cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How do i configure my Access request with default role strategy

Former Member

on ‎2018 Feb 09 8:08 AM

0 Kudos
761

We have 30 business roles ( Composite roles ) in our landscape and 20 other non-SAP application roles (Shell roles created to leverage in MSMP workflow approval process). I would want to see that, when a new user request is raised with one of the business roles we have, the default applicable non-Sap roles be included directly in the access request at the time of submission.

I would want to tie up the business roles with applications roles using an 'identifier', so that application roles are added automatically in the request.

I would like to have these configured through parameters 2011,2012,2013. Awaiting your valuable ideas.

Thank you in Advance. 🙂

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

alessandr0
Active Contributor
‎2018 Feb 09 9:14 PM
0 Kudos

Siva,

I support Ken's statement. In case you need a solution to what you are trying to achieve, rather than using default roles you can start looking into Role Mapping as this might solve your problem as well.

Regards, Alessandro

Show replies
Show replies
Former Member
‎2018 Feb 09 3:08 PM
0 Kudos

Hi Siva,

Can you clarify what you intention is for the 20 other non-SAP application roles? It sounds like you want to populate a request with composite role A, which would then bring in shell-role B automatically using default role logic, and then route the request to a specific workflow path based on role B. Is that correct?

In this case, I would recommend building your initiator rule decision table logic around the composite roles themselves, instead of relying on the shell-default roles, because the shell roles are simply identifiers with no authorization within (and would not be needed for any other purpose). You can work out the decision table logic to evaluate the composite roles and point to the correct workflow path.

Give us some more context of your workflow path requirements and we can help think of the best solution.

-Ken

Show replies
Show replies
Ask a Question