You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

This article outlines on how to handle a User Creation request from the users.

Identifying the Tickets :

When the users fills in the Qualtrics form a ticket is automatically created in the Freshdesk with a proper template. The WBP and WBQ user creations come to us only through this form. When through this, the user asks for a creation of the user in the ticket, then it can be identified as a User Creation. Alternatively, when the user does not exist in the system and the access has to be given to the user through the form, then it is considered as a User Creation. These tickets have all the accompanying information like User Name, Manager Name, Applications, Reference User, etc. Below is an example of how the ticket may look like.

 

 

(The template has more fields which have not been showed in the above screenshot)

 

Important

We do not cater to any User Creations or User Modification requests for the WBP and WBQ system without the proper form. If the user creates a ticket without filing in the form, ask the user to fill in the form by providing the link and Resolve the existing ticket.

Approvals :

 

With the new BW approval process, we do not need to take any approvals. The approvals are granted or rejected as the part of the workflow when the the corresponding Business Roles are added in the IDM.

 

Providing the Access :

 

  • Firstly, we need to check whether access is to be given for ticket creator or other person. If it mentioned that it is only myself then we have to give access for requester of the tickets only or else the other users will be mentioned. Here, we should also check if it is for WBP or WBQ system. We should not proceed without the WBP form as stated before. If user creates the BW ticket without the above screenshot form then we have to ask user to fill in WBP form and resolve the existing ticket.



 

  • After this, we have to check whether user exists in IDM or not. If exists we should proceed with the ticket. Otherwise, we should get back to the L0 team to check when the user will be available in the IDM and then proceed.

 

 

  • Now, we should select the "User Management CGI" button and a new window opens up. In the HCM Data Tab, we have to check if the Manager Name exists. If not, we have to send the ticket to IS SD Authorization Team asking them to maintain the HCM Data. Manager Name is very important to perform these requests because the workflow involves the corresponding manager approving the Business roles which we add to the user.

 

 

  • Now, coming back to the ticket, user will provide either applications to be added or provide applications name directly in the ticket. If user provides application name (as shown below) directly then we have to go for BW Catalog of Roles Sheet.



 

  • In the BW Catalog of Roles, there are 3 types of roles : Menu Roles, Application Roles and Perimeter Roles. Application Roles and the Menu Roles together combine to make up the Business Role for a particular application.

 

  • For example, if the user asks for WCAP Working Capital Application, then we need to filter and search for the WCAP application in the BW Catalog of Roles sheet to obtain the same. We can see the corresponding Business Role for the application which we will add in the IDM "Roles" Tab.

    Business role - ROLE:BUSINESS:PR: BW Applications - RTR - Working Capital (WCAP) - *

 

 

  • For few applications (as above) we should provide the role according to the GBU and in the other cases, we can assign them directly. We can differentiate whether it is GBU specific by checking the asterix at the end of a Business Role. eg. WCAP Business Role as shown above. The example for the Non GBU Specific Business Role can be seen below : ROLE:BUSINESS:PR: BW Applications - RTR - Overdue Vendor Invoices (FIAP)



  • If user belongs to Special Chem GBU then we have to select the roles as per the GBU.

 

  • After this, we have to press on Add Button  then a small box will be popped out, in that we have give ticket number, GBU details, Role of user and Purpose of Application.

  • If user provides reference user then we have go to SAP account of user and find what Reference User is having. Compare them with user and provide what user is not having.

 

 

  • We should check whether user is having access in the WBP system already or not. If not, we should assign the applications asked or the roles reference user having in the IDM.

  • After adding the required Business Roles, we have to provide Perimeter Roles. Perimeters are attributes like Company, Plant, Family, GBU, etc. These perimeter roles can be found in the ticket itself and then we need to find out the accurate Perimeter Role through the SUIM Transaction.

 

 

  • With respect to the Application, we have to find out which Perimeter roles have to be added for the access. In the Catalog of Roles, the right side of the sheet contain all the Perimeter Roles. The corresponding column cells which have 'X' or 'TOUT' should be added for that particular application.

 

 

  • After this, we should find the proper role using the SUIM transaction as shown below.

 

 

Information

If user needs all Perimeter access then we should put TOUT in the place of star. eg. ZR_*_CA_P05 for all GBU access will be ZR_TOUT_CA_P05.

 

  • Once we are done with all the above steps, we should forward or transfer the ticket to Soonaik.Wee (IS SD Authorization team) putting ourselves in the Watch list and ask him to follow up on the approval process.

  • Finally, after the roles are approved we should inform the user and if the user needs password reset then provide the same to the user.

 

We have now finished the request for the User Creation of a new user or existing user in the WBP and WBQ system.

 

 

  • No labels