Hierarchy
⤷ PA-PA (Application Component) Personnel Administration
⤷ PBAS (Package) SAP HR Master Data Application Development
Basic Data
Data Element | KENBE |
Short Description | Indicator for access authorization (from/to date) |
Data Type
Category of Dictionary Type | D | Domain |
Type of Object Referenced | No Information | |
Domain / Name of Reference Type | XFELD | |
Data Type | CHAR | Character String |
Length | 1 | |
Decimal Places | 0 | |
Output Length | 1 | |
Value Table |
Further Characteristics
Search Help: Name | ||
Search Help: Parameters | ||
Parameter ID | ||
Default Component name | ||
Change document | ||
No Input History | ||
Basic direction is set to LTR | ||
No BIDI Filtering |
Field Label
Length | Field Label | |
Short | 10 | Acc.auth. |
Medium | 15 | Access auth. |
Long | 20 | Access authorization |
Heading | 2 | AA |
Documentation
Definition
The Access auth. (access authorization) allows you to define the time period during which an HR: Infotype can be accessed.
When you access infotype data for a particular person (employee or applicant), the system reads his/her organizational assignment and the work area (infotype, subtype and authorization level). (Also read the documentation on authorization objects HR: Master data and HR: Master data - extended check ). Each infotype will generally have records with different validity periods. One person may also have different organizational assignments (Organizational Assignment infotype (0001)) over a certain time period. If different administrators (users) are responsible for these organizational assignments, this is taken into account when the authorization for a specific infotype validity period is checked.
If you do not set this indicator (initial value), the administrator is authorized to access the infotypes if the person had, has or will have an organizational assignment which, in accordance with the authorization profile allows him/her to access this data.
If you set this indicator (X), the authorization check depends on the current (system) date.
To simplify matters, the term 'period of responsibility' will be used in the following. If, during a particular period, a person has one (or more) organizational assignment(s) for which the administrator is responsible according to his/her authorization profile, then we refer to the entire validity period of this(these) organizational assignment(s) as the 'period of responsibility'.
There are three different cases.
- The period of responsibility begins in the future.
If the administrator has write authorization for the infotype/subtype, this is valid for all infotype records whose validity period is within the period of responsibility. Read authorization is valid for infotype records which do not extend beyond the end of the period of responsibility.
- The period of responsibility begins before the current date. Its end date is no more than a fixed number of days before the current date
In this case, write or read authorization is valid in all periods. There are no time restrictions on the authorizations of the administrator for the relevant infotype records.
The tolerance period enables the administrator to access infotype records that he/she was previously responsible for even if his period of responsibility has changed. You set up client-specific tolerance periods during the HR: Authorization Main Switch transaction.
- The period of responsibility ends in the past. The end of the period of responsibility ends before the current date even if the tolerance period is taken into account.
In this case, the administrator does not have write authorization. Read authorization applies to infotype records which are not valid beyond the end of the period of responsibility.
History
Last changed by/on | SAP | 19960103 |
SAP Release Created in |