We just updated our S3 Test environment to ESP 10.0.9 and MSP 10.0.7 and unfortunately, ESP9 includes new code within security to only allow one-to-one relationships on any “agent”-type service identities, such as Prodline_EMPLOYEE and Prodline_REQUESTER. The system no longer allows one-to-many relationships within Manager Self Service (MSS) and Requisition Center (RQC).
At our company, members of our management staff that oversee a large number of employees have a “support” person that is given limited access to MSS to update credentials and enter personnel actions on the manager’s behalf. The support person has a separate network login (ie. bsc13) with a separate RMID record within Lawson Security with limited security access to MSS. Their Manage Identities tab for the Prodline_EMPLOYEE service for this special login is pointed to the manager’s employee number. This means that we have 2 RMID records pointed to the same manager number within Prodline_EMPLOYEE – one RMID for the manager to log in themselves with full access to ESS MSS and RQC and another RMID for the support person to log in with their special login with limited access to MSS only. With our recent upgrade, this setup is no longer allowed. Basically, we can only have one RMID record attached to that manager’s employee number.
>>> We are curious if other companies follow this same process to give proxy access to support staff for MSS and if not, how do you handle shared access for those managers that don’t have time to handle these tasks themselves? Note: we have this same problem in RQC. We may have 5 employees that can order supplies for a specific group of departments – all 5 employees would be attached to the same requester number within Lawson security under Prodline_REQUESTER. With ESP9, this setup is no longer allowed.
