Authorization group in Z-Table and user assignment

Similar Messages

• ASSIGN AN AUTHORIZATION GROUP TO MANY TABLE

  Hello,
  I have several hundreds table to assgin an authorization group zaut.
  Is there any easy way to do it?
  I do not want to go se54 and change all table authorization group one by one.
  Please help.
  Thanks,
  Jeongbae

  Use Tcode SM30V_DDAT to assign the Authorization Group to multiple tables.
  Regards,
  Naimesh Patel

• Extraction of roles content and user assignment

  Dear all,
  we want to transfer some CCA-rights to BI into a table, which will be referenced in a role in BI.
  Purpose is to tranfer the authorization concept from ERP to BI.
  I have to write for this some function module, which might be a bit complex but not impossible.
  Has anyone experience with this?
  Regards
  Harald.

  HII,
  To search for  roles with no users assignment u can run a report RSUSR070 AFTER EXECUTING TCODE SA38 in the progran field enter the name of the report and click execute button u get roles by complex selection criteria    then scroll down and in the selection according to user assignments  select  without user assignment then cli ck execute button u will get the roles with no user assigments............
                        Thanks and regards

• Importing all tables and users from Oracle 8i database to Oracle 10g

  Hi friends,
  It would be highly appreciated if someone would kindly advise steps needed to
  import full Oracle 8i database ( with all users, tables, table spaces
  and other components ) to Oracle database 10g .
  Thanks and regards

  hi
  ur exp ur database from oracle 10g. from exp cmd instead of expdp cmd bcoz oracle 10g. expdp cmd is not compitable with oracle 8.
  simple give cmd>exp cmd if u want exp complete database from oracle 10g..
  if u have any problem go reference oracle database utilities ....
  and then imp in oracle 8 using imp cmd cmd>imp cmd bcoz here u want imp complete database....
  i hope u do ur work successfully...
  regards
  Mohammadi

• Room role and user assignment

  Hi ,
  We are on EP6 SP10 and have a strange issue involving
  collaboration rooms.We are having MS-AD UME.
  Now after changing from one ldap to another , some users
  are displayed as ldap id's in the rooms while some are not.
  They are displayed properly with name itself.
  Why is this so? Is this because they have been deleted in the
  ldap but not in the room , something like that.
  Also there is no way to remove these id's from the room too,
  this generates  a runtime error.
  Any help on this would be appreciated
  Regards
  Vineeth

  Hi Vineeth,
  Why is this so? Is this because they have been deleted in the
  ldap but not in the room , something like that.
  Sound reasonable, if this is in fact your situation.,
  Also there is no way to remove these id's from the room too,
  this generates a runtime error.
  Ýou could try to remove the users from the corresponding group via the UME. For each room, there is a group created in the UME with the name "ROOM_[roomname]_MAIN" and the ID "ROOM_[roomid]_MAIN". Open that group and try to remove the user entries in question from there.
  Hope it helps
  Detlev

• Groups out of Repository and Users out of LDAP

  Hi together,
  is this combination above possible?
  Regards,
  Stefan Hess

  I think it should be possible, but I would not recommend it.
  About storing the users in the repository:
  - For each new user you have to update the repository. You can add the users on the fly by opening the (production) repository in online mode. But then you have to do the same action again in the offline (development) repository, because otherwise the added user will be gone when the development repository is released on production.
  About deleting groups out of the repository:
  - In this case you cannot authorize the presentation layer for a group of users. So for each subject area, or worse presentation column, you may need to set the right authorization for each user.

• Subject area security validating users and groups from external table

  Hi all.
  I don't have practice to put question here, but there is one problem, that seems don't work correctly in OBIEE.
  I'm trying to put users in groups within external table and this works fine.
  I put security on the subject area level like this:
  SA1 -> GroupA allow, Everyone not allow
  SA2 -> GroupB allow, Everyone not allow
  External table:
  User----------Group
  A---------GroupA;GroupB
  B---------GroupB
  Users A, B and GroupA, GroupB exists in the RPD, but I didn't put users inside them, I want this from table.
  From the init block, external table I'm taking users and join them in the group. Same name users and groups are also in the presentation service.
  When i connect with user A i don't see any subject area, when go to My Account i see in Group Membership/GroupA and GroupB, so it's readed from the external table.
  Why in this case the subject area permission is not working?
  It works if I explicitly put users in groups, in the RPD.
  I have read this blog entry http://kpipartners.blogspot.com/2009/07/groups-webgroups-and-delivers.html and it is said that this works, but I'm interested how.
  What should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?
  This doesn't work or something is missing:
  Re: Security on Subject Areas
  Regards
  Goran
  http://108obiee.blogspot.com

  What should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?Yes, you should remove Everyone and add the relevant groups to each Subject Area. You don't need to set privileges in the RPD, in fact that's probably why it doesn't work for you. Leave your RPD Presentation Catalog as "Everyone" = Read as you will controlling access from the Presentation Services and it should work.

• Table for Role & Authorization group

  Hi Gurus,
  I am looking for a table or FM to get all roles for Authorization group.
  I tried in SUIM tcode but could not able to find exact DB table for these.
  Giri
  P.S.: To Moderator:
         My earlier thread was locked for the same question, I was searching in SDN and google from last 3 days and could not able to find enough information on it. AGR_USERS, TBRG, TACT are the tables i found. But still there is a link missed between Role & Authorization Group.

  Thomas,
  My report have selection screen with Auth group and user.
  If user provides Auth. Group then need to find all roles linked to auth group and users assigned to that role.
  In my investigation, there is link between Auth. Group <--> Auth. object.
  Also Auth. Object <--> Role.
  but still there is a fine link missing between Auth Group <--> Role.
  For Eg: Auth Object S_TABU_DIS will be associated to all Auth. Groups but assigned to only limited roles.
  I tried to debug the SUIM transaction multiple times but couldn't find the tables to find the link and not able to find the FM's.
  if anybody have any idea to find that link between Auth. Group & Role then it will be helpful....
  Giri

• How to find tables contain in particular authorization group.

  hi all
          By using SE11 , i just enter a table name like "MARA"
           then i go for display
          then by clicking utilities->assign authorization group
            i can get the info. about tablename and which authorization group(MM) the table belongs and its desc.
  my question is if the Authorization group is MM, i need to know the list of tables belongs to that particular auth. group.
  regards
  pras

  Hi Pras,
  These are stoed in table TDDAT. you can use se16 for this table and enter MM in CCLASS field hit execute.
  Ravi
  [My SAP Blog|http://raviinsap.blogspot.com]

• Authorization group for table maintenance view

  I  need to create table maintenence view for a custom table, client provide name for auth. group, but no clue how to create auth. group.
  can someone provide the steps to do this?

  Hi,
  Follow below steps to create table maintenance for a table and to assign authorization group to a table:
  step1: Go to SE11 enter the table name
  step2: In the standard toolbar you will find UTILITIES
  Go to UTILITIES -> TABLE MAINTENANCE GENERATOR
  You will go to first screen of Table maint. gen.
  Here you will find to enter authorization group.
  Thanks and Regards,
  Shravan G.

• BADI or exit for WA08 to group it by allocation table and vendor

  Hello Experts,
  I have a requirement wherein I need to group the rows upon generation of purchase orders in tcode
  WA08. I need to group them so that I can create a PDF format of the PO grouped by allocation table and vendor.
  For example, If I created 4 purchase orders with allocation table 123 and vendor 456 then it should only produce
  1 PDF file. Are there any BADI or exit that can group my selected rows as per my requirement?
  Thank you guys and take care!

  Hi ,
  I also have this problem and want to know any exit or BAdI for controlling PO item in WA08.
  Best regards,
  Connie

• Authorization Group in BOM Header

  Can any one guide how to create Authorisation group for Bom and also it's use. <See field Authorization group in BOM header>
  Regards,
  Samar

  Hi,
  The Authorization group can be created as follows
  Transaction SE54 >Select 'Authorization Groups'>Create/Change-->New Entries.
  Now the authorization group created can be assigned to your table.
  Goto transaction 'SE56' and select authorization group radio button and create your authorization group.
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  USE
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented.check Su22 and SU24u will get list of objects
  Hope clear to you.
  Regards,
  R.Brahmankar

• Authorization coding in custom table

  Hi frnds,
     I want to give an authorization to a custom table. I have created a new authorization group and assigned a role and user for it.
     I had done a coding to check the authorization in Maintenance generator program.
  MODULE CHECK_AUTHORIZATION OUTPUT.
  data : w_tddat like tddat,
         viewname type tabname value 'ZTSD_IB_TRMAP',
         act_level.
  select single * from tddat into w_tddat where tabname = viewname.
    if sy-subrc <> 0  or  w_tddat-cclass = space.
      w_tddat-cclass = '&NC&'.           " 'non classified table'
    endif.
    authority-check object 'S_TABU_DIS'  "check by class
        id 'ACTVT'      field '02'
        id 'DICBERCLS'  field w_tddat-cclass.
    if sy-subrc <> 0.                    "not allowed
        authority-check object 'S_TABU_DIS' "check by class
           id 'ACTVT'      field '03'
           id 'DICBERCLS'  field w_tddat-cclass.
        if sy-subrc =  0.
         fupd  = space.
         fshow = 'X'.
         act_level = '03'.
         p_action = 'S'.
          message w106(tb) with viewname."only show allowed
        else.
          message e107(tb) with viewname."no upd auth
        endif.                           "sy-subrc from  2nd auth_check
      else.                              "act_level <> 02
        message e105(tb) with viewname . "no show auth
     endif.
    endif.
  ENDMODULE.                 " CHECK_AUTHORIZATION  OUTPUT
  But the problem is on debugging even for the unauthorized user the authorization check coding:
    authority-check object 'S_TABU_DIS'  "check by class
        id 'ACTVT'      field '02'
        id 'DICBERCLS'  field w_tddat-cclass.
  gives sy-subrc = 0.
  What is the problem with the coding.
  Also can an one explain me about
         fupd  = space.
         fshow = 'X'.
         act_level = '03'.
         p_action = 'S'.
  and what are the datatypes to be given for it on data declaration.
  Thanks in Advance

  >
  neethu wrote:
  > I have created a Z table and I need to create and assign an Authorization group to the table. The requirement is like, say, if there are 10 users who belong to this particluar Authorization group, then 5 users should be given display and change authorization. And the remaining 5 users should be given only display authorization & no change authorization.
  >
  Assuming users are accessing the table content using SM30 (or SM30 parameterised transaction) you can use authority object S_TABU_DIS to control change mode. User who are suppose to change content should have authority object S_TABU_DIS with following values in their role.
  S_TABU_DIS
  ACTVT = 02
  DICBERCLS = AUTH_GRP
  for display only
  S_TABU_DIS
  ACTVT = 03
  DICBERCLS = AUTH_GRP
  Where AUTH_RP is authorization group assigned to table
  Regards,
  Pawan.
  Edited by: Pawan Kesari on Aug 9, 2010 4:17 PM

• Authorization Group in CV01n Document Data tab

  Hi SAP Gurus,
  I went on to Configure the Authorization groups at  spro / Document Management / Approval Tab,
  but the same is not appearing in CV01N create document, Basic data tab. Screen......
  can any one explain how to configure this Authorization Group and make use of this Authorization Group
  i tried in PFCG, at object C_DRAW_BGR, also but the authorization groups i have created is not displayed at all.
  what is the Configuration missing and to work with Authorization groups.
  please Advice
  Points Awaiting
  Thanks and Regards
  Kumar

  Dear Punam,
  Thanks for ur reply. i have created the authorization groups in SPRO at the approval Tab,
  and also can see the Field Authorization Group in CV01N basic data Field but
  By pressing F4 or searching i could not find my Auth groups created there,
  Nor i could find them at PFCG, at  C_DRAW_BGR objects, at BEGRU
  where has my created Auth group gone,
  please explain how to work with Auth groups. where and all it has to be assigned and linked.
  How to use Authorization Groups for Digital signatures and restrict users For accessing Documents And Original files specifically.
  Thanks and regards
  Kumar

• Creating Authorization groups for material types

  Hi All,
  I have a requirement to create Authorization groups for different material types we have in our company. Basically these are intended to restric the users from accessing the material master. Different material types needs to be assigned to differnt group of users.
  So if we can create couple of Authorization groups, then I am thinking of assigning the material types to these groups.
  I went to SPRO---Logistics general ---Material master -
  Tools --- Maintain authorization and authorization profiles.                 TCODE : PFCG
  Is this the right path?
  Please advise
  Shane

  Hi All,
  I don't think SPRO---Logistics general -Material master- Tools --- Maintain authorization and authorization profiles is the right path to create new authorization groups.
  Can anyone explain how to create new authorization groups for different material types. The purpose is to create a role and assign this auth. group to this role and provide that security role to specific users.
  Regards
  Shane