes
         R.Based -> GRAC_SPM : TCode for Centralised FFighting -> You will see FFROLEs
         R.Based -> /n/GRCPI/GRIA_EAM : TCode for DCentralised FFighting -> Not applicable so wont work
    So based on this there are pros and cons in both however according to SAP only one can be used. To me personally,  it makes more sense to get the best of both the worlds right? So here is my question why can’t we just use both?
        . Really critical tasks -> FFID
        . Normal EAM tasks -> FFRole
    Alessandaro from the original post pointed this out:
    "Per design it isn't possible to achieve both types of firefighting at the same time. It's a system limitation and hence to configurable."
    Well this is what I can't seem to get my head around. For a FFID, there is a logon session so it has to be enabled and as far as I can tell there is no way around it.
    However for FFRole, there isn't such limitations/restrictions like starting a separate session. FFRole is just assigned to an end user for him/her to perform those tasks using their own user ID.
    So in what way is it different from any of their other tasks/roles, other than the fact that they've got an Owner/Controller assigned to the FFRole? and
    What is stopping us from using it when ID based is the default?
    If I were to do the following does it mean I can use both ?
        . Config Parameter: 4000 = 1 (GRC System) -> ID Based
        . Config Parameter: 4000 = 2 (Plug-In)  - > Role Based
    Please excuse me if my logic is a bit silly, Role Based firefighting is only done on Plug-in systems so the following should work just fine:
       . Config Parameter: 4000 = 2 (Plug-In)  - > Role Based
    However for ID based, it is a Central Logon, so the following is a must:
        . Config Parameter: 4000 = 1 (GRC System) -> ID Based
    Which means both ID/Role based can be used at the same time, which seems to be working just fine on my system. Either way I leave it you experts and I hope you will shed some light on it.
    Cheers
    Leo..

    Gretchen,
    Thank you for thoughts on this.
    Looks like I'm failing to articulate my thoughts properly as the conversation seems to be going in a different direction from what I am after. I'll try once more!
    My query/issue is not in regards to if/what SAP needs to do about this or why there isn't more support from Companies/Organizations and not even, which one is a better option.
    My query is what is stopping us(as in the end users ) from using both ID/Role based at the same time?
    Now before people start referencing SAP documentation and about parameter 4000, humour me with the following scenario please. Again I would like to reiterate that I am still in the learning phase so my logic might be all wrong/misguided, so please do point out to me where I am going wrong in my thought process as I sincerely would like to know why I am the odd one out in regards to this.
    Scenario
    I've created the following:
    FFID
    FFROLE
    Assigned them to, two end users
    John Doe
    Jane Doe
    I set the Configuration Parameters as follows: 
    IMG-> GRC-> AC-> Maintain Configuration Settings -> 4000:1 - ID Based
    IMG-> GRC (Plug-in)-> AC-> Maintain Plug-In Configuration Settings-> 4000:2 - Role Based
    User1
    John Doe logs into his regular backend system (ECCPROD001)-> executes GRAC_SPM-> Enters the GRC system (GRCPROD001)-> Because the parameter is set to ID based in the GRC Box, so he will be able to see the FFID assigned to him-> and will be presented with the logon screen-> Logs in -> Enters the assigned system (lets say CRMPROD001) At this point the firefighting session is under progress
    User2
    Jane Doe logs into her regular backend system (ECCPROD001) -> (can execute GRAC_SPM to check which FF Role has been assigned to her but she can see that in her regular menu, so there is no point) -> Executes the transactions assigned in FFROLEThis is done at the same time while FFID session is in progress
    So all I want to know is if this scenario is possible? if the answer is No, then why not?
    I physically carried out this scenario in my system and I had no problems(unless I am really missing the plot here), which brings me back to my original question: Why settle for just one?
    Again to reiterate I am not getting into the efficacy or merits of this or even if one should use this. Just want to know if it is possible/feasible or not.
    So there you have it. That's the whole enchilada(as they say there in Texas). I tried to word my thoughts as concisely as I can, if there are still any clarifications, more information you or anyone else reading this would like, please do let me know.
    Regards,
    Leo..

  • Field display based on role

    Hi,
    I am using Portal with MDM. My requirement is, based on certain role only , few fields in a iview should be displayed. For example, "Approve" button should be displayed only for people with Manager role. How to acheive this? Thanks
    Prabhu.M...

    Hope this helps,
    http://help.sap.com/saphelp_nwmobile71/helpdata/en/45/f48922b10406f6e10000000a155369/content.htm
    Regards,
    Ravi

  • Exact inbound Idoc or RFC for BP based on ROLE/Customer/Vendor ?

    Hi ,
    I need a inbound IDOC or RFC for Business partner in BP transaction posting based on Customer master or vendor master Role ...

    Hi Frederic,
    I need to post data in to BP transaction(customer master data and vendor master)  role using BODS via IDOC. Required IDOC's for posting. 

  • IP Address determination based Portal Roles Access

    Dear Experts,
    Current Scenario - SAP Portal is accessible directly and via Citrix (VPN).
    Based on the URL alias - we have implemented Desktop Filtering.
    eg if the URL ends with / internet - You get restricted roles
    eg if the URL ends with / intranet - You get wider roles
    In Production, we also have Netscaler Reverse Proxy and HTTPs settings in place for External (outside firewall) access.
    New Requirement (Example) - Based on the IP address of the client, determine which subnet it falls under and based on that -
    If used within Citrix - Provide certain roles
    If not used within Citrix - Restricted access / Redirect to a different URL on the redirect server.
    Questions - With the current desktop filtering in place based on URL determination and no specific restriction for inside/outside Citrix access -
    I believe tweaking SAP Portal Logon logic can get very painful and overtly complicated for such scenarios.
    Please suggest which would be a good way to crack this? eg using admin settings at these levels - eg Citrix, Network OS Exit, Reverse Proxy etc based on Best Practise ?
    Thanks for your inputs ~ Dhanz

    Hi Dhanz,
    You are right, it's a complicated scenario.
    Unfortunately I am not expert on Citrix, Network OS Exit, Reverse Proxy, etc. But I have discussed this issue with web dispatcher expert colleagues and I believe you can use the IP address as distinguishing criterion / mapping table. Please see the documentation below:
    http://help.sap.com/saphelp_nw04/helpdata/en/de/89023c59698908e10000000a11402f/content.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/24/62c6bacba12442a869a599149227ab/frameset.htm
    I hope it helps,
    Kind regards,
    Lisandro Magnus

  • Display Templates based on Roles

    Hi,
    I have a requirement in which i need to display different template based on the user roles(eg : Manager, Clerk ..) .Is it posible??
    Thank you

    Hi,
    perhaps you can use a single layout-rtf and use conditional regions to choose the layout you wish at runtime. If you have different layout-rtfs I would say it depends on the calling application and how you call BI Publisher.
    Regards
    Rainer

Maybe you are looking for

  • What are all the mandatory fields of the BAPI_PO_GETDETAIL?

    Hi friends, I am new to XI. I am using the "BAPI_PO_GETDETAIL1" in my scenario to get details of a particular Purchase Order. Can you tell me the mandatory fields of this BAPI? Where should i look to identify the mandatory fields of a BAPI? Thanks. S

  • On my canon powershot A3300IS the lense is stuck in the extended position and will not close

    I have a canon powershot A3300 IS  the lense is stuck in the extended position and will not close. How can I fix this myself?

  • "frozen" cell in spreadsheet

    While running AppleWorks 6.2.9 on a G4 iBook (OS 10.9.1), one cell in one of my spreadsheets has "frozen":  I can't delete it, edit it, lock or unlock it, nothing.  I've searched high & low and found nothing to restore this one cell to proper operati

  • Prob in Order Creation

    Dear All Gurus,                             in the time of creating Order systems giving error "routing not found" .how to asign routing with order. i am new in pp .I am a mm consultant.pls help me out thanks sandip

  • RG23D for intial trading inventory upload

    Dear gurus We are uploading inventory by movement type 561 by MB1C,The Material to be uploaded in Depot is Exciseable. Now I want to Update RG23D by Quantity and Amount/Value also.How to update RG23D for movement type 561 both Value & Quantity? Thank