Authorization control for document status

Similar Messages

• Authorization control for "Revoke  Status Closed"

  Dear Experts,
  We are trying to restrict the authorization of business transaction u201CClosedu201D & u201CRevoke status closedu201D through authorization control for transaction COR2.
  For that I have included authorization objects- K_ORDER, K_VRGNG, I_VORG_ORD in the user profile.
  I have also added these objects in SU24 with check indicator u201CChecku201D & proposal u201CYESu201D
  Through authorization object- K_ORDER I succeeded to restrict business transaction u201CCloseu201D.
  But I am unable to restrict u201CRevoke Status Closedu201D.
  I have also tried for this with user status but through user status also I am unable to restrict u201CRevoke Status Closedu201D.
  Can anybody help me for this.
  Regards
  Vivek

  Dear ,
  You can do it through two option :
  1.Apply Screen variant -SHD0 at user level in which you can switch off menu path of TECO/REVOKE etc.
  Refer : http://wiki.sdn.sap.com/wiki/display/Snippets/TransactionVariant-AStepbyStepGuidefor+Creation
  2.You can try User Status at Production Order level .Refer : authorization for TECO
  You can also check by User Exit : PPCO0007 (Exit when saving Production Order)
  Regards
  JH

• Authorization control for actual price calculation

  Dear all,
  I found that there is no authorization control for actual price calculation(KSII), this means user can calculate actual price for all cost centers, even this cost center belongs to other company. Is there a way to control this?
  Thanks,
  Ben

  Hi Ben,
  By SAP standard we do not have the control.  we also have the same situation.  We are venturing in to Realisation phase and we decided to have some kind of program (development) to control this.
  Please let me know if you find some better solution
  Best Regards
  Surya

• Authorization control for batch master

  Hello Experts,
  I have a special requirement from client on authorization control on batch master. The requirement is user should not be allowed to change the batch header details but allow to change selected characteristic values. For e.g If I have a batch A, the header values such as prod date, country of orgin etc should not be allowed to change. In classification view few characteristics only should be editable, rest all should only be displayed.
  Is there any option to do this. Either through authorization control or exits. We dont want to create a custom transaction to achieve this.
  Thanks in advance
  Prathib

  Hello
  The following document explains how to check which authorization objects are called on each transaction:
  How to analyze authorization issues in debug
  BR
  Caetano

• MD61 -Authorization control for Version , requirements type -reg

  Hi,
  We have an issue in providing MD61 -Create Planned Independent Requirements to the users
  By standard authorization objects available , Plant level authorization control only is there
  if we have to give authorization for many users in the same plant based on teh VERSION , REQUIREMENTS TYPE  etc... is it not possible ?
  can the authorizations objects be created manually for these and assign to teh concerned user's roles ?
  please provide your thoughts
  regards,
  madhukiran.

  Dear Madhu,
  Authorization objects can be added for an individual T Code also in SU24.
  Check with your Basis consultant,Also i think its possible to give the authorization for versions as well
  as requirement type also.
  Regards
  Mangalraj.S

• Transaction authorization based on document status

  Hi,
  We need to give display only access to end users (i.e specific business roles) based on the status of the document, for e.g. if document status is IN PROCESS the end user should only be allowed to Display the document - how can this be achieved ? Helpful inputs asap plz. Thank you.
  Best Regards.

  Hi Robert,
  Thanks for the quick reply, I will go through the said changes and update the thread accordingly in a day or two. Thanks again.
  Best Regards.
  Still waiting to test the solution, will update the thread soon !
  Regards.
  Edited by: Jacob Raj on May 2, 2011 2:02 PM

• Plant level authorization control for Internal Order

  Dear Sir,
  We create Internal Order using tcode KO01 and  being a multi plant scenario , we want to have an authorization control on Internal Order creation/change so that plant or profit-center level authorization rights can be given to the users .
  We request you to Kindly guide us about the steps to be followed for addressing such requirement .
  With thanks and Regards
  Sonia Agarwala

  Sonia-
  It can be done. You have two options.
  1. SAP security - when your security person can limit a user by plant, profit center etc using authorization objects.
  2. Validations - Here you can create a validation where you define you logic. In your logic you can restrict set of users who can access a set of fields (profit center, plant etc). If he deviates, the system can issue error messages which is maintained in validations. Use transaction GGB0 to create validations.
  Hope this helps.
  Shail

• Authorization control for Z fields

  Hi all,
  We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
  Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
  Regards,
  Krishna.
  SAP SD Techno Functional.

  Hi all,
  We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
  Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
  Regards,
  Krishna.
  SAP SD Techno Functional.

• Authorization control for cost analysis/itemization view

  Hi Experts,
  Can we control the access to cost analysis/itemization report  in CO03 by authorization control ?
  Thanks

  Hi,
  Most probably it may not be possible.
  moreover, Why do you want this? Cost analysis will be in display mode only. Infact it benefits the user. They can analyse and correct the master if required.
  Think once again before making control. Because, everytime people has to come to authorised person to see the cost difference, which will disturb the authorised person.
  This is my personal opinion.
  Madhava

• Authorization Control For characteristics Maint.

  Dear All,
  My requirement is that,during material master creation/change,my user can change only certain characteristics in a class.What is the purpose of Authorization group field available in CT04.This what comes with F1 help,but I am not able to relate to it.I have assigned this authorization object in user role with relevant value,but nothing is happening.I am able to maintin all charac.
  Authorization Group for Characteristics Maintenance
  This key defines whether a user is allowed to maintain this characteristic.
  This authorization must be defined in the user master record.
  The authorization object is C_CABN_GRP.

  Dear,
  The object and values what you are taking about is to restrict the charectristucs change,,,This will not restrict value assignment in material master classification view.
  This is required for not to allow chages to that chateristics in CT04.
  If you want the material master chareostics value assignment restoction then you need to restict material master claasification maintaince view through the auth object - M_MATE_STA
  the values are as below
  A     Work scheduling
  B     Accounting
  C     Classification
  D     MRP
  E     Purchasing
  F     Production resources/tools
  G     Costing
  K     Basic data
  L     Storage
  P     Forecasting
  Q     Quality management
  S     Warehouse management
  V     Sales
  X     Plant stocks
  Z     Storage location stocks
  remove C from the value and assignthe role to user by whom you donot want the value not to be assigned
  come back if required

• Authorization Control for Delivery Document Deletion

  Hi experts,
  I know there's way to control the deletion of Sales Document through V_VBAK_AAT and V_VBAK_VKO.
  However, how can I control the deletion of Delivery Document (in t-code VL02N)?
  Thanks in advance.
  Chin

  Hi,
  if you can't find a standard authorization object using standard tools such as SU24 and ST01 then there is a BADI LE_SHP_DELIVERY_PROC with method CHANGE_FCODE_ATTRIBUTES. This method is called whenever screen is displayed and can be used to exclude menu items e.g. Delete Delivery. So you can create a custom authorization object which will be used to control access to delete function.
  Cheers

• Authorization Control for MIGO

  Dear All,
  We are in process of controlling authorization of some users, so that they will be able to access transaction MIGO, only for posting material documents of Goods Receipt, Cancelling GRN & Posting RRD. The users should not be able to post material issue, material transfer through the transaction MIGO.
  When we changed the role assigned to the user by giving authority only for the specific trancaction code MIGO, it also allowed the users to post Goods Issue, Transfer posting through transaction MIGO, along with transaction of Goods Receipt, which is unwanted.
  We also can not control the authorization of users based on Movement Type, because, if we do it, the user will not be able to view the material documents other that Goods Issue & it will also restrict the report viewing for other movement types.
  Can anyone provide any valuable suggestions on this?
  Regards,
  Prashant Kolhatkar

  Dear All,
  Thank you very much for your instant replies.
  But, still, as I mentioned, I do not want to control authorization based on Movement Type. This would prohibit the user from displaying reports.
  Any other suggestions Pl.
  Regards,
  Prashant Kolhatkar

• CJ20N Authorization Object for Project Status Changes

  Hi Gurus,
    Can any one knows the Authorization Object responsible to control the change of status for a project in the CJ20N?
    We want to control who can and who can't change the STATUS of a project independent from other changes.
  Regards
  Gustavo Balboa

  User authorization object B_USERSTAT. Before that u should define authorization key in Tcode:BS52 and assign it to User status in Tcode:OK02.
  In authorization object B_USERSTAT set ERSL=Authorization Key, so that the user can change the status of that perticular status only.
  Venkat

• Maintain Copy Control for Document Types.

  Hi Gurus,
  My Client has two customized documents both are order Types and wants to maintain Copy control between them.
  If i see VTAA i can find either New Entries option or copy option.
  When i go for new entries option it asks me Requirements and Routines which needs to be set for this copy control and i am not aware of those.
  The Other option is Copy as but since it's customized document types so i am not getting which document should i take as refernce for copying.
  Please suggest me how to proceed.
  Thanks in Advance!!!!

  Hi
  Ideally we don't gamble with standard settings. Not only in copy control but for all other settings related to document types, conditions, movement types etc etc. If standard settings or configuration has been deleted by human error then we should restore standard settings first. May be BASIS guy can do it and if it is not possible then open some other server where these settings are there and you should do all settings manually by copying the standard ones.
  Why we recommend to always copy standard settings and make necessary changes is that standard settings are done by SAP and they have tested it thoroughly and they have hundreds of consultants who have worked on these settings. Standard settings are reliable and we can copy them without any fear of mistake. Whereas if you copy some Z settings or create new one then there are more chances of some wrong or missing settings. Logically may be it sounds not that important or useful but technically it is really fruitful to do this.
  In standard settings system copies all subsequent settings and you don't need to do those settings again and you are already aware of this fact.
  One more benefit is that you only need to change document names and in create new entry you'll have to enter all the fields one by one and you don't know which value is more appropriate for this field. It also saves time efforts and people like me always prefer to save efforts
  Thank$

• Authorization Control for Setting TECO

  Hi PS Gurus,
  Would like to ask if there's a standard way of controlling users on the setting of TECO for PS objects? I cant find any setting in T-code PFCG that may limit setting of TECO for selected roles. Suggestions outside standard is also welcome...
  Thanks in advance.
  Joed

  Hi Abdul,
  Thanks for the answer, I have already taken that into consideration, however my problem will be assigning the Status Profiles for all existing WBS Elements (around 10,000+ WBSE's).
  The status control will solve future WBSE's but we were also asked to consider existing ones.
  Thanks again.
  Cheers,
  Joed