- Step 1: Make sure you remove each of the users (tclint, M4J) from the role to which proxy permissions have been granted:
a. For example: Role "RTEST" has proxy permissions granted
b. Group "GTEST" has this role (RTEST) associated with it and M4J belongs to GTEST"
c. Then you need to do either of the following:
--> Remove M4J from the group GTEST and/or remove proxy permissions from the role RTEST.
- Step 2: Create a role "SuccessFactors Admin 2ndary", give the permissions as follows:
a. Proxy management and any other permission as desired
b. Also "Proxy" permissions only to view – Please see below the screenshot
- Step 3: Create two groups as shown below and follow the steps accordingly -
- The group below should include only secondary administrators (who should not be able to proxy in as super admins) as shown below -
- 2.Assign the role we created to the group above as shown in the screenshot below
- 3.Create another group “all except admin”, make sure in the people pool you include everyone. But in the people pool to exclude, make sure you add the super admins as shown below:
- 4. Assign the same role (SuccessFactors Admin 2ndary) to this group as well.
- 6.Setting target population to the role "SuccessFactors Admin 2ndary" as follows:
KBA , sf admin tools , sf how to , sf rbo , sf user , sf restrict , LOD-SF-PLT , Foundational Capabilities & Tools , How To
SAP SuccessFactors HCM Core all versions