Assingment of roles to taks group fails

Tue Mar 11 13:22:49 EST 2003

Hi Jeroen,
Thanks for that - it is in fact security roles we're having a bit opf a
battle with. Though oddly enough it does describe similar behaviour.
Basically any 'second-hand' relationships get lost. (Task -> Taks Group
-> Security role -> Users).

For the moment we're assigning security roles directly to tasks and that
seems to work, but I'm still keen to find out the details one of these
days...

Thanks again,
Cheers
Mike

On Tue, Mar 11, 2003 at 04:29:18PM +0100, Van der Burg, Jeroen JA SITI-ITPSEE wrote:
> Hi all,
>
> Mike: there are quite a few issues with workflow task authorisations. Not sure if this is your problem, but I have had a problems with derived role functionality. Inheritance is fine from the authorisation role point of view, but due to an ommission it does not work from workflow (making derived roles completly useless for defining possible agents). See note 533931 which resolves the issue. Hope that the reading of the task groups has not also been forgotten in the WF authorisation checks (currently working on implementing that on our production system as well).
>
> Sunni: you can assign TG's to roles and derived roles using expert mode for object assignment (transaction PP01) but this requires you to open up maintenance of the relationship through the relationship customising in OM as this is not the case by default.
>
>
>
> Regards,
>
>
> Jeroen
>
>
>
> -----Original Message-----
>> From: Michael Pokraka [mailto:workflow at quirky.me.uk]
> Sent: 11 March 2003 15:20
> To: SAP-WUG at MITVMA.MIT.EDU
> Subject: Re: Assingment of roles to taks group fails
>
>
> Hi,
> Thanks for your feedback, that note is quite useful. You're problem
> sounds familiar, though I can't remember if/where I've seen that
> before...
> The problem we're having is that the assignments are there (TG has Role
> assigned), but it will not find any agents attached to the role. They do
> exist, I can see them in other ways, but it just won't resolve users in
> workflow.
>
> Cheers
> Mike
>
> On Tue, Mar 11, 2003 at 10:20:57AM +0000, Sunni sunni wrote:
> > Hi Mike
> >
> > I have the same problem at the moment.
> > In Dev I was able to assign my task group to a role (PFCG) and the theory
> > works correctly, but in QA I am unable to do this.  We transported the role
> > to qa with the task group, but in QA the workflow tab is empty.
> > Furthermore, we opened up the QA system and tried to assign it directly
> > butthe system still does not attach it.  Also the system does not let me go
> > into the task and assign the role their or even agents.
> > I'm working on 2 workflow templates, 1 standard and 1 custom.  For the
> > standard, I have built a validation on the agent we select (before workflow
> > starts) for the workflow, and changed all tasks in the workflow to 'general
> > tasks' - since in QA I can change the attributes of the task. For the
> > custom,i'm still looking for a solution.
> >
> > I suspect that there is some config missing (PD??). I've found an OSS note,
> > OSS Note 138411, maybe this will help, keep us informed as to how you get
> > on.
> >
> > Cheers
> > Sunni
> >
> >
> >
> >
> > >From: Michael Pokraka <workflow at quirky.me.uk>
> > >Reply-To: SAP Workflow Users' Group <SAP-WUG at MITVMA.MIT.EDU>
> > >To: SAP-WUG at MITVMA.MIT.EDU
> > >Subject: Assingment of roles to taks group fails
> > >Date: Mon, 10 Mar 2003 18:25:54 +0000
> > >
> > >Hi all,
> > >We are encountering a lot of difficulty in assigning security roles to
> > >task groups:
> > >The theory is that one can assign a role to a task group, and a task that
> > >belongs to the group has all the agents that posess that role.
> > >This works in Dev.
> > >Moving on to QA, it doesn't. I'm almost certain that it's an
> > >authorization issue, but after lengthy searching I've been unable to
> > >come up with where. The 'maintain agents' dialog box doesn't return
> > >anything useful from an auth check. Been debugging RH_TASK_AGENTS_SHOW
> > >until I can recite it backwards (well.. not quite).
> > >Plan version is set to 01 on all systems, customizing is complete.
> > >If it is indeed authorization - does this mean that all agents have to
> > >have authorization to interrogate security roles?
> > >
> > >Has anyone used this before and come up with anything similar?
> > >Any input appreciated,
> > >Cheers
> > >Mike
> >
> >
> > _________________________________________________________________
> > Use MSN Messenger to send music and pics to your friends
> > http://messenger.msn.co.uk