Investigate - ECC roles for retirement.

Similar Messages

• Rules for AD Groups mapping with ECC roles in GRC

  Hi All,
  I'm actually looking at an option to define the Rules in GRC where i can map AD (LDAP) groups to ECC roles. Is it possible? Could you please let me know if i can achieve this with Rule Architect in GRC 5.3 OR by any other mean.
  Regards
  - V

  Gurus,
  Any thoughts on this?
  Regards
  Vaib

• SAP Best Practices on assigning roles for Auditors

  Dear Gurus,
  We need to set up SAP roles for auditors in or system for SRM ECC & BI.
  Could you please suggest on wich roles should be granted to the auditors as best practice to follow on?
  I will really apprecciate your help.
  Best Regards,
  Valentino

  Hi Martin,
  Thanks for your interest. I would be very happy to work with folks like you to slowly improve such roles as we find improvement possibilities for them, and all benefit from the joint knowledge and cool features which go into them. I have been filing away at a set of them for years now - they are not evil but still usefull and I give them to an auditor without being concerned as long as they can tell me approximately what they have been tasked to look into.
  I then also show them the corresponding user menu of my role for these tasks and then leave them alone for a while... 
  Anyway... SAP told me that if we host the content on SDN for the collaboration and documentation to the changes in the files, then version management of the files can be hosted externally for downloading them (actually, SAP does not have an option because their software does not support it...).
  I will rather host them on my own site and add the link in the SDN wiki and a sticky forum post link to it than use a generic download service, at least to start with. Via change management to the wiki, we can easily map this to version management of the files on a monthly periodic update cycle once there are enough changes to the wiki.
  How about "Update Tuesday" as a maintenance cycle --> config updates each second Tuesday of the month... to remove authorizations to access backdoors which are more than "just display"...
  Cheers,
  Julius

• What is ESOA? What is the Scope/Role for Functional Consultants in eSOA.

  Hi Experts,
  1)     Does eSOA is a tool, application or module?
  2)     What is the relation between eSOA and ECC6.0?
  3)     What is the Scope/Role for Functional Consultants in eSOA?
  4)     What I have to learn in eSOA?
  5)     How it is useful for Functional Consultant?
  6)     How it is useful for Customers?
  7)     How much time it will take to learn eSOA?
  8)     Where can get the Material?
  9)     What all technologies I have to learn before I learn  to eSOA?
  I am working as a SAP HR Consultant. If I want to learn eSOA what are the pre-requisites.
  I donu2019t know anything eSOA.
  Please give me the answers.
  Regards,
  Ram

  Hi Ram,
  See the answers below
  > 1)     Does eSOA is a tool, application or module?
  ESOA is not any tool,application or module. Its a methodology/Architecture
  > 2)     What is the relation between eSOA and ECC6.0?
  ECC 6.0 provides some Enterprises Services through enhancement packages.
  > 3)     What is the Scope/Role for Functional Consultants in eSOA?
  FUnctional consultant should know which ENterprise Serrvices are available and which should be developed to carry out a business process.
  > 4)     What I have to learn in eSOA?
  .         Being a technical guy, there are things to be learnt like ESR, implementing designed serivces through ABAP or Java and consuming it. But being a functional guy, only awareness of what enterprise services are available and what they do and their input/output params and how they can fit into a business process is sufficient.
  > 5)     How it is useful for Functional Consultant?
  see above
  > 6)     How it is useful for Customers?
  Customers can move towards Service Oriented Architecture, get flexibility in changing a business process easily, maintaince cost is less
  > 7)     How much time it will take to learn eSOA?
  depends on your skills
  > 8)     Where can get the Material?
  lot of material in SDN
  > 9)     What all technologies I have to learn before I learn  to eSOA?
  ABAP or JAVA,ESR ( being a technical consultant) , Web Services
  > I am working as a SAP HR Consultant. If I want to learn eSOA what are the pre-requisites.
  you should aware of basics of service oriented architecture
  If you further want to clear doubts, do write up.
  Regards,
  Piyush

• Buyer roles for monitoring SUS vendor changes

  Hi,
  We are looking for EP and SUS roles for below scenario
  When supplier admin logs in to SUS via EP portal, he can modify his /
  her company (as part of supplier self service) data such as name,
  contact info etc. Then, buyer can monitor changes done by supplier,
  then he can transfer the changes to ECC. We were looking for roles in
  EP and SUS that will allow buyer to monitor the changes, we tried SRM
  admin role, but it was not pulling vendors modified in SUS. I can
  monitor changes done for Vendor by buyers in SRM via application
  monitor. But, we are having difficulty in identifying a role to monitor
  changes done by supplier in SUS.
  Will you please suggest which EP (front end) and SUS (Backend) roles
  need to be used? Appreciate your help!
  Thanks,
  Chandra

  Barbara,
    You can achieve this by building a custom program to add additional entries in VENMAP table for the same partner_GUID for the new backend system data.
  SG

• Initial roles for sap consultants in Development system .

  HI all,
  I am new in security, now I have to create one fi ,sd, mm,pp, abap users in my development server (ecc 6.0 in sql server). I need standard roles for there users.
  Please give me security matrix.
  Regards,
  swathi-k

  in tcode PFCG you can drop down the list of available roles as per your requirement and assign them to the users. you have to give the appropriate authorizations. In case you can find the role as per your requirement, then you have to create your own roles and assign them to the users.
  follow for more details : http://help.sap.com/saphelp_nw2004s/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm
  Cheers,
  -Sunil

• Roles for ESS and MSS Enhancement Package 4 (EHp4)

  Good afternoon.
  I have the following doub with the role assignment for ESS .
  I know that exist the following roles for ESS :
  SAP_ESSUSER: Single role that comprises all non-country-specific fucntions. Only relevant for the olders ESS functionality, including all ITS component, such as PZ02(Address), PZ13(Personnel Data), PZ03(Bank Details).
  SAP_ESSUSER_ERP05: Single role that comprises all non-country-specific fucntions. Relevant for the ERP2005 platform, Enhancement Package 1 and 2.
  SAP_ESSUSER_ERP13: Composite role that comprises all non-country-specific functions.  Relevant for the ERP2005 platform, Enhancement Package 3.
  SAP_ESSUSER_ERP05_xx: Single role that comprises all non-country-specific fucntions. A separate role exist for each country version(xx = Country ID). The role corresponding composite role is SAP_ESSUSER_ERP05. Relevant for the ERP2005 platform, Enhancement Package 1 and 2.
  The Question is:
  I am working with  Enhancement Package 4 EhP4, What is the role that I have that use????
  Kind Regards.

  Hi! The specific ESS Role for EHP4 is called SAP_ESSUSER_ERP_14.
  Due to an error, the Role was not delivered in SAP ECC 604, but it will be available in the Support Package 05 for EHP4. You can hope to implement the SP or go for manual corrections from Note [1373177|https://service.sap.com/sap/support/notes/1373177].
  1229232 and 1129412 notes are relevant for EHP3 only.
  Refered to MSS you're right.
  Regards!

• Income Tax Projection for Retiring Employees

  Hi Folks,
  One of our Employee is getting retired in the month of August, As per SAP,In April-2009 his IT projection happens for the entire financial Year April to March 2010.
  That is his IT projection for APril to March is 5Lakhs, but his actual earnings from April to date of Separation (till august) is 3.5 Lakhs, because of this his Tax liablity from APril to July goes high and in the month of August there is a refund.
  Now for retiring Employees how can we make the IT projection happen only till the month of Retirement.  Is their any standard process available or through custom development.
  Experts Plz advice.
  Rgds,
  Sekar.

  I have personally checked this,  as facing the same problem. AND THIS IS WORKING,  THANKS FOR THE INFORMATION.
  HOWEVER THERE IS ANOTHER SOLUTION ALSO.
  One can create an retirement action,  which has to be executed for all the employees going to retire during the year.
  system will calculate the gross and project the tax only upto the retirement date.
  if exttn is required you can also config the retirement-exten action in case of extension is carried out.
  Rather than touching the standard scheme this is the best way I know?  you can also fetch the reports in the future with the help of standard reports.
  However, if anyone is having any PCR idea, that is also welcome.  Do give me a helping hand by share the same.
  Edited by: virparkash on May 23, 2011 1:19 PM

• E-Recruiting 6.0: Business Partner Role For Branches

  Hi Experts,
  In the IMG, SAP E-Recruiting > Basic Settings > Enterprise Structure > Define Business Partner Role for Branches
  Can anyone help in the following:
  1) What is the purpose of Business Partner Role and how does it relate the Branches? Or how can i make use of it?
  2) If i am going to maintain the Company & Branches via the Administrator function instead of IMG, do I still need to configure this step: Define Business Partner Role for Branches
  Thanks.  Will reward points for any helpful tips.
  William

  Hello William,
  the Business Partner is an application / module which belongs to the base components of the SAP. It is used and partly extended by various other applications / modules. Next to E-Recruiting it is used for example by CRM and the financial service solution (FS-CS, FS-PM, FS-RI). All of these modules can put their data for a person or an organization into the same tables. Depending on the installation / system environment or even within one single module the requirements for available fields and business checks as on authorization differ between kinds of business partners (e.g. in FS-CS the commission solution for the financial service sector knows external agents and internal employees which have to be treated differently). The business partner is the element to assign the logical / business role in which a person is handled by the system.
  For E-Recruiting you have 2 kinds of business partners, too. On the one and there are people being candidates and on the other hand there are branches of your company which hire people. The configuration allows you to seperate them if you need to identify anywhen which business partner is a branch and which is a candidate. So far I never tried if this is really working as there is no real use for this I never set it up. The attributes and the business checks are the same anyways.
  Hope that helps a bit to understand the context
  Best Regards
  Roman Weise
  PS: please remember that you have to maintain the branches via administrator bsp application. Using the IMG entry won't work.

• Roles for Contact Person in MM-SUS Scenario

  Hi !
  When we create a contact person using the Create user option in SUS, we assign the roles to the contact person. These roles are basically the standard SAP roles for SUS. We have created Z-roles ( a copy of the standard roles) to restrict cetain txns for users and would like to assign these Z-roles to the contact person . How can we ensure that the Z-roles are displayed instead of the standard roles ?
  Regards

  Hi
  <u><b>Please go through these complete SUS-MM Configuartion detail links, which will definitely help  -></b></u>
  <u>Roles:</u>
  SAP deliver standard roles with authorisations, if You want to maintain your own go to transaction PFCG.
  There are two type of role:
  - single role
  - composite role - (one or more single roles)
  To roles You can assign transaction codes, reports, URL links, etc. SAP System automatically creates the authorisations that you can set on Authorisations tab page.
  <u>Authorisation:</u>
  Authorization profiles must be generated before you can assign them to users. An authorization is generated for each authorization level in the browser view, and an authorization profile for the whole role as represented in the browser view.
  Re: Clarifications on EBP-SUS and MM-SUS Scenario
  Re: Cancellation from SUS hangs in XI interface
  Re: Vendor Replication in SUS scenario
  Re: SUS-MM for service items
  Re: Central Person already exists
  SUS and Central User Admin
  Re: User roles.
  <b>Please look at following links for Roles and Authorizations </b>
  <u>Links for user roles:</u>
  http://help.sap.com/saphelp_nw2004s/helpdata/en/52/6714b6439b11d1896f0000e8322d00/content.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/42/271d24d86211d2961a0000e82de14a/content.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/e4/15e48efd6c11d296430000e82de14a/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/d3/559a4271c80a31e10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/4e/52b74065448431e10000000a1550b0/frameset.htm
  <u>For profiles and authorisations:</u>
  http://help.sap.com/saphelp_nw2004s/helpdata/en/52/67151e439b11d1896f0000e8322d00/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/20/efcbfed8a511d397110000e82de14a/frameset.htm
  Regards
  - Atul

• Error during create CR for MDGC "Enter a relevant role for creation of customer master data"

  Hello Experts,
  I am unable to create a Customer CR in 'MDG 6.1 Customer UI' , the UI throws an error saying "Enter a relevant role for creation of customer master data".It looks like it is expecting me to mention the BP role ( like FLCU01 Customer or FLCU00 FI Customer ) , but I don't see that BP role section in the Customer UI to mention .
  While creating the vendor CR  , I am able to enter the BP role ( like FLVN01 vendor or FLVN00 FI Vendor ) in the UI BP Role section.
  Following are the UI's for Customer and Vendor
  Customers BS_OVP_BP: BS_OVP_CU > OVP: BS_CU_OVP - I do not see BP role section here.
  Vendors BS_OVP_BP: BS_OVP_SP > OVP: BS_SP_OVP - This is working fine  , I see BP role section here.
  Please advice what I am missing here , what should I do for the successful CR creation . Should I change the UI for Customers or do I need to do anything in CVI configuration.
  Thanks,

  Hi Abdullah,
  You were right in the first place the UIBB is missing  , the UIBB 'Role' was present in the 'Search Customer' page but not available in the 'Create Customer CR' page , so I created the 'Role' UIBB again and was able to create the CR now . Not sure how it got deleted in the first place , is there any options where we reset the UI screen to the default initial configuration
  But after approving the CR , only the Business Partner BP is getting created and the Customer is not getting created . Not sure what might be the issue now. Is there any config that tells to automatically create customer when BP is created. I was able to create Vendor using the create Vendor CR before.
  Thanks

• More than one role for a clip.Is it possible?

  Is it possible assign more than one role for a clip?
  thx

  Only one video role, only one audio roll, per clip.  Only one as these are "Media Stems", and when you work with Stems, only one roll per asset video, one per asset audio.

• Hello Mac Friend, do you have any idea the compatible of 1333Mhz 16GB ecc module for MacPro late 2012 ?

  Hello Mac Friend, do you have any idea the compatible of 1333Mhz 16GB ecc module for MacPro late 2012 ?

  You can spend months developing the expertise to choose exactly the right modules for a one-off purchase of RAM for your Mac.
  Or you can deal with a Mac-centric Vendor who already knows this information and will provide the correct modules for your exact model Mac, and stand behind them, for about the same price. Deal with Vendors who say:
  "It works in your Mac,
  or your money BACK."
  In the US, OWC (at MacSales.com) provides good support
  Many readers recommend crucial, I personally do not.
  I do most of my business with DataMemorySystems.com, as they tell you exactly what they are sending and have slightly better prices than OWC.
  If you are in another part of the world, please respond with what markets are available to you and readers can make additional recommendations.
  EDIT: 16GB DIMMs for this Mac are Registered DIMMs, and are subject to special rules:
  They do not mix with other sizes AT ALL.
  At most 3 modules of this size can be installed on each SIDE (6 total on the 8-core and 12 core)

• Help Required in Authorization Roles for Workbooks

  Hi All,
  In our project, we have a requirement of creating a role for users with below authorizations.
  1.     Can display and execute the workbooks in the role menu.
  2.     Can create copy workbooks ( Save as) in the role menu.
  3.     Can not delete the original and the copy workbooks from role menu.
  We are using an authorization object S_RS_FOLD with u2018FALSEu2019 for restricting the user from deleting workbooks.
  We also need to add one more object S_USER_AGR (without u2018Deleteu2019 property) to give the authorization of creating copy workbooks in the role menu.
  Object S_RS_FOLD this is working fine without S_USER_AGR. But after adding S_USER_AGR (without delete property), user is again able to delete the workbooks.
  So how can we achieve both the functionalities where user can not delete the workbook but can create copy workbooks in the role menu.
  Thanks,
  Sachin

  Re: Adding report (query & workbook, templates) in roles
  Go through this thread.
  And in our Project we have created one role for accessing workbooks. in that end user can access the work book but saved one and user cannot resave or delete the work book.
  we have added Auth objects S_TCODE and S_GUI.
  in S_TCODE we have added RRMX and in S_GUI we have given 60(IMPORT) access to the users.
  So that they can just share the workbook. nothing else can be done.
  Try like this. Hope this would help you.

• Portal Run time error when created a seperate role for Transport package.

  Hi Experts,
  I have created a seperate role for Transport Package(import/export iviews).
  Normally we have transport package functionality in system admin.
  Below steps i followed for creating the new role(trans admin)
  1.Copied SAP provided system admin role to a seperate folder.
  2.Deleted reamining portal objects(like UWL, portal display etc ..) except transport packege workset.
  3.Renamed the role to trans admin.
  I have assigned that role to my self, it is working fine to me when i clcik on export and import.I have super admin role.
  when i assign this role to some portal users, Export is not working.
  when user clicks on Export role they are getting below error.
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : N/A
  Component Name : N/A
  Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.appdesigner.contentcatalog/components/Framework).
  Exception id: 12:10_31/08/09_0031_21763550
  See the details for the exception ID in the log file
  By looking into exception iD also, same error access denied it is showing.
  Please Advice.
  Thanks
  Sony.

  Hi Raghu,
  Thanks for the reply.
  I have given full permissions to all users to this trans admin role before itself.
  Thanks in advance.
  Sony.
  Edited by: ambica sony on Aug 31, 2009 1:53 PM