Dear colleagues,
I have had this challenge for a couple of years already and I am assuming that other mid-size implementations have this as well.
Problem description:
Based on the functional area and entity defined in a given role, it is always possible to assign a number of users in SAP. However, in mid-size organization, maintenance of several roles with identical transaction assignments is a significant challenge. I initially thought that it might be possible to assign the restrictions based on profile parameters. However, this doesn't seem to be effective.
As an example, if I have 5 regional controllers (all having same t-codes), I would have preferred to create one role Z_RG_FI_CONTROLLER and assign the users to the role above. While creating/updating the user account(s), I would have assigned the BUKRS to the relevant users (0011, 0012, 0013, etc). Please note that I am not interested in creating Z_0011_FI_CONTROLLER, Z_0012_FI_CONTROLLER, Z_0013_FI_CONTROLLER etc.
I tried searching for notes but it seems we don't have any solutions in the space. Would anyone know of options to solve the challenge above?
Thanks and best regards,
Kaushik