cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Best practice for PFCG role assignment

former_member573387
Explorer

on ‎2018 Jul 12 4:40 PM

0 Kudos
788

Hi Experts,

Among the below two options which is a best practice

1) Controlling the authorizations in CRM by assigning PFCG roles to a Business role and assigning the business roles to the positions in the CRM org structure

OR

2) Controlling the authorizations in CRM by assigning the PFCG roles directly to the user id's

I know HOW to do for both the above options, so please don't reply with links on teh same. I just want t learn, which one is a best practice & why ?

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

jurjen_heeck
Active Contributor
‎2018 Jul 12 8:03 PM

Hi

I'd say it depends on your landscape.

If that's purely CRM you can use the org structure.

If it's mixed (with other SAP systems like ECC, BI etc) I'd stick to direct role assignments because that'll be used in the rest if the landscape. Using different assignment methods in one landscape may be confusing for your user administrators.

Jurjen

Show replies
Show replies
corrine_guan
Product and Topic Expert
Product and Topic Expert
‎2018 Jul 13 1:09 AM
0 Kudos

Hi,

the PFCG role assigned to a business role itself won't affect a user's authorization. It is used to tailor UIU_COMP authorizations which match the business role. Please refer to SAP KBA 2143627 for the detailed steps.

PFCG role won't influence the authorities until it is assigned to the users.

Here is a SAP KBA which explains it:

2320352 - Clarifications on the 'PFCG Role ID' in business role definition and authorization assignment

Best Regards, Corrine

Show replies
Show replies
Ask a Question