Authorization for a checkbox

Similar Messages

• Authorization for specific business scenario or business step in solar01

  Dear all,
  we have an issue regarding solution manager blueprinting management restricting an access to specific nodes. Our goar is to have several substructures devided by modules like: FI, SD, PS and etc. And each team member according his position in a company should have an access only to his substructure and all the related documentation below that. Saying an access means a change mode not a display access.
  Please find the steps have been performed during the configuration of project below:
  All the configuration around system landscape has been done properly.
  A new project for solution was created in solar_project_admin.
  A correct logical componens has been assigned.
  All the required users have assigned as a team members of a project.
  At the projec. team member tab a box has been checked in for: restrict changes to nodes in project to assigned team members.
  A proposed structure of nodes has been created within Tx solar02.
  The right team members have assigned to specific node. So that only they suppose to have a change permission within that nodes. All others read only access.
  Every user has sap_solar01_all role assigned to him. We have tryed assigning varios roles according to  http://help.sap.com/saphelp_sm310/helpdata/en/db/a1033b2a98f46ae10000000a11402f/content.htm
  However as a result we are having a change permission allowed for every node within the structure. Like FI responsible member can access to any node from a tree. And he can make a change for SD related documentation.
  Please assist regarding this issue.
  Kind regards,
  P.S.
  I found a thread with a similar problem which was solved by activating a checkbox which is already activated in our system and actually doesn't solve that problem for us.
  Authorization for specific business scenarios in Solar01/02
  Edited by: Artjoms Nikulins on Mar 11, 2010 3:37 PM

  Hi
  As far my knowldege goes this is not possible to do within same project or making the same.
  You can have project specific access given to member but you cannot go module wise authorization.
  Ofcourse there satellite system authorization will be different but not in solman.
  In addition check this security guide
  https://websmp104.sap-ag.de/~form/sapnet?_SHORTKEY=00200797470000075728&_OBJECT=011000358700007187872005E
  Hope it ans ur query.
  Regards
  Prakhar
  Edited by: Prakhar Saxena on Mar 12, 2010 3:22 AM

• You have no authorization for the requested data

  Hi Gurus,
  While trying to display data in manual layout it shows the erros as
  You have no authorization for the requested data.
  Any reason behind that.
  Thanks,
  Debasish

  Hi Debasisha
  I faced the same problem yesterday, as Ivan told apply the transaction code rssm. In Business Information Warehouse Authorizations window go to checks for InfoProvider and select your Cube and click the change button. in that window you can see the which infoobjects are selected under switched on column deselct the checkboxes for authorization obj. save -  refresh
  and go to BPS screen execute your layout you can find your layout. I solved my problem like that.
  Hope it helps you.
  Regards,

• Authorization for InfoSets

  Hi All.
  I have a strange situation that only exists in my BW production environment (version 7.0).  Starting out of the blue a few days ago, all of my users are now recieving authorization errors trying to execute queries against any InfoSet.  Specifically, the error message is "You do not have authorization for InfoSet xxxx."  We have four other environements, sandbox, dev, quality, and training where there is no problem.  I've re-transported all of the user roles from Dev to production and compared them line-by-line with the other environements, but I don't see any problem.   Can anyone provide any guidance on where I might look to resolve this issue?  Below is my PFCG configuration.  All of the InfoSets and related cubes, DSO's are in the indicated InfoAreas.  Thanks in advance.
             Manually   Business Explorer - Components
              Manually   Business Explorer - Components
                Activity                       Create or generate, Change, Display, Delete, Execute                  <...>
                InfoArea                       ZCRM_CA, ZCRM_OPP, ZCRM_SALES_A, ZCRM_SALES_O, ZCUSTOM_DSO, ZELM, ZLEA<...>
                InfoCube                       *
                Name (ID) of a reporting compo *
                Type of a reporting component  Calculated key figure, Query View, Query, Restricted key figure       <...>
             Manually   Business Explorer - Components: Enhancements to the Owner
             Manually   Data Warehousing Workbench - Hierarchy
             Manually   Data Warehousing Workbench - InfoCube
              Manually   Administrator Workbench - InfoCube
                Activity                       Display
                InfoCube Subobject             Data
                InfoArea                       ZCRM_CA, ZCRM_OPP, ZCRM_SALES_A, ZCRM_SALES_O, ZCUSTOM_DSO, ZELM, ZLEA<...>
                InfoCube                       *
             Manually   Data Warehousing Workbench - InfoSet
              Manually   Administrator Workbench - Infoset
                Activity                       Display, Maintain
                InfoArea                       ZCRM_CA, ZCRM_OPP, ZCRM_SALES_A, ZCRM_SALES_O, ZCUSTOM_DSO, ZELM, ZLEA<...>
                InfoSet                        *
             Manually   Data Warehousing Workbench - DataStore Object
              Manually   Administrator Workbench - ODS Object
                Activity                       Display
                InfoArea                       ZCRM_CA, ZCRM_OPP, ZCRM_SALES_A, ZCRM_SALES_O, ZCUSTOM_DSO, ZELM, ZLEA<...>
                DataStore Object               *
                Subobject for ODS Object       Data

  Hi Casey,
  Have you tried what roles or authorization objects are missing thru SU53 t-code? Other posibility to see what is happeining is doing a trace.
  Go to ST01-> select the checkbox Authorization -> run trace.
  Then execute the query that gives your the authorization error.
  Stop the trace, and see the analysis, check those rows with RC = 8 or 4.
  Regards, Federico

• Problem with Authorization for Planning folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  we are not pulling the data from any other server, all the data is on the sif any one has faced the same issue let me know.
  Regards,
  Abraham

  Calling Thru Trans code: BPS0 in ECC 6
  getting this error:
  Error while calling up RFC
  Message No. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "An error occurred during the receipt of a complex parameter."
  after i check in bw trans code:st22
  Following this error message:
  Category                   Internal Kernel Error
  Runtime Errors         PARAMETER_CONVERSION_ERROR
  Application Component  BC-MID-RFC
  Short text
      An error occurred during the receipt of a complex parameter.
  What happened?
      During a remote function call, an error occurred while converting
      a complex parameter.
  What can you do?
      Note which actions and input led to the error.
      For further help in handling the problem, contact your SAP administrator
      You can use the ABAP dump analysis transaction ST22 to view and manage
      termination messages, in particular for long term reference.
  Error analysis
      An error occurred during the conversion of a complex parameter.

• Problem with Authorization for BW BPS planning Folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  if any one has faced the same issue let me know.
  Regards,
  Abraham

  HI ,
  I Checked it out we dont have that cube in our system.
  Regards,
  Abraham

• Authorization for opening & Closing posting periods - OB52

  Hi,
  Is there any way to set authorization for opening & closing of posting periods in OB52?
  My scenario:
  I have 2 company codes - A & B assigned to 2 different posting period variant - say PPA & PPB.
  The user belonging to CoCd A should not be able to open/close posting period of CoCd B and vice versa.
  Is this possible through any authorization settings?
  Request your help on this.
  Regards,
  Sridevi

  Hi Sridevi
  Please go through the following:
  You can assign authorization groups for permitted posting periods. This means that, for example, some posting periods can only be opened for particular users within monthly or annual closing. You can only assign the authorization group at document header level and it only affects period 1. The authorization object is called F_BKPF_BUP (Accounting document: Authorizations for posting periods). Read the corresponding chapter on "User maintenance" in the "Assigning authorizations" topic.
  "User maintenance"
  Due to the modular authorization concept of the system, you can define authorization profiles which are tailored to the workplace of your employees. You can, for example, assign authorization to a workplace in the Accounts Receivable, Accounts Payable or General Ledger Accounting areas.
  By assigning authorizations you define which business-related objects your employees are allowed to process and which editing functions are allowed.
  In the following activities for authorization management, you must carry out the following for employees who are to work with the system:
  Assign authorizations
  The authorizations are assigned by specifying permitted values for the pre-defined objects.
  Define profiles
  In the SAP system, authorizations are grouped together in workplace profiles. Therefore one or more profiles must be allocated to the individual employee in the master record.
  I hope this helps.
  Regards
  Kavitha

• Authorizations for materials and material groups

  Hello experts,
  Is it possible to limit the authorization to make purchase requerisiton of some materials or material groups depending on the user?
  I heard that it is possible be able to update some materials using the authorization M_MATE_MAT and including them in the material master, material group and user. But this also works for the creation of purchasing documents (PR,PO,RFQ,...)? Do I have to include this authorization for all the materials? If they do not have I understand that works for every people.
  Thanks in advance for your help
  Best regards,

  Hi Madii,
               actually Authorization works at the object level, i.s if you have provided the authorization for the user to makePR with certain Material Grp, then if you dont define that grp in the PO role, but still user will get the authorization from the PR role.
  why you want to allow the user to make the PR of certain Mtrl Grp for which he should not be making the PO.
  or let a different Body take care of the other mtrl Grp.
  Hope it helps.
  Regards,
  Yawar Khan

• Authorization for certain warehouse in stock transfer

  I'm trying to create an authorization for stock transfer when To Warehouse equals a certain value. Is there a way to do it?

  Hi,
  How could I do it with an approval procedure?
  You can create approval stages and template by using query
  Is it with a query?
  Yes
  Will it be similar to a formatted search?
  Yes
  Try this query for row level with only one item.
  Select Distinct 'True' FROM OWTR T0 inner join WTR1 T1 on T0.docentry = T1.docentry
  Where $[$23.5.0] = 'ExScrap'
  Note: Replace Exscrap with your warehouse name.
  Thanks & Regards,
  Nagarajan

• Cancel a SD invoice error message "no authorization for transaction FB08"

  Hi Gurus,
  I am trying to cancel a SD invoice and am receiving the error message " no authorization for transaction FB08" is coming. Never has this happened in past, i have checked all the security authorizations also and they are in place. Accounting document status is showing as not cleared. Also, as per my understanding cancellation of invoice happens through VF11 which does not calls FB08. Please point out reasons as to why this could be happening and the possible solution thereof.
  regards
  Anmol Pareek

  Hi Anmol
  Once you got the error screen, immediately after that goto T code SU53 and expand all link. Take the screen shot and send it to your BASIS team to provide you proper access.
  Yes you are correct cancellation is done through VF11 but sometime some programs internally calls other T codes.
  take help of your basis team.

• BW report authorization for restrict cost center

  dear all,
  i have problem on BW report authorization for restrict cost center.....when i execute the query, after selection screen, appear error message 'you cannot change zv_cctr for characteristic 0COSTCENTER during query'.
  note : zv_cctr is variable restriction for costcenter, type processing = customer exit.
  below the customer exit :
  WHEN 'ZV_CCTR'.
      IF i_step = 2.
        DATA : gt_mstuidvscc TYPE TABLE OF  ztbw_mstuidvscc,
               gs_mstuidvscc TYPE  ztbw_mstuidvscc,
               wa_final2(10) TYPE c.
        SELECT * FROM ztbw_mstuidvscc INTO CORRESPONDING FIELDS OF TABLE gt_mstuidvscc
          WHERE userid = 'sy-uname'.
        LOOP AT gt_mstuidvscc INTO gs_mstuidvscc.
          wa_final2 = gs_mstuidvscc-kostl.
          l_s_range-opt = 'EQ'.
          l_s_range-high = wa_final2.
          APPEND l_s_range TO e_t_range.
        ENDLOOP.
      ENDIF.
  Regards,
  Tony

  i defined variable as ready for input and mandatory.
  regards,
  Tony

• How to set authorization for BW Workspace in backend and Portal ?

  Hello Expert,
                       I have developed one BW Workspace in development environment . I have some query regarding BW workspace authorization for access in portal . Some of the queries are as  follows:
  1) How many composite provider we can build up inside of one workspace that we can go by Tcode ---RSWSPW ?
  2) After activating the workspace it shows in RSWSPW ,but this workspace/composite provider will be available in Info Area(in RSA1) or some area else from where we can see this ?
  3) Now our requirement is like that -- we have to provide some workspace for SD power user ,Finace Power user & Marketing Power users, in this situation how can we put authorization in bw workspace like SD power user should not see the FI Power user's & Marketing Power user's Workspace rather than his own workspace ?
  4) In our requirement, we are going to produce some bex query on top of bw worksapce composite provider . For creating this query ,we searched provider by puting provider name directly in serach option , but is there any option to search the bw worksapce related composite provider by putting info area name in query search ?
  5) In another senerio, we gone to create BO AA OLAP report on top of bw workspace composite provider but in source option we cant see the provider ,infact we could not search the composite provider in search option in source selection ----   do i need to navigate any step in compostie provider to make it enable for BO AA OLAP creation on top of composite provider ?
  Expecting and appreciating your guidence and suggestion asap .
  Thanks & Regards,
  Surajit Pal

  Hello Expert,
                   Do you have any idea regarding below questionaries about BW Workspace ?
  1) How many composite provider we can build up inside of one workspace that we can go by Tcode ---RSWSPW ?
  2) After activating the workspace it shows in RSWSPW ,but this workspace/composite provider will be available in Info Area(in RSA1) or some area else from where we can see this ?
  3) Now our requirement is like that -- we have to provide some workspace for SD power user ,Finace Power user & Marketing Power users, in this situation how can we put authorization in bw workspace like SD power user should not see the FI Power user's & Marketing Power user's Workspace rather than his own workspace ?
  4) In our requirement, we are going to produce some bex query on top of bw worksapce composite provider . For creating this query ,we searched provider by puting provider name directly in serach option , but is there any option to search the bw worksapce related composite provider by putting info area name in query search ?
  5) In another senerio, we gone to create BO AA OLAP report on top of bw workspace composite provider but in source option we cant see the provider ,infact we could not search the composite provider in search option in source selection ----   do i need to navigate any step in compostie provider to make it enable for BO AA OLAP creation on top of composite provider .
  Appreciating your early responds and thanks in advance .
  Regards,
  Surajit

• Report S_ALR_87013105 : no authorization for the report/ table 7KU6_001

  Hi Gurus,
  While executing the program S_ALR_87013105 (Detailed Reports 
  For Sales Order : Plan/Actual Comparison ) system showing the selection log.
  "Have no authorization for the report/table  7KU6_001 and 7KU6_002".
  But for the user the authorization check through SU53 was successful.
  Pl can any one suggest on this issue.
  Thanks in advance,
  Vijay

  Hi,
  Contact your basis consultant to provide the missing authorisation. This is one of the authorisation object.
  Regards,
  Sankar

• Problem wih analysis authorization for two scenarios on same data provider

  Dear all,
  I am looking for a solution on the following authorization scenario (using the new analysis authorization). Unfortunately everything that I tried did not work out as expected:
  User A is allowed to manually access query 1 (based on cube A) with authorization on all sites A-Z
  The same user A shall get an email distribution automatically (derivation of the filter in the query out of the authorization) for query 2, which is as well based on cube A, but this time the authorization shall be limited only to site A.
  As both queries are based on the same infoobject (0PLANT) and the same infoprovider (0TCAIPROV) I always get the result for all sites A-Z. The 0TCAACTVT is in both cases 03 (display), so I have no chance to distinguish between reporting and email distribution.
  Probably the only chance would be to derive the values for the email distribution scenario not from the authorization directly, but using a customer exit to fill the filter - but I would prefer a "standard" solution...
  Any ideas??
  Thanks,
  Andreas

  Dear Andreas,
  Before give you an alternative for you problem, Iu2019d like to comment the combining authorization concept:
  http://help.sap.com/saphelp_nw70/helpdata/EN/46/98cd87f37d19ace10000000a11466f/frameset.htm
  For this reason I suggest you which combing restriction through authorization and query filter. For query 2 try to use in 0PLANT characteristic the single value u201Csite Au201D, this restriction give you only authorization for see this value.
  Otherwise, you have to use customer exit.
  I hope that alternative help you to find a solution,
  Luis

• What happends when you give 2 groups with some of the same members different authorizations for a document

  Hello,
  I'm doing my internship at a litte Telekom company. I'm investigating how they can use MS SharePoint as their central place to put projectinformation. Now i've been thinking what happends when i do the following:
  Make one document library
  Add 2 groups to the Active Directory, group "A" with all the employees and group "B" with only four people working on a project. When i add a document to the document library and set the authorizations for the document as
  follows:
  Group B: Read/Write
  Group A: Read
  Does the people from group B still be able to edit the document, because they are also in group A?
  I don't have a test environment to test this myself.
  Why i want to know this? The company want's one place to place all their documents with projectinformation. This information is about different projects. You only wan't that people can change the specific document when they are working on the specific project
  where the document belongs to.  

  You get the union of permissions, so if one group allows access and the other not, you will get the union of both and therefore access. Of course, you can break security settings per library/folder or document, and specify new settings,
  if you need too.
  Kind regards,
  Margriet Bruggeman
  Lois & Clark IT Services
  web site: http://www.loisandclark.eu
  blog: http://www.sharepointdragons.com