LMS Permissions

SAP SuccessFactors Learning Permissions

The permissions in SuccessFactors LMS learning are a bit different from the Bizx ones. Here the main concepts at a glance.

Roles work as Bizx “permission roles”, from here you can set the permissions. Additionally, they work with Domains. The permissions set in the Role are granted to the people/objects that also belong to that DOMAIN.

Every implementation has a PUBLIC security domain, which is available to all Roles, no matter on which domain are configured.

How to access to the Roles configuration?

How to assignt the Roles

PUBLIC Domain

Every implementation has a PUBLIC security domain, which is available to all administrators.

  • When implementing SuccessFactors Learning you start with a security domain called PUBLIC.
  • This domain is available to all administrators and all administrators are responsible for the security of data in the PUBLIC domain.
  • It exists outside any other domains or hierarchy that you create.
  • A common practice is to use PUBLIC like a network share

Admin Role Management – Permissions (Workflows)

Roles defines what an Admin can do to the data stored in the domain that the admin has access to. They consist of workflows – the combinations of functions (actions) and entities that grant system rights.

SAP SuccessFactors Learning Security Domain Restrictions

A domain restriction is a list of domains that an administrator role should be allowed to access.

A domain restriction restricts administrators’ access to a set list of domains (plus the PUBLIC domain). For example, you can create an Americas domain restriction that includes North America and South America. Administrators in roles with the Americas domain restriction can access records in the North American and South American domains. You can also create a Europe, Middle East, and Africa (EMEA) domain restriction that includes the Europe domain, the Middle East Domain, and the Africa Domain. Administrators in roles with the EMEA domain restriction can access records in the European, Middle East, and African domains.

Best links

https://me.sap.com/notes/2783840/E
https://help.sap.com/docs/successfactors-learning/defining-roles-for-sap-successfactors-learning/sap-successfactors-learning-security-domain-restrictions

FAQ

I have assigned a Role domain to an admin, but he/she still can view everyone’s profile.

Usually this happen because all the users are assigned to PUBLIC domain.

For examp,le you create a GERMANY domain, and assign this domain to a certain group of managers. Those managers will have access to the the PUBLIC employees as well.

Can I restrict the PUBLIC domain?

No, It’s not possible to create a role and block access to PUBLIC domain using the ‘restriction’ function.

Leave a Comment

Your email address will not be published. Required fields are marked *