Authorization based on Module in SPRO

Hi,
we need to give module based authorization to the consultants,
I have created a project in SPRO_Admin in that i have created 3 view SD,HR, & MM. and assinged user also respectively.
after that i created a Role Called Z_SPRO under that Under Menu option i have selected the cust Auth,
and the project which i have created,
and in Change  Authorizatiozation i made all green.
when i assigned this role to the user respectively, still MM user can go to IMG Activities and can work on other module nodes as well.
please advise.
Regards,
Irfan.

Hi,,
i have created a project using  sapproject
I defined the scope by selecting  second option
- by selecting application components and countries
under that i selected few nodes like fi, MM, SD, PP
and created project view based on project scope, and assinged the user as well.
after that i created a role called ZFI under Menu tab i selected Customing Auth. then generated the role.
when i assinged this to the user, user still have access all spro nodes, he can see as well as execute.
kindly let me know how to control this.
Regards,
Irfan.

Similar Messages

  • No RFC authorization for function module

    Hi Experts,
    I am working on PI 7.3, doing a idoc to jdbc scenario by using the AEX(Advance Adapter Engine Extended).
    I created Integrated Configuration, in tab "Inbound Processing" pointed IDoc_AAE sender channel etc...
    While doing the configuration testing i am getting the below error "No RFC authorization for function module IDOCTYPE_READ_COMPLETE."
    Messages fails in tRFC.
    What can i do, to solve this problem?
    Thanks & Regards
    Stanislav

    I ordered the right to RFC-connect.
    The problem was this: in RFC-connect, in Destination(in NWA), you must specify a username, who have permission to read idoc-metadata (from ERP).
    More about settings AAE, you may read here http://scn.sap.com/community/pi-and-soa-middleware/blog/2010/10/21/pixi-pi-73-new-java-based-idoc-adapters-configuration-sender-receiver--teaser
    Sorry for my bad English.
    Thanks all.

  • Analysis Authorization based on Hier node with multiple display hierarchies

    Hi guys - I've got a problem where s.o. might have an idea of how to switch on the light at the end of the tunnel, I am currently standing in:
    Requirement:
    Cost Center Authorization should be given through RSECADMIN, reporting should be possible for any hierarchy that exists for the authorization relevant info object.
    Preferred solution:
    The Cost Center Analysis Authorization should be given through RSECADMIN - Hierarchy node assignment.
    u2022     A dedicated Authorization Cost Center Hierarchy will be maintained in ECC6 as an alternative cost center hierarchy and extracted into BW.
    u2022     The RSECADMIN Hierarchy node assignment should be based on a particular node (Type 2).
    u2022     The display level will be specified as required (here: Level 7)
    u2022     The Authorization granted should be independent of hierarchy name and version (validity 3).
    Reporting Scenario and technical impact:
    As mentioned above, when designing and running a query the user should be able to freely select other (i.e. than the authorization) display hierarchies for the authorization relevant reporting object 'Cost Center' as well. The technical names of the semantically relevant hierarchy nodes could therefore vary. E.g. cost centers 1, 2 and 3, being assigned under hierarchy node u2018Au2019 of the RSECADMIN relevant authorization hierarchy, could be subsumed by hierarchy node u2018Bu2019 in another display hierarchy, which the user may want to display in accordance to his reporting needs. Ideally, the alternative display hierarchy should therefore display node u2018Bu2019.
    My findings so far (based on prototyping) turn out that this is not possible as long u2018Bu2019 (and its hierarchy) is not authorized in RSECADMIN. Can these findings be confirmed? And if not, would anyone have an idea of how to facilitate the reporting scenario?
    Would there be any other way to grant access, possibly based on RSECADMIN single values, and also enable the user to flexibly display hierarchies with only those hierarchy nodes whose single cost center values the user has been given access to?
    Thanks everyone for your input...
    Claus
    Edited by: Claus64 on Jul 13, 2009 4:10 AM

    HI CLause,
    On Jul 14 2009, you wrote in SDN and said:
    FYI: Found a solution...
    The hierarchy analysis authorization will be based on a navigational attribute of cost center.
    With analysis authorizations it is possible to declare the Auth object (e.g. 0COSTCENTER__RACCAUT0) as authorization relevant and leave the superior object 0COSTCENTER auth irrelevant.
    The auth will be given for 0COSTCENTER__RACCAUT0. This object will be placed as a filter of the query, being restricted by an Authorization variable for hierarchy nodes.
    Due to the concept of Analysis Authorizations, this variable will automatically pick up the nodes granted as part of RSECADMIN Hierarchy based Authorization.
    As mentioned above, 0COSTCENTER as the regular reporting characteristic remains auth irrelevant and can therefore take any hierarchy thatu2019s available. Reporting on single values will be possible, too. Only those nodes show up that hold the authorized cost centers in accordance to the authorization.
    If the auth relevant 0COSTCENTER__RACCAUT0 is not used in the query definition by either not taking it in as a filter or skipping the Auth variable, the query will launch the message that the authorization is missing. No data show up at all.
    Claus
    See this thread:
    Analysis Authorization based on Hier node with multiple display hierarchies
    I am also in the same situation as you and need to understadn your solution. I understand that you created a Nav Attr on 0COSTCENTER and made this auth relevant whilst ensuring that 0COSTCENTER is NOT auth relevant. This is all fine. The issue was you have multiple hierachies for 0COSTCENTER, how did the new Nav Attr help you solve your issue. When loading 0COSTCENTER what values did you load ino the new Nav Attribute and how did that link to the hierachies? Also, in RSECADMIN you created hiearchy nodes based on the Nav Attribute but I am confused as to what values you have in the Nav Attr.
    I appreciate if you can share your solution from the past in more details.
    many thanks

  • How can I turn off the WLS 6.1 security in order to develop my own application-based security module?

    Dear Colleagues,
    I am currently developing a J2EE application using WLS 6.1.
    My team and I have to implement a security requirement to suit our company's needs.
    The security requirements are that, users' password need to be aged (30 days maximum) and we need to provided a GUI front-end (JSP) to allow users to change their password when these expire after 30 days.
    Our internal contacts in the company, have already taken the lead to find out about whether we will be able to use the WLS 6.1 platform to do this and the answer we got back, was.
    Now we need to develop our own security module.
    I have 2 questions:
    1. How can we turn off the WLS security in order develop our own application-based security module?
    2. How can we develop a security module that allows us to age users' password and provide them with facilities to change their passwords when these expire?
    At the moment, we are using the default BEA WebLogic login.jsp page and there some configuration in the web.xml for this. I will be grateful if you could advise me on how to turn this default security off so that we can write our own security module.

    hi,
    1.You can write your own realm in 61 which can plugged for your security
    calls.
    2. once you write your ownrealm.. you can access it through weblogic
    api/ur api..
    thanks
    kiran
    "Richard Koudry" <[email protected]> wrote in message
    news:3dd0d081$[email protected]..
    Dear Colleagues,
    I am currently developing a J2EE application using WLS 6.1.
    My team and I have to implement a security requirement to suit ourcompany's needs.
    >
    The security requirements are that, users' password need to be aged (30days maximum) and we need to provided a GUI front-end (JSP) to allow users
    to change their password when these expire after 30 days.
    >
    Our internal contacts in the company, have already taken the lead to findout about whether we will be able to use the WLS 6.1 platform to do this and
    the answer we got back, was.
    >
    Now we need to develop our own security module.
    I have 2 questions:
    1. How can we turn off the WLS security in order develop our ownapplication-based security module?
    >
    2. How can we develop a security module that allows us to age users'password and provide them with facilities to change their passwords when
    these expire?
    >
    At the moment, we are using the default BEA WebLogic login.jsp page andthere some configuration in the web.xml for this. I will be grateful if you
    could advise me on how to turn this default security off so that we can
    write our own security module.

  • RFC Lookup error :No RFC authorization for function module

    Hi All,
    I have created RFC in the PI system and enabled it as remote. I am working on PI7.1
    I have imported RFC into Repository.But when i am trying to execute RFC lookup function in the graphical mapping I am getting No RFC authorization for function module error.
    Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception> com.sap.aii.mapping.api.StreamTransformationException: Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception> at com.sap.aii.mappingtool.flib7.RfcLookup.cacheMore(RfcLookup.java:95) at com.sap.aii.mappingtool.tf7.rt.AMultiResIterator$MultiOutIterator.gotoNextContext(AMultiResIterator.java:95) at com.sap.aii.mappingtool.tf7.AMappingProgram.processNode(AMappingProgram.java:315) at com.sap.aii.mappingtool.tf7.AMappingProgram.processNode(AMappingProgram.java:406) at com.sap.aii.mappingtool.tf7.AMappingProgram.start(AMappingProgram.java:496) at com.sap.aii.mappingtool.tf7.Transformer.start(Transformer.java:133) at com.sap.aii.mappingtool.tf7.AMappingProgram.transform(AMappingProgram.java:626) at com.sap.aii.ibrep.server.mapping.exec.ExecuteXiMappingCommand.transformInternal(ExecuteXiMappingCommand.java:197) at com.sap.aii.ibrep.server.mapping.exec.ExecuteXiMappingCommand.execute(ExecuteXiMappingCommand.java:94) at com.sap.aii.ib.server.mapping.exec.CommandManager.execute(CommandManager.java:43) at com.sap.aii.ibrep.server.mapping.ServerMapService.execute(ServerMapService.java:40) at com.sap.aii.ibrep.server.mapping.MapServiceBean.execute(MapServiceBean.java:40) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sap.engine.services.ejb3.runtime.impl.RequestInvocationContext.proceedFinal(RequestInvocationContext.java:43) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:166) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_StatesTransition.invoke(Interceptors_StatesTransition.java:19) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Resource.invoke(Interceptors_Resource.java:71) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Transaction.doWorkWithAttribute(Interceptors_Transaction.java:38) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Transaction.invoke(Interceptors_Transaction.java:22) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:189) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_StatelessInstanceGetter.invoke(Interceptors_StatelessInstanceGetter.java:16) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_SecurityCheck.invoke(Interceptors_SecurityCheck.java:21) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_ExceptionTracer.invoke(Interceptors_ExceptionTracer.java:16) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.DefaultInvocationChainsManager.startChain(DefaultInvocationChainsManager.java:133) at com.sap.engine.services.ejb3.runtime.impl.DefaultEJBProxyInvocationHandler.invoke(DefaultEJBProxyInvocationHandler.java:164) at $Proxy1005_10002.execute(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sap.engine.services.rmi_p4.P4DynamicSkeleton.dispatch(P4DynamicSkeleton.java:234) at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351) at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70) at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62) at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37) at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872) at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53) at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58) at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108) at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304) Runtime exception when processing target-field mapping /ns0:MT_FileDummy/File; root message: Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception>
    13:42:37 End of test
    Edited by: Rams on Apr 17, 2009 1:43 PM

    Hi! Rams,
    I think the issue is related to Authentification Issue..Even though u did correctly please check once the below
    1) Check any Typo Erros are there while configuring or giving names in Lookups.
    2) please check Authorizations like ID and PWD and Sufficient Roles
    3) Also please check did u given paramters correctly while doing RFC look up I mean paramers , Binding parameters and RFC channel name and adapter type or Simple type it must be an  adapter
    4) In ID part while configuring Interface determinaition you need to give your RFC look Up name there also..Hence check whether u given or not if yes correctly or not
    5) Also remember one thing if your scenario is correct mostly you can know the result in mapping itself it seems while testing Message mapping and Interface mappings give your RFC look up paramters in the parameters tab present in TEST tab and later in Document tab give Input...and execute it works if it doesn;t works and if there is an issue with RFC you can get there only..ok
    Also go through the below document::
    [https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/20befc9a-aa72-2b10-ae9b-b0988791d457]
    I hope this will give u brief idea...
    Also check with basis while taking SAP_ALL authorization so that first u ill came to know whether issue is related to authentification or RFC module itself remote enabled and also do SXI_CACHE also ocne to refresh ESR and ID objects..
    Regards::
    Amar Srinivas Eli

  • How to restrict authorization based on profit center in ke80 report

    hi friends
    we have a situation where we need to maintain the authorization based on profit center in ke80 report. The authorzation object K_PCA is not working. whenever we assign a particular profit center and then generate the profile, we still get the message no autjorization and when we check su53 it shows it needs '' asterisk. but we cant assign the asterisk as we have 5 subsidaries and there are using 5 different set of profit centers so assigning asterisk () would be comprimising on our security.
    does anybody came across this situation and if yes how did they resolve this?
    I need your suggestions on how to maintain this restriction.
    Regards,
    Imran

    Hi Friends
    The problem has beend solved. It turns out that this is a report writer issue. We raised the issue with SAP and they informed that 'For Report Painter/Writer every item is checked if you have the authori-zation or not. Only the items with authorization fullfilled will be displayed afterwards'.
    Based on SAP answer we created different reports for each profit center/company code.
    I would like to thank you all for your time and inputs.
    Regards,

  • How to check the authorization based on webdynpro application

    Hi Experts,
    I was asked to develop a webdynpro component with two webdynpro applications, one each for internal party and external party to be used.
    So how to restrict or check the authorization based on webdynpro application used?
    Do we have any authorization object like S_TCODE for webdynpro application in roles and authorizations?
    Please enlighten me.
    Regards,
    Ajay Matam

    You can assign an authorization object to the Web Dynpro Application within SICF -
    http://help.sap.com/saphelp_nw70ehp1/helpdata/en/61/d93822a88e15489a9391f309767366/frameset.htm
    Of course you could also programatically check which web dynpro application is being used from within the component and then call a custom auth-check. However maintain at the SICF is probably better for visibilty and long term maintenance costs.

  • Credit management Authorization Based on Value.

    Hi All,
    Can help me out to find whether we can implement Credit management based on different level of Values or not.As i know we can do authorization based on % like 100%, 110% etc.
    But i want to activate release authorization based on the Amount like
    level 1              Rs 1 lakh( Can release upto 1 lakh) when it reaches to above of 1 lakh
    level2               Rs  2 lakh ( it will release upto 2 lakh)
    like wise.As what i understand whatever the standard roles are given relevant to % basis only.

    hello, friend.
    yes, you can do this in a few ways...
    1.  try 'Document Class' - a document class is assigned a certain value, which is assigned to a user (the link to credit management is indirect)
    2.  the traditional way is to use 'Risk Category', and you can set specific values (e.g. maximum document values) when doing OVA8. 
    i seem to recall there may also be a way to assign values to risk category, but i will check on this.
    regards.

  • Implementing authorization based on database roles

    Hi,
    I am trying to implement authorization in my sample jdeveloper application.
    I have the list of users stored in LDAP and my database table contains the roles for those users.
    Now how can I get the roles from the database table and implement authorization based on the roles?
    I am using jdev 11 and weblogic 10.3
    Thanks

    Hi,
    Checkout [this post|http://forums.oracle.com/forums/thread.jspa?threadID=928304]
    Sireesha

  • Authorization based on t.code and screenvariant

    All,
    Suppose I have created screenvariant in particular transaction .
    For eg MB52 , I have created one variant , ZVAR1
    Is it possile to give authorization based on t.code MB52 and screen variant  ZVAR1?
    Or t. code and layout of report.
    For eg I have changed the layout and save the report as Z111.
    Now is it possible to give authorization ,MB52 and Z111?
    Please advise.
    regards

    Thanks Alex.
    Suppose I am creating new t.code for MB52 program .
    Now in SE93 which object I should I select :
    - program and screen
    - program and selection screen
    - Method of a class
    - transaction with variant
    - transaction with parameters
    Pls advice.
    regards

  • Display authorization for all modules Including Basis.

    Hi All,
    Is there any Role or profile for display authorization for sap modules .
    Regards,
    Eswar.

    Dear,
    That ROLE will be SAP_ALL_DISPLAY
    "what is to be done"
    just assign the role to the display user via SU01
    Hope this help!
    Also refer this ,
    DISPLAY ONLY AUTHORIZATION
    Regards,
    R.Brahmankar

  • Diaplay authorization for all modules

    Hi All,
    Can any one tell me how to assign display authorization for all modules like sd, ps, mm, fico ,hr ..
    is there any profile available for that ???
    any idea would be great.
    Thank for ur help in advance.
    Regards,
    Venki

    > And best would be if you can share the created copy of SAP_ALL with SDN users - hope moderators wouldn't mind this sharing.
    Davinder,
    I'm afraid you're chasing ghosts here, as have many before you and I'm afraid it will not stop here.
    The reason a search didn't bring up an easy solution (see your other thread, SAP BASIS Display only Role) is because there's no easy way to get to a display only role.
    Some thoughts:
    1- The amount of authorization objects varies from system to system, due to patch levels and installed add-ons so sharing a role built on a 'strange' system will have it's flaws and due to the amount of objects in SAP_ALL or a copy will make it very difficult to spot those.
    2- There are somewhere between 150-200 different activity related fields in an ECC systems' authorization objects and for quite a few 03 is not display. Some do not have a display activity. See below as well.
    3- There are a lot of objects that do not have any activity related field so putting them in a role and claiming it is read-only is downright dangerous.
    To create proper display roles you will need to get requirements from the business, not only to build the roles but also to be able to test them. I've seen long lasting discussions whether printing is a display activity or not......
    Jurjen

  • Authorization-based formulas don't work in planning-query

    Hi specialists,
    I've got some trouble with authorization-based formulars in a query on an aggregation-level.
    The forumulars are used for filtering. The problem is, that the filters remain empty - obviously no filter-values are pulled from the authorizations. The query-execution ends in the following error-message: "You are not authorized to use the object zcomp_code 'SomeName - Authorization-Object'"
    Exactly the same variables are used in a second query as well - which is based on the the same cube as the aggregation-level. In this query the variables are filled (as expected) with the values from the authorizations.
    In RSSM one can see that the relevant info-objects are marked as authorization-relevant for the above mentioned cube. For the aggregation-level I cannot configure them as authorization-relevant (because the fields are not editable/grayed-out).
    Does anybody know this problem ?
    Are there any hints how to check-out the concrete problem ?

    In iOS7, location-based reminders won't fire if the Reminders app is explicitly terminated by the user.
    That is if the user removes an application from the Multi-Tasking application list (brought up with a double-press of the Home button), iOS 7 will conclude that the user doesn't want this app to get any more run-time. That implies that Reminders won't be launched again to display your location-based reminders.
    The Reminders app needs to be running in the foreground or to be put in the background for location-based reminders to work.
    This is not a bug. This is intended behavior.

  • IM - Appropriation Request approval authorization based on Budget Value

    Hi all,
    Can someone help me confirm the following?
    I'm implementing Investment Management module and use appropriation request (AR) to approve budgets where AR statuses can be approved only by certain authorization groups, and we do not use Workflow. The problem is that we want the status change not only based on authorization but combined with the budget value. For example, for budget <50,000 then Superintendants can approve the AR but if it's >50,000 then only Managers can approve the AR.
    As far as I've looked, IM module does not provide this functionality where authorization can be restricted based on budget value. Can someone confirm this?
    Thx very much in advance!
    cheers,
    -Ri-

    The standard AR workflow sends a notification (document once approved) to the applicant and workflow to the approver (for approval). For details refer the link below:
    http://help.sap.com/saphelp_erp60_sp/helpdata/en/2a/f9f542493111d182b70000e829fbfe/content.htm
    Standard reports under Investment Management>Appropriation Requests>Reports on Appropriation Requests>Master Data Lists ex.,T Code IMR5 - Appropriation Request Without Distribution Without Variants with changed layout to include system status would show you the required information.
    Regards
    Sreenivas

  • Authorization based on STD Cost Centre Hierarchy - different hier levels

    Hello,
    I need to create an Authorization scenario where the same user, which have autorization based on Cost Centre Standard Hierarchy, would have access to Cost Centre Hier "NODE A" for "CUBE 1" and Cost Centre Hier "NODE AB" for "CUBE 2". The challange is that he cannot access "NODE A" on "CUBE 2".
    How can I have this? Would it work if I create 2 different authorization objects based on cost centre, each one for a different cube?
    Current authorizations are set up for CUBE 1 based on roles assigned to users and this affects more than 300 User ID. So I need a solution with few impact on what is already set up...
    BW version 3.1
    Thanks in advance

    Just for the forum information, I have made further progress on this.
    I have created different Authorization Objects (both based on cost cecntre) and assigned each one o a different cube. I will then have 2 roles assigned to the user: one role with Auth Object X will provide access to cube A only; the other role with Auth Object Y will provide access to cube B only.
    Regarding the hiearchy level, as this does not depend of the Authorization Object but on the Cost Centre Object itself, I dont need to create (Tcode: RSSM) duplicated hierachy technical names for the same node of the hiearchy depending on the auth. Object.
    Hope this helps who's browing on the forum and have a similar issue. Otherwise, please contact me.
    Regards

Maybe you are looking for

  • Goods receipt not possible for delivery 800015869: error code 1

    Dear friends, I am doing MIGO-GR for outbound delivery, but getting error once inputting outbound delivery no. Goods receipt not possible for delivery 800015869: error code 1 Message no. M7865 Diagnosis The goods receipt for the delivery cannot be po

  • Charts in PowerPivot 2010

    I am uable to create charts out of Power Pivot.. It is only showing the table, but the data sheet for the charts is not available.  Do you have a solution for this problem? 

  • GUI issues in MARS

    Dear Friends, I have a MARS 100 appliance running ver 6.0.6 and some gui issues. I have to click on GO button the browser twice or thrice and only then it opens the page. This behaviour happens randomly with clicking different pages like Query page,

  • Installation error Nw2004s

    Hi Guys, i am installing the Nw2004 version in Linux and got an error saying "This computer's host name is 'hostname.dev.com' but a reverse lookup returned 'hostname'. This will lead to problems later on when starting the Web Application Server. You

  • Ipod/itunes problems...help please

    I have some 7000 songs on itunes. Yesterday I went to burn 2 new CDS to itunes and whilst they burnt they took an age to do so and the resulting files were 'warped'...and cannot be listened to on either the ipods we have or the itunes lbrary direct.