Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

migration options...

Former Member

‎2008 Jul 11 7:26 AM

0 Likes
620

Hi ...

In the Security migration we have three main options 1) Direct user assignment 2) Create new profiles 3) Extend existing profiles

What are the advatages and disadvantages (if any ) useing these options.Can any one explain in detail...

B.K

Edited by: B.K on Jul 11, 2008 1:27 PM

4 REPLIES 4
Read only

Former Member

‎2008 Jul 11 11:43 AM

0 Likes
593

Are you sure that you need this many questions all relating to authorization migrations?

Please ensure that you do not duplicate post, as this is against "the rules".

Cheers,

Julius

Read only

Former Member
In response to Former Member

‎2008 Jul 11 12:02 PM

0 Likes
593

I did not post the questions twice....Past just happend once..

yes ..i need the information ...my present work on the security...iam faceing the upgradation first time..

B.K

Read only

former_member74904
Contributor
In response to Former Member

‎2008 Jul 11 12:51 PM

0 Likes
593

I personally think there's no such thing as (dis)advantages for either of the three options. I think it merely depends on what the current concept of the upgraded system is all about.

in some cases, when you agree that analysis authorizations (and assignment) will be maintained directly in RSECADMIN it may be a good idea the go for option #1 (direct assignment).

to decide whether to create new profiles or to 'merge' them into existing profiles, you can ask yourself if either one of those option helps you as far as assignment and/or administration is concerned.

take care,

dimitri

Read only

Former Member

‎2008 Jul 11 2:55 PM

0 Likes
593

Hello B.K.,

From my point of view, if using migration I believe the better option is the 3).

1) Direct user assignment

Here you have a direct assignment to the users in RSECADMIN. If changing the authorization, you're changing it to all the users that are assigned.

2) Create new profiles

Here you're gonna create new profiles and assign them to the users.

3) Extend existing profiles

Here you're keeping the profiles the users have and assign to those profiles the new authorizations, therefore assigning indirectly also the new authorizations.

The second one you'll have two profiles to maintain (the old ones that already existed and the new ones), so I believe it's not so good.

The third one you'll have in a single role the old objects assigned and also the new ones assigned in the object S_RS_AUTH which is better to see the relations between them, e.g.:

you have an object called Y_XPTO that was created for 0COMP_CODE and you have in a role Y_XPTO = 001. After the migration with enhance existing profiles you'll have that same assignment in the role but also an assignment to S_RS_AUTH with for example the value Y_XPTO00. In rsecadmin you'll see that Y_XPTO00 is created for the value 0COMP_CODE EQ 001.

So I believe is the better option to compare the authorizations before and after migration.

Create posts like these in Business Intelligence instead of Security.

Diogo.