cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Business Role creation

Go to solution
EtienneJacquet
Participant

‎05-13-2019 8:24 AM - edited ‎02-03-2024 7:42 PM

0 Kudos

Hello,

Do you know if there is an easy way to create restricted roles in S/4HANA Cloud?

We are currently doing a roll out for 22 entities at once. We have an average of 30 roles per entities, which represent 660 roles to create. As it is a manual process by copying existing roles and doing the update, it is highly time consumming and with a significant risk of mistake.

Is it a strong limitation of the toll or is there any way to manage it in a easier way than manually 1 by 1.

Kind regards,

Etienne

Show replies
Show replies
former_member134071
Explorer
‎03-12-2021 7:52 AM
0 Kudos

Dear Etienne,

We are also facing the same situation. Have you find a way to create the derived roles and then to update the restrictions in mass for the derived business roles in the S/4 HANA cloud system?

Thanks

Sindhu

Answer

Accepted Solutions (1)

Accepted Solutions (1)

Feras_Al-Basha
Product and Topic Expert
Product and Topic Expert
‎05-13-2019 1:01 PM
0 Kudos

Hello Etienne,

Currently the identity and access management functionalities are not supporting a mechanism to allow maintaining complex restriction relationships such as for instance traditional derived roles. That said, please find the below blog aimed to reduce the manual effort for your task at hand as this approach would allow to you create and update roles and assignments in mass:

https://blogs.sap.com/2019/02/11/mass-maintence-of-segregation-of-duties-in-sap-s4hana-cloud/

Hope this helps,

Thank you,

Feras

Show replies
Show replies
former_member134071
Explorer
‎03-12-2021 7:51 AM
0 Kudos

Dear Feras,

We have nearly 50 master business roles to be created in S/4 HANA Cloud and derived roles are expecting to be nearly 1000+ roles ( 50*21 = 1050). We are facing challenges in creating all these 1000+ derived roles manually in the system as it is time-consuming and involves manual creation of roles.

I have already gone through the blog Mass Maintenance of Business Roles in SAP S/4HANA Cloud, but again this suggestion also leads to creating more number of files as the same as the number of derived roles.

Does anyone come across this situation? Do we have any provision to automate or doing mass derived roles creation in the S/4 HANA cloud system?

Thanks

Sindhu

Answers (1)

Answers (1)

EtienneJacquet
Participant
‎03-12-2021 8:27 AM
0 Kudos

Hello,

Indeed, there is no good way to manage it in the current version.

The solution you have are:

  • Use leading restriction to facilitate manual creation
  • Building a specific tool to generate derived roles with correct restriction

For sure, role management is still a painfull area.

Kind regards,

Etienne

Show replies
Show replies
former_member134071
Explorer
‎03-12-2021 8:32 AM
0 Kudos

Hello Etienne,

Thanks a lot for your prompt response! Much appreciated.

Yes we are currently using "leading restriction" to minimize the manual updation of org. fields in the same derived role.
But we also parallelly looking for a way to derive roles (creating derived roles and to maintain different org. values in each derived roles created) in mass.

Thanks

Sindhu

Ask a Question