Authorization Group in BOM Header

Can any one guide how to create Authorisation group for Bom and also it's use. <See field Authorization group in BOM header>
Regards,
Samar

Hi,
The Authorization group can be created as follows
Transaction SE54 >Select 'Authorization Groups'>Create/Change-->New Entries.
Now the authorization group created can be assigned to your table.
Goto transaction 'SE56' and select authorization group radio button and create your authorization group.
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
USE
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented.check Su22 and SU24u will get list of objects
Hope clear to you.
Regards,
R.Brahmankar

Similar Messages

  • Authorization Group in T-Code: OB52

    Hi,
    I need to maintain 2 Auth. Group in T-Code: OB52, my requirment is below:
    for some users (nearly 25) needs to post the transaction in June Month and for some users (nearly 10)should have to post for selected GL in the month of June.
    So we decide to create two roles and assign the Auth Group in F_BKPF_BUP Auth. group. But i need to know whether the system will allow to assign two Auth. Group for one Company code (ie., 2 Auth. Group and all common users)
    Please revert ASAP.
    Regards
    JS

    The help on AuGr field in OB52 is good.  Here it is
    Authorization Group
    The authorization group allows extended authorization protection for particular objects. The authorization groups are freely definable. The authorization groups usually occur in authorization objects together with an activity.
    Use
    A posting period can be made available to only a limited set of users using the authorization group.
    Procedure
    If only a limited set of users is to be able to post in a particular posting period, proceed as follows:
    Add the posting period authorization (authorization object F_BKPF_BUP) to the authorizations of the selected users. Assign an authorization group (e.g. '0001').
    Enter the account type '+' for the posting period variant to which the restriction is to apply. Enter the period(s) whose use is to be restricted in the first period, those which are available to all users in the second period, and the authorization group (e.g. '0001') in the last column.
    Examples
    A posting period can be successively restricted. If, e.g. 10 users have the posting period authorization with authorization group '0001', and 3 of these 10 users also with authorization group '0002'.
    If the period is only to be accessible to the 10 selected users the authorization group '0001' is entered in the posting period variant. Access can later be restricted to the remaining 3 users by entering '0002'.
    I guess your requirement can very well be met, as explained in the example above.  Also implement the following SAP Note to be able to assign the authorization group at document header level (account type '+') and at line item level in Transaction OB52.
    https://service.sap.com/sap/support/notes/891505
    Srikanth
    PS: I have seen in a reply above that AuGr controls only special periods, which is not a correct statement.  AuGr controls postings in the period specified in From per.1/Year To period/Year in OB52.

  • Checking BOM Authorization Group

    Hai Friends,
    I have developed a mulitilevel BOM display report. End users have been assigned to 2 Authorization Group as A1 and A2.
    If a user has A1 authorization i have to explode the BOM fully else i have stop to a certain class. How do i identify that a user has A1 authorization or not?. Is there any FM?. if so what all are the parameters needs to be passed.

    Hi T,
    First you need to get authorization object for BOM. You can use transaction ST05 to trace the object.
    Then you can use command AUTHORITY-CHECK OBJECT in your program to check against the object whether the user have authorization or not.
    Regards,
    Chaiphon

  • Authorization tag in  http header

    While making an end point call using the webservice control the authorization tag is getting added to the http header. This is causing 401 errors when going over SSL . We are adding the credentials as part of the SOAP header.
    Why / How is the Authorization Basic tag getting created? Also how can we eliminate it?
    ****************** tcpmon output shown below
    POST /DMIntegration/ContentService HTTP/1.1
    User-Agent: BEA WebLogic Server 10.3.0.0
    Content-Type: text/xml; charset=utf-8
    SOAPAction: ""
    Authorization: Basic U334567dGFsVXNlcjpQb3J0YW1234==
    Host: 10.157.44.155:7080
    Accept: text/html, image/gif, image/jpeg, */*; q=.2
    Connection: Keep-Alive
    Content-Length: 1834
    Thanks,
    - Shankar

    Hi,
    The Authorization group can be created as follows
    Transaction SE54 >Select 'Authorization Groups'>Create/Change-->New Entries.
    Now the authorization group created can be assigned to your table.
    Goto transaction 'SE56' and select authorization group radio button and create your authorization group.
    In general different users will be given different authorizations based on their role in the orgn.
    We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
    USe SUIM and SU21 T codes for this.
    USE
    Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented.check Su22 and SU24u will get list of objects
    Hope clear to you.
    Regards,
    R.Brahmankar

  • BOM Header Long Text

    Dear experts,
    Is there a way to transfer BOM header long text to production order? I see bom item long texts on production order in item details. But in production order i can not find BOM header long text anywhere.
    Best regards

    Dear,
    1. Use  function module: CO_TX_TEXT_CATALOG_IMPORT
    Function group: COTX
    Short text: Import of the order texts from the memory section of SAPScript
    You must maintain the following parameter:
    Exception: NO_CATALOG
    2. Create function module: CO_TX_TEXT_CATALOG_EXPORT
    Function group: COTX
    Short text: Export of order texts back to the SAPScript Memory
    No parameters required
    Please try and come back.
    Regards,
    R.Brahmankar

  • BOM Header and BOM Item Enhancements

    Hi all,
    I just want to make sure I got this correct so far and looking for further info. I have some z-fields(custom fields) that I'm adding to CI_STKO (BOM Header) and CI_STPO (BOM ITEM). I need to be able to display these fields in transactions CS02,CS03,CS11,CS12,CS13. I think I'm suppose to use the following enhancements:
    PCSD0003 : BOMs: Customer fields in header
    PCSD0002 : BOMs: Customer fields in item
    Can anyone give me some info on the screen exits in these enhancements if this is correct and if not can someone give me some guidence to displaying the z-fields in these transaction?
    Message was edited by:
            Akeem Lockett

    You will have to make all the modifications inside the function group XCSA.
    You wiill get the necessary exits there.
    For displaying the custom fields you can use the screens 701 to 721. These are subscreens for displaying the item details. The moment you make changes here in these screens , you will be able to see the effect in CS01/02/03.
    Hope it helps.

  • Routing Authorization Group

    Hello all,
    I have a client requirement where routings need to be be updated by an external system only if they belong to a specific authorization group.
    Looking at a sample routing in CA03, I noticed such field does not exist (which is kind of strange, as auth. groups exist for materials, BOMs, and a variety of other SAP objects).
    I realize there must be a reason why this field is not used and that there is a different method SAP uses to segregate routings based on user security authorization. There is an authorization object called C_ROUT, but I am not sure which field it validates.
    Has anyone encountered a requirement where this issue was addressed?
    Thank you in advance.
    Alex

    dear friend,
    trying to help you:
    http://help.sap.com/saphelp_47x200/helpdata/EN/e7/52df96a85d11d189050000e8323492/frameset.htm
    good luck!

  • Assign posting periods to authorization group in tcode S_ARL_87003642

    Hello,
    I want to restrict posting periods for some users. Therefore, I have created 2 functions associated to 2 authorization groups.
    In transaction S_ARL_87003642, when I try to assign different posting periods to each authorization group to the same company code (Posting Period Variant) it appears a message saying u2018Target key must be different from source keyu2019.
    What am I doing wrong? Do you know how can I restrict posting periods for some users?
    Thanks and regards
    Ana Rita

    Dear,
    You simply have to define authorisation groups in OB52 and assign this group to F_bkpf_bup in SU01 against user proflie as desired. Take basis help.
    Regards

  • Authorization Group for G/L Account

    Hi,
    What?
    - I wish to restrict the 'posting' of a G/L account to be done by certain users only
    How?
    - What I have done was...
    a) From FS00, I have added a free-text (BANK) into the Authorization Group for a G/L account
    b) From PFCG, a new role was created to allow these 2 Authorization Objects, F_BKPF_BES and F_SKA1_BES
    c) 'BANK' was entered for the Authorization Group for both these 2 Authorization Objects
    d) From there, I have assigned this new role to the user that I wish to allow Posting of the G/L account
    Problem?
    - Other users still can do Posting for this G/L account
    - Any steps which I have missed out here or done wrongly?
    Thanks,
    Brandon

    Hi,
    Some other roles of the users may override and cause the users to post against this GL account.
    Check all the roles relevant for the restricted users. 
    Use SUIM t-code to find if the auth object mentioned above is included in any other role.
    If it be, restrict that again.
    Generally if one role as no restriction against this auth and not all, this issue tends to happen.
    Regards,
    Sridevi

  • Restrict Vendor line items display by Vendor authorization group

    Hi Gurus,
    I have a requirement to restrict Vendor line item diplay for Tcode FBL1N, I have updated the Authorization object F_LFA1_BEK, its work fine if all the vendors have authorization, However it also display vendors whose auth. group is "BLANK" or "SAPCE",
    Is there a way that I can slove this issue, is there any SAP notes of other object which needs to be updated ?

    Hi,
    this problem has been discussed on this forum last week. Basically, SAP does not perform authorization check if the authorization group is blank. Hence you need to assign authorization object to all vendors.
    Cheers

  • Authorization group in GL A/C

    Hi,
        I have a role that has the authorization group in the authorization objects  F_BKPF_BES , F_SKA1_BES  updated only with 'AUTH' but the same role is also able to access GL accounts with authorization group 'REST'.
       I want to restrict the role to access GL Accounts only with authorization group 'AUTH'.
    How to do it.Kindly advise.
    Thanks.

    GL account Authorization
    Re: How to create authorization groups for G/L Accounting
    Thanks
    Javed

  • Authorization group in GL A/C using FB01

    HI, We have  activated the authorization Group in GL A/c. Using the authorization object F_BKPF_BES we were able to create restrictions on other tcodes like F-28 . However when using the u201CFB01u201D tcode, the authorization check does not have any effect. I have already check the authorization in SU24 for fb01 and status is set to YES. I have also created a trace(using ST01) for this transaction but ST01 does not show any authorization trace for F_BKPF_BES.

    Hello,
    Authorization object:F_BKPF_BES should be checked when you run FB01.
    In your case,please try to check the following points:
    1.Authrization group was assigend to G/.L master data correctly.
    2.Authrization group  was assigend to object:F_BKPF_BES correctly.
    3.Avtivity was defined in this object correctly.
    4.Role was assgined to user correctly.
    5.SAP_ALL authorization was deleted from the user profile.
    Note: it is impossible to define the authorization group as '  '(space) in object:F_BKPF_BES,
    if '  ' was defined, system will consider there are no any setting existed.
    Hope the above infor. could help you to solve this issue.
    Best Regards,

  • Creation of Authorization group

    Hello All,
    I have a requirement from FI consultant for creation of new authorization group. This auth. group we want to use in FI objects like F_BKPF_BEK. so that for few end users they should not change any vendor data in FK02.
    I have gone through several posts, but not able to get / understand clear steps for creation of auth group and assignment.
    One of the post i found is below:
    [How to create Authorization group;
    i tried to do few steps but not in right direction. Request you some one please suggest me the steps for cration.
    Rgds,
    Durga.

    Julius,
    Thanks for the update. As suggested by you i have inserted one entry of auth group in TBRG table against FI object with SE16.
    Now how do we maintain the view of V_TBRG. Is it from SE11?, if yes then i should do this step from ABAP login.
    But what i heard is, this activity is purely involved by Basis people.
    Please suggest.
    Rgds,
    Durga.

  • Delivery Copy Control to sto BOM Header

    hi friends
    we have requirement to stop copying BOM header if there is any component is not copied from sales order to Delivery.
    we are trying to use the copied routine from existed standine routine FV50B101.
    please any one can give me the solution in this program where i can find the how many for compnents copied fo each BOM. if i know the location where are they copying compnenets then i can handle it.
    please give me solution.
    Thanks
    Ramesh

    remark: for me the check is in line 113 (SAPKH60407).
    Please read OSS note 842829:
    2. The system does not transfer the partner data from the STO to the replenishment delivery. This particularly applies to the forwarding agent. The replenishment delivery uses only the customer of the receiving plant (EKPO-WERKS) as a partner. In the replenishment delivery, this customer (EKPV-KUNNR) is the direct goods recipient. The customer is not the sold-to party or a general debtor, for whom the system would determine a (different) goods recipient using the customer master in the replenishment delivery. If the PO header contains a vendor, you can use a modification to transfer the vendor as a partner to the replenishment delivery, if required. However, this is not the standard system behavior. There is no known modification for transferring the forwarding agent.

  • Customer Master Data and Line Items Balances Display - Authorization Group

    One autorization group was created and assigned to some customer masters in General, Company Code and Sales Area's.
    User is restricted to one authorization group. When executing FBL5N, all customer balances are displayed i.e. including blank authorization group customer. It is not restricted to authorization group customer! Why?

    Kindly check the authorization objects assigned in the user profile. You may ask your basis to help you with the authorization.

Maybe you are looking for

  • Print Reports with CUPS

    Hi people, I have forms 11g and i'm trying to print reports directly to a printer that is installed on the server in CUPS via samba. I can print to my printer from os. Example, i open a pdf and it prints. In oracle reports, i run the report successfu

  • External Lacie drive won't mount

    I have a older Lacie 160GB LaCie P3 extrenal drive that I can't mount. There never has been an issue with mounting it before in the method described below. Here is what happened: I turned the drive on but the firewire was not connected so I turned th

  • Webutil.client_host relative path

    Hi, I'm upgrading an old 6i client application. There are some calls to host commands that contain relative paths. ..\import\start.batFrom 10G using client_host these files are not found. Probably the paths are not relative to the location of the fmx

  • Oracle 9i RAC

    Oracle claims that from a functional perspective, Oracle9i Real Application Clusters is equivalent to a single-instance database. I understand that it means exactly that. In a cluster of several servers, multiple Oracle 9i databases on the servers ar

  • Copa  for mobile

    hi, i have one doubt, in fi/co in mobile (like bsnl, airtel) will use co-pa for these clients or not?