User decision

[Dart, Jocelyn]

Hi Horst,=20
Be VERY VERY careful with this solution.
Yes, you can get a generic SAP user to execute the decision, and
you can restrict that userid's authorities to the absolute minimum,=20
BUT don't forget:
 
1) You will have NO RECORD of who made the decision in your workflow =
log.
You need to make sure that this is acceptable to your internal audit =
team.=20
Does the user decision even have any value if you can't guarantee it's =
been
done
by an appropriate user?
 
2) ANYONE who gets the mail can execute the decision.  It is so easy =
for
people to forward mails, or .cc people, especially when it comes to =
approval
 
scenarios where the approver may ask for input from a number of other
people. =20
One scenario - approver asks employee who made the original request for =
more
details
and happily forwards on the mail, resulting in employee able to approve =
own
item.=20
 
Even if it isn't an approval scenario THINK HARD about whether these =
sorts
of=20
situations are acceptable in your case.=20
 
You could also make the workitem available over the web (using the ITS)
instead=20
of by Outlook or Notes but it doesn't make security any better if you =
use=20
generic userids.=20
 
The safest way is to set up R/3 userids for each decision maker - =
discuss
this=20
with your SAP account manager as these can be minimum priced users if =
they
are=20
not going to logon via SAPGUI.  Also check whether you are on mySAP =
pricing
as
this is likely to make the extra users more affordable.   Check =
especially
what's
happening re e-commerce and SAP at your site.  I've had this question =
come
up=20
before at a customer site, and as soon as they realised they were =
planning
to=20
get ESS/Workplace, etc. anyway (where all employees would be given an =
R/3
userid anyway),
the userid issue went away as it became merely case of bringing the
agreement forward.
 
Regards,=20
        Jocelyn Dart=20
Consultant (BBP, Ecommerce, Internet Transaction Server, Workflow)=20
SAP Australia
Email jocelyn.dart at sap.com <mailto:jocelyn.dart at sap.com>=20
Tel: +61 412 390 267
Fax: +61 2 9935 4880
 
=20
 
 
-----Original Message-----
From: Kjetil Kilhavn [mailto:KJETILK at statoil.com]
Sent: Tuesday, 14 November 2000 5:36 PM
To: SAP-WUG at MITVMA.MIT.EDU
Subject: Re: User decision
 
 
Without a user ID you can't execute a work item, so either you have to =
use a
common user ID (not popular among security and revision people) or you =
have
to
fake it through a background logon with (the same) common user.
If you use Notes or another scriptable mail program you can send a =
message
and
get the decision there. Then you (well, actually the script of course) =
log
on
with a common user and modify the workflow container before creating a
terminating event for the workitem that sent the message.
I wouldn't recommend it for security reasons (password distributed =
etc), but
you
can limit those issues by restricting the rights of the user you log on
with.
 
A better solution could be to have an executable program (not a script)
handling
all the SAP interaction so the password wouldn't have to be distributed =
so
openly.
--
KjetilK
 
 
 
 
From:  Horst M=FCller <fis-com at fis-gmbh.de>@MITVMA.MIT.EDU> on =
13.11.2000
17:33
 
Please respond to "SAP Workflow Users' Group" <SAP-WUG at MITVMA.MIT.EDU>
 
Sent by:  SAP Workflow <Owner-SAP-WUG at MITVMA.MIT.EDU>
 
 
To:    SAP-WUG at MITVMA.MIT.EDU
cc:     (bcc: Kjetil Kilhavn)
Subject:  User decision
 
Hi,
 
we want to set up a user decision in a workflow. The user which has to
decide
has no SAP user. SAPconnect is already set up.
Is that posible. Any ideas
 
thanks in advance
 
 
Horst M=FCller
 
 
 
-------------------------------------------------------------------
Statoil: The information contained in this message may be CONFIDENTIAL =
and
is
intended for the addressee only. Any unauthorised use, dissemination of =
the
information or copying of this message is prohibited. If you are not =
the
addressee, please notify the sender immediately by return e-mail and =
delete
this
message.
Thank you.