https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649377#M878963 <HTML><HEAD></HEAD><BODY><P>from the info fiven i suggest to create a template (basis) role and derive that 100 times.</P></BODY></HTML> Tue, 08 Apr 2008 05:16:14 GMT Former Member 2008-04-08T05:16:14Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649376#M878962 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P> I have a single role called xyz ,i need to use that role around 100 organisation and also i need to filter according to their respective organisation.How is it possible.Kindly recommmend a solution.</P><P></P><P>Regards</P><P>sekar.</P></BODY></HTML> Tue, 08 Apr 2008 03:37:25 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649376#M878962 Former Member 2008-04-08T03:37:25Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649377#M878963 <HTML><HEAD></HEAD><BODY><P>from the info fiven i suggest to create a template (basis) role and derive that 100 times.</P></BODY></HTML> Tue, 08 Apr 2008 05:16:14 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649377#M878963 Former Member 2008-04-08T05:16:14Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649378#M878964 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P>Please use the base role derived concept where in Base role will have org values as * and dervied roles will have your defined org values.</P></BODY></HTML> Tue, 08 Apr 2008 09:35:31 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649378#M878964 Former Member 2008-04-08T09:35:31Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649379#M878965 <HTML><HEAD></HEAD><BODY><P>&gt; </P><PRE><CODE><P></P><P>&gt; Hello,</P><P>&gt; Please use the base role derived concept where in Base role will have org values as * and dervied roles will have your defined org values.</P></CODE></PRE><P></P><P>The base/master/parent role does not need to have * as org values, lots of places leave them blank.</P></BODY></HTML> Tue, 08 Apr 2008 20:05:28 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649379#M878965 Former Member 2008-04-08T20:05:28Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649380#M878966 <HTML><HEAD></HEAD><BODY><P>I would agree with Alex.</P><P></P><P>I am not a fan of derived roles, but from that little bit which I do know this * would also "blurr" the fields which are OrgLevel fields from the others which you might have maintained as * because you don't want to use them as a control in your concept.</P><P></P><P>Or do OrgLevel fields have a special colour or some other identification in the master role?</P><P></P><P>Cheers,</P><P>Julius</P></BODY></HTML> Tue, 08 Apr 2008 21:21:40 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649380#M878966 Former Member 2008-04-08T21:21:40Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649381#M878967 <HTML><HEAD></HEAD><BODY><P>Yes u r correct, org values can be left as blank.There is no separate color for org values in Master Role..</P><P>Julius i am not sure why are not fan of derived role concept as this is widely accepted concept in terms of security....</P></BODY></HTML> Wed, 09 Apr 2008 05:09:19 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649381#M878967 Former Member 2008-04-09T05:09:19Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649382#M878968 <HTML><HEAD></HEAD><BODY><P>Hi Anil,</P><P></P><P>Derived roles are widely accepted, as are composite roles and having manual &amp; changed status authorisation objects. It doesn't necessarily mean that they are the right thing to do. Sure, there is a time and a place for them (when we are <EM>only</EM> deriving at Org Level - quite possibly this scenario) but they can cause plenty of problems if used to support a design which doesn't lend itself to this technique.</P><P></P><P>Cheers</P><P></P><P>Alex</P></BODY></HTML> Wed, 09 Apr 2008 06:23:02 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-autorization-object/m-p/3649382#M878968 Former Member 2008-04-09T06:23:02Z