SAP Learning Journey

Managing Users Access Rights

Objectives
After completing this lesson, you will be able to:

After completing this lesson, you will be able to:

  • Define access rights to folders, diagrams, the dictionary, and dictionary categories

Managing Access Rights

This lesson describes how to define access rights to folders, diagrams, the dictionary, and dictionary categories. It also shows how to assign access rights to users and user groups. Select each tab below to begin.

Managing Users Access Rights

Practical Examples

Let's take a look at some practical examples on access rights based on folder structure and user groups. It's best to first decide on the folder structure before you begin to manage users and their access rights.

Choosing the right structure

Best Practices for Managing User Groups

When dealing with a large number of users, the provided user group functionality allows you to manage access rights easily.

With groups, you can:

  • Effectively manage a large number of users
  • Define their access rights by creating a group for each organizational role
  • Set up a group hierarchy

This simplifies assigning access rights and feature sets to users. You can also grant both groups and users access to read, edit, delete, and publish diagrams on a folder-level. 

Note
BEST PRACTICE TIP: Depending on the folder structure and the access rights, it makes sense to nest user groups in order to grant different access rights on different folder levels.

Take a look at the groups' access rights below.

Both modeler groups are part of the group 'All Modelers' and have reading access to all folders and processes. Group A has an additional access right to edit processes in the public process folder, whereas the sensitive processes can only be edited by Group B.

Watch the video below to see how to grant folder access.

Note

Please note, the video below contains audio.

Limiting Access

When you grant access to a folder, users have access to the complete folder. Another possible approach is to  limit the access to specific folder content.

Watch the video below to see how to limit access to specific content.

Best Practice: Sandbox Setup 

Setting up a sandbox allows you to keep an organized and productive environment while still allowing multiple users to provide input. The sandbox approach can be used for both the dictionary and process repository. The steps for creating sandboxes in the dictionary are: 

  1. Create a sub category for a dictionary category (e.g. Sandbox Documents)
  2. In the user management tab, grant all users access to provide input
  3. Restrict access to the parent category, e.g. only give your process management team access to this

Do the same for folders to create a playground for your modelers or to enable Collaboration Hub users to create quick model processes as well. 

Recommendation: A dedicated team with global access rights should go over the sandboxes periodically to transfer the approved content to the parent folder or category.

Watch the video below to see an example how to set up your sandbox.

Below are the available access rights you can give to your users and groups. Select each of them to learn more.

Access Rights for Diagrams and Folders

Log in to track your progress & complete quizzes