Академический Документы
Профессиональный Документы
Культура Документы
Defined
HR Structural Authorization permit access to personnel
data based on the users position or span of authority
within the organizational structure.
Structural
General
Authorization
Authorization
Org, PD,
TEM, Quals
Personnel
Admin
TC: OOSB
TC: PFCG
Structural Authorization
High Level Process
Configuration &
Switch Settings
Evaluation Path
Determine Root
Org Unit
Create Structural
Authorization
Profile
Link Structural
Authorization
Profile
to User Id
PA/PD Integration
Turned
On
(POLGI/ORGA)
Structural
Authorization
Activated via
(TC: OOAC or
T77S0)
Evaluation Paths
Maintained
(T778A/
V_T77AW))
Structural
Authorization
Waiting Period
(TC: OOAC or
T77S0)
SAP User ID
linked to PA via
IT0105 Record
Organizational
Structure
Developed
Dynamically
assign
Root Org Unit
(Function Module)
Structural
Authorization
Profiles
Developed (TC:
OOSP or T77PR)
Manually
assign
Root Org Unit
Dynamically
Organizational
Structure
(Org Unit/Position)
Structural Auth
Profiles
Linked
PD Object
(IT1017)
SAP Program
RHPROFLO
Executed
Employee Record
assigned
IT0001
Manually
Execute Reports to
Optimize
Performance
User Access
Restricted
Based on Org
Structure
Structural Authorizations
Activated
Change from 0 to 1
TC: OOAC
T77S0
4.6 and
below
Structural Authorizations
Activated
4.7
Structural Authorizations
Waiting Period
IT0001
Evaluation Paths
Use SAP standard evaluation paths
SAP standard function modules read
delivered evaluation paths
Create customer defined evaluation paths
Customer defined function modules
specify customer defined evaluation paths
Evaluation Paths
T778A
V_T77AW
Screen # 2 T77PR
When Function
Module is
being used,
leave Object
ID field Blank
RH_GET_MANAGER_ASSIGNMENT:
Determines the root org unit object to
which the user is assigned as Manager
via the A012 chief relationship.
(Supervisor)
Screen # 2 (Continued)
Auth Profile: Select profile for pop-up box
No.: Enter Line/Sequence/Interval numbers 5, 10, 15
etc.
Plan version: Enter active plan. Ex. 01
Object type: Enter object type end user will be
authorized to change or display (O Org Unit, S
Position, C Job, P- person, and any customer defined
objects)
Object ID: If assign root org unit is being used, enter
org unit id value. If you are using function modules to
dynamically determine the root org unit, leave this field
blank
Maintenance: If checked, maintain authorization is
granted for object type, if uncheck, only display
authorization granted.
Evaluation Path: Enter evaluation path defined
inT77UA
Screen # 2 (Continued)
Status vector: Planning status authorization
1 Active
2 Planned
3 Submitted
4 Approved
5 Rejected
To grant access to Active and Planned status(s) enter
12
Screen # 2 (Continued)
Time period: Restrict access based on the
validity period of the org structure.
D Current Day
M Current Month
Y Current Year
P Past
F Future
Function module:
Leave this field blank if root org unit is defined in
field Object id
Determine the root org unit using SAP standard or
Customer defined function modules
Screen # 2 (Continued)
Add multiple rows in this table for all PD
objects the structural authorizations are
permitting to change and/or display
Screen # 2 T77PR
RH_GET_ORG_ASSIGNMENT
Screen # 2 T77PR
When Object
ID is being
used, leave
Function
Module field
Blank
T77UA auto
populated by the
RHPROFL0
program
Optimize Structural
Authorization Performance
Manually enter user ids in T77UU User Table for
Batch Input. Stores user id in SAP memory
(T77UU). Not recommended.
Dynamically add/remove user ids in T77UU
executing program RHBAUS02 based on the
number of objects.
Execute nightly program RHBAUS00 to
regenerate indexes saved in table INDX.
Indexes regenerated and saved in table INDX
ODD note 836478 dated 4/21/05: Display Index
Report: RHAUTH_VIEW_INDX
Congratulations !
You have completed the configuration of
structural authorizations.
Do not know of any method to trace
structural authorizations
Test, test user ids for both structural
authorizations and PA/PD authorization
assigned to roles in TC: SU01.
Reporting Considerations
Customer Defined Reports: Use HR Macros in
your custom program to engage structural
authorizations from the LDB. If LDB is not being
accessed, need to code structural authorizations in
program
SAP Standard Reports: There may be some
circumstances you do not want structural
authorizations checked. Copy standard reports and
remove authorization checks.
Lessons Learned
Keep in mind, users with new structural
authorizations will not be effective until
next day if RHPROFLO is ran nightly.
Remember to assign Authorization Groups
to customer defined z-tables in order to
maintain in Production client.
Assign all end users structural
authorizations.
Questions ?
Contact Information
kenneth.p.bowers.jr@saic.com
864-940-7282