Authorization for t-code

hi friends,
I have created parameter transaction using se93 for table display (SM30) and then created an authorization object
using t-code su21. this authorization object contain only 2 ctivities i'e change and display(02 and 03)
now i want to attach this authorization object to tis t-code.
how can i do this.
there is no report for this t-code so i cannot use authority-ceck key word in program.
kindly suggest
<removed_by_moderator>
Regards
Edited by: Bernhard Hochreiter on May 6, 2010 9:07 AM

Pankaj,
authority-check object 'S_TCODE'
id 'TCD'
field 'SM35'.
if sy-subrc ne 0.
User does not have authority for transaction SM35!!!
endif.
or
Try FM AUTHORITY_CHECK_TCODE

Similar Messages

  • No authorization for company code in MRBR

    Transaction MRBR is currently wide open. Anyone with authorization to this transaction can unblock invoices in any company code.
    Standard security profiles can only restrict users at universal (*) or purchasing group level. We require control on company code.
    OSS 399953 suggests creating validation rule (GGB0) to test user authorizations for transaction MRBR and authorization object F_BKPF_BUK.
    Can anyone supply the validation coding to solve this security problem?
    Is anyone familiar with this problem ? Do you have a solution ? also None standard SAP solutions are welcome
    Thanks in advance
    Greetings,
    Vincent

    Hi Vincent
    Another option could be to implement an authorization check in the BAdI MRM_RELEASE_CHECK - this is, of course not Standard.
    The code could look somthing like this:
    DATA: wa_rbkp_blocked TYPE mrm_tab_rbkp_blocked.
      LOOP AT i_rbkp_blocked INTO wa_rbkp_blocked.
        AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                 ID 'BUKRS' FIELD wa_rbkp_blocked-bukrs
                 ID 'ACTVT' FIELD '02'.
        IF sy-subrc EQ 0.
          APPEND wa_rbkp_blocked TO e_rbkp_blocked.
          CLEAR wa_rbkp_blocked.
        ENDIF.
      ENDLOOP.
    Regards
    Morten Nielsen

  • Error from BAPI_ALM_CONF_CREATE - "YOU HAVE NO AUTHORIZATION FOR T-CODE"

    Hi guys.
    I am getting an error message from the BAPI_ALM_CONF_CREATE with the DETAIL_RETURN returning "You have no authorization for the t-code".
    The error is arising from the form AUTH_CHECK_TYPE.
      AUTHORITY-CHECK OBJECT 'C_AFKO_ATY'
           ID 'ACTVT' FIELD tmp_actvt
           ID 'AUTYP' FIELD act_autyp.
    Thanks in advance.

    Hi,
    This might be beacuase you do not have authorization to that Tcode.
    Go to SU53 tcode and check authorizations You have for your User name. Ask Basis people to provide authorization to the Tcode for your User id.
    Regards,
    Karuna

  • USER AUTHORIZATION FOR T-CODE OB52 & OKP1

    Hi Experts,
    I would like to know if there is a t-code that assigns USER to open another t-code.
    OB52 & OKP1?
    I want to restrict this t-code for only few users....
    Is it possible?
    Need advice plese
    Rey

    Hi Rey,
        As per my knowledge the authorizations will be done by BASIS consultants.
    R.K

  • Controlling authorization for t-code SQVI.

    Hi,
    I have created a query using t-code SQVI. I want user to use this query. When i gave authorization of SQVI to user, he is able to modify the query created by me. Also he is able to create new query which is not desirable. Could anybody tell me how to control authorization access for SQVI.
    Regards,
    Ashish..

    Hi Ashish
    There is no need to give authorisation for SQVI to the user. You can ask your ABAPer to put a new T-code for the query you created in SQVI and give that T-code authorisation to the user.
    Cheers
    JOJI

  • Authorization for tax code in PO

    Hi,
    I have one issue from the client. In Po creation (ME21N), they want to restrict some users to enter only few tax codes from among the list. For example if there are 30 tax codes, then user should be authorised to enter only 5 tax codes from the list. In standard authorization, there doesn't exist an authorization object to restrict tax codes.
    For this I have created a Z-authorization object with authorization field (MWSKZ), in the user profile this authorization object has been assigned.
    I am stuck at coding the authorization object means calling this object whenever the user creates the PO. Can you pls guide me on this?
    Regards,
    pankaj

    Hi
    Hi See the following and do accordingly In general different users will be given different authorizations based on their role in the orgn. We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes. USe SUIM and SU21 T codes for this. Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction. If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check. This means you have to allocate an authorization object in the definition of the transaction. For example: program an AUTHORITY-CHECK. AUTHORITY-CHECK OBJECT ID FIELD . ID FIELD . ... ID FIELD . The OBJECT parameter specifies the authorization object. The ID parameter specifies an authorization field (in the authorization object). The FIELD parameter specifies a value for the authorization field. The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
    http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
    To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks. Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values. You program the authorization check using the ABAP statement AUTHORITY-CHECK. AUTHORITY-CHECK OBJECT 'S_TRVL_BKS' ID 'ACTVT' FIELD '02' ID 'CUSTTYPE' FIELD 'B'. IF SY-SUBRC 0. MESSAGE E... ENDIF. 'S_TRVL_BKS' is a auth. object ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display. The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity. This Authorization concept is somewhat linked with BASIS people. As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user. Take the help of the basis Guy and create and use.

  • How to restrict authorization for MMBE

    Hi,
    I need to restrict the authorization for t-code MMBE according to plant wise. Can anybody tell me about the procedure and authorization object used.
    Regards

    M_MATE_WRK Material Master: Plants is the object that is used to control teh display of data at plant level in tcode MMBE

  • Authorization for the Tax auditor

    Dear All,
    We are facing the problem to acces the person who got transftered to the other department.
    Tax auditor should have access to all the person which is belonging a personal area, Even if the person got tranfered to other personal area and was belong to that same  personnel area.
    Since LDB is reading the first record for the IT0001.We have given the access in the role for the infotypes with a  personal area.
    Auditor is not able to see the record for the transferd person.
    We tried to copy the program RPCAOKD0 and override the standard authorization check using the statement
    pnp_sw_skip_pernr = 'N'.
    but not working.
    Please sugest.
    Thanks
    Vikas

    Hi,
    You can change the code below
    *---Authorization for Company code entered by the users.
    *---This code will restrict users to see data for company
    *---codes which they are not authorized to.
    *---Select all the company codes based upon selection entered by the
    *---user
    SELECT bukrs
       FROM t001
       INTO TABLE li_bukrs
      WHERE bukrs IN z_bukrs.
    IF sy-subrc EQ 0.
    *---Clear Screen variable for Company code
       CLEAR z_bukrs.
       REFRESH z_bukrs.
    *---Filter and prepare Select options for Company code table to be
    *---passed to query. Table will only have values of company codes he is
    *---authorized to for display.
       LOOP AT li_bukrs INTO lwa_bukrs.
         AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                           ID 'BUKRS' FIELD lwa_bukrs
                           ID 'ACTVT' FIELD '03'.
         IF sy-subrc = 0.
           z_bukrs-sign = 'I'.
           z_bukrs-option = 'EQ'.
           z_bukrs-low = lwa_bukrs.
           z_bukrs-high = space.
           APPEND z_bukrs.
         ELSE.
           lv_flag = 'X'.
         ENDIF.
       ENDLOOP.
    *---Give warning message to the user in case he is not authorized to see
    *---data for all the company codes that he has entered.
       IF lv_flag = 'X'.
         MESSAGE ID 'ZFNG' TYPE 'W' NUMBER '015'.
       ENDIF.
    ENDIF.
    This code does an authorization check at company code level and removes all the company codes that user has entered but is not authorized to look for. After that we pass the filtered list of company codes for which user is authorized to in the select query and fetch the results. You can first select all the records from database for PERNR and VKORG. Then filter them and prepare new list of VKORG and PERNR after performing authorization check and pass it further to select queries in your program.
    KR Jaideep,

  • Authorization for the report

    Hi
    I have made one report,  I needed to check the authorization for the report, how to do it.
    Eg.  One employee is executing the report, he only needed to select his transaction
    If somebody from one sales organisation, they only needed to take the data belongs to the sales office.
    SELECT-OPTIONS: p_vkorg  FOR tvkot-vkorg.
    SELECT-OPTIONS: p_pernr FOR pa0001-pernr
    for example two selection parameter is displaying. if my employee no is 100, while trying to enter execute the report for 200 employee no. no data should show. like that vkorg filed also should work.
    Please let me know how it possible.
    Regards
    Sebastian John

    Hi,
    You can change the code below
    *---Authorization for Company code entered by the users.
    *---This code will restrict users to see data for company
    *---codes which they are not authorized to.
    *---Select all the company codes based upon selection entered by the
    *---user
    SELECT bukrs
       FROM t001
       INTO TABLE li_bukrs
      WHERE bukrs IN z_bukrs.
    IF sy-subrc EQ 0.
    *---Clear Screen variable for Company code
       CLEAR z_bukrs.
       REFRESH z_bukrs.
    *---Filter and prepare Select options for Company code table to be
    *---passed to query. Table will only have values of company codes he is
    *---authorized to for display.
       LOOP AT li_bukrs INTO lwa_bukrs.
         AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                           ID 'BUKRS' FIELD lwa_bukrs
                           ID 'ACTVT' FIELD '03'.
         IF sy-subrc = 0.
           z_bukrs-sign = 'I'.
           z_bukrs-option = 'EQ'.
           z_bukrs-low = lwa_bukrs.
           z_bukrs-high = space.
           APPEND z_bukrs.
         ELSE.
           lv_flag = 'X'.
         ENDIF.
       ENDLOOP.
    *---Give warning message to the user in case he is not authorized to see
    *---data for all the company codes that he has entered.
       IF lv_flag = 'X'.
         MESSAGE ID 'ZFNG' TYPE 'W' NUMBER '015'.
       ENDIF.
    ENDIF.
    This code does an authorization check at company code level and removes all the company codes that user has entered but is not authorized to look for. After that we pass the filtered list of company codes for which user is authorized to in the select query and fetch the results. You can first select all the records from database for PERNR and VKORG. Then filter them and prepare new list of VKORG and PERNR after performing authorization check and pass it further to select queries in your program.
    KR Jaideep,

  • Authorization for Measuring document creation

    Hi,
    i have one issue. I want to provide authorization for measuring documents creation. That has been done by providing the different authorization groups in roles for T codes IK11, Ik12 etc to the users. Now users with a authorized authorization group for perticular measuring point can create a measuring document fo that. But the problem is that despite the authorization group, if user goes to t code iw41 for order confirmation , there he can create measuring documents of any authoprization group. How to control that thing. I also give authorization group authorization for t code IW41 but still it is allowing for the creation of documents. any help on this thing.
    Regards,
    Aman Sharma

    Hi
       there are two ways you can control the measurement reading entry
    1. Block the authorisation of IK11.When you go to confirmation screen through IW41 , there a button for measurement document update. Even the user will press it system will not allowed to enter in it as he is no authorisation
    2.You can configure the screen template for overall confirmation  and use this profile while doing overall confirmation using iw42. There you can hide the measurment detail screen.
    customising node " Set Screen Templates for Completion Confirmation "
    Regards
    Amar

  • Authorization at Company Code Level for table FEBKO

    Hello Experts,
    I need to add authorization check on my report program that accesses and displays data from table FEBKO. However the user should only be able to access the data of table FEBKO particular only for their company code. How can I apply this? Thanks in advance for all your responses!
    Best Regards,
    Kurtt

    Hi,
    if it is in your own report, you can define your own authorization object with field for company code. Check transaction SU21 or ask your security guy. Then you will check if an user have authorization for this object.
    Cheers

  • Data model 0G: No authorization for entity type Account (Company Code) - activity Display

    Hello Expert,
    I have a problem with authorization in MDG-F.
    I want to create Account with Collective processing. After, entered Entity type, Edition and Chart of account,  Blocking message "Data model 0G: No authorization for entity type Account (Company Code) - activity Display" is displayed.
    But, i checked in PFCG transaction, for this user profil, activity are : create or generate, Change and display. So, for me , it is correct.
    Please, check screen shot below :
    Blocking message :
    and in PFCG transaction
    Could you help me to solve this point?
    Kind regards,
    Heri RAOELISON

    Hi Heri,
    the system behavior is correct. The account in company code consists of three entity types:
    1) COA - Chart of Accounts (Type 3)
    2) ACCOUNT - Account (A-Segment, related to ECC table SKA1, Type 1)
    3) ACCCCDET - Account in Company Code (B-Segment, releated to ECC table SKB1, Type 1).
    3) includes 1) and 2) whereas 2) includes 1). If you grant authorization only for 3) but not for 1) and 2), you cannot do anything.
    Best regards
    Michael

  • Authorization for cost centers in KSV8  allocation T-code

    Hi all,
    I know it is possible to set an authorization in allocation T-code KSV8 based on the cost center. In the KSV8 transaction, there is a sender, a receiver and obviously in my case the sender is different to the receiver. The following step for me is to identify the possibility to make an authorization for the partner cost center (which is the receiver). The authorization is for the modification of the allocation. Can anyone help me?
    Thanks in advance
    Cheers
    Pascal

    To complete my question, in fact I need to identify an allocation table which makes the difference between the sender and the receiver. Tables marked "T811" are allocation tables...thanks for your help
    Pascal

  • *NO AUTHORIZATIONS FOR CREATING ACCOUNTS IN COMPANY CODE*

    HI
    NO AUTHORIZATIONS FOR CREATING ACCOUNTS IN COMPANY CODE
    SYSTEM MESSAGE:
    No authorization for creating accounts in company code 3333
    Message no. F2305
    System Response
    You cannot access the requested data.
    Procedure for System Administration
    If necessary, include an entry in the user's authorization profile for the authorization object and parameters specified below.
    Authorization object:
    F_KNA1_BUK
    Parameter:
    Company code: 3333
    Actions: 01
    KINDLY THROW UR IDEAS

    Hi,
    You have not been authorized for this transaction. Please speak with your BASIS guy he will give you the authorization.
    Regards,
    Abhee.

  • Delete authorization for specific Company Code

    All,
    For a specific transactions, our users may only run the transaction for a specific company code. Transaction is TPM55A
    What authorization object do I need to add to my role, so the users have only authorization for let's say Company code range 1000 - 1050.
    Many thanx for help
    kr,
    Stef

    Hi Stef,
    Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
    In the filed BUKRS you can maintain the company code as you required for the users.
    I hope this may help you in resolving the issue.
    Thanks
    Karthick

Maybe you are looking for

  • Read any XML File Elements using SAX Parser in J2se

    Hi All I can able to parsed one structured XML file using SAX Sample code : // ===========================================================      // SAX DocumentHandler methods      // ===========================================================      pu

  • Creating a SQL Expression Formula

    Post Author: edt11 CA Forum: Formula I need to due a lookup on name(stored in a different table).  I want to display the name result on the report. I have tried using the following SQL: SELECT distinct(a.short_name) FROM FUND A, FUND_EXTERNAL BWHERE

  • Multiple selection in a JTable cell

    Dear friends, I have to provide a way to user select multiple names in a unique cell of a JTable.... i.e., the user click on te cell, and some pane or list appears on the screen.. te user then select some field and then close the pane. next time te u

  • No entry in table T001P when running time eval

    Hi, Can someone tell me, why this error occurs. "No entry in table T001P" when running time evaluation PT60. I checked his Infotype 1 and has the Personal Area/Subarea assigned. Thanks, Swarna.

  • Changing Workspace Loads Last-Used Sequence Instead of Current One

    Since the update to 8.2.0 (65) build, when switching between workspaces, Premiere will load the last-opened sequence used in that workspace instead of the one currently being worked on. For example: I finish my edit of Sequence A. Taking it from my C