Authorization OBject for Delete and Lock indicator in PO function.

Similar Messages

• Need Authorization Object for SE11

  Dear All,
                 I have created role in PFCG and created user in su01.
                 I need authorization object for se11 and sm30.
  With Regards,
  Baskaran

  Hi,
  For the Authorization Object for any Tcode goto SE93 Enter the Tcode and press display
  S_DEVELOP
  Cheers
  Ram

• Authorization objects for  transaction, one to view, and one to maintain

  Hi all,
  My requrement is to create two authorization objects for  transaction, one to view, and one to maintain.
  I know how to create objetcs vai sm21, but i donot know how to crate objects with activity codes.
  Please suggest how to create object where i can asign activity codes.
  regards
  manish

  The Authorization Concept
  R/3 uses authorization objects to assign authorizations to users. An authorization object is a template for an authorization. For example, authorization object F_SKA1_BUK - G/L Account: Authorization for company codes requires the specification of two field values: Company Code and Activity. To allow a General Ledger supervisor to create a general ledger master record, he/she must be assigned an authorization to create (Activity 1) accounts for a specific company code (eg. Company Code 2000). Such an authorization is created using the object F_SKA1_BUK by assigning these field values and naming the authorization following an appropriate convention (eg. Z_SCC20001).
  Authorizations may be classified as general authorizations, organizational authorizations or functional authorizations. General authorizations specify the functions a user may perform. Authorization object F_SKA1_BUK has been assigned to the function for creating general ledger master records. The system checks for the useru2019s authorization to create general ledger accounts (Activity 1) in at least one company code. The system then checks whether the user is permitted to create accounts for the specified organizational unit (company code) and has the required functional authorizations. Authorizations in this case may restrict the user to certain Charts of Accounts. In addition, an authorization group may be defined in certain authorization objects to protect individual master records.
  Profiles relating to an organizational role (eg. General Ledger Supervisor) are defined consisting of a list of authorizations and other profiles. Such profiles are then assigned to users with that role and stored in their user master record along with other data (eg. password).
  Do check this link as well.
  http://articles.techrepublic.com.com/5100-10878_11-5110893.html

• Authorization object for "set TECO" and "undo TECO"

  We want to control the authorization for "set TECO" and "undo TECO",but we can't find relevant Authorization object. Is there any Authorization object  for these two functions? If there's no Authorization object for them ,then how can we achieve the same result? Thank you very much!

  Hi,
  Under one user ID the auth object B_USERSTAT will have the authorization key in which user will be responsible to change the TECO user status.
  One user will not have any authorization key under B_USERSTAT Auth_Object.
  Hope it's will give you help.
  Regards,
  Vishal Kr. Sharma

• Authorization object for field, EBAN-ESTKZ (creation indicator)

  Dear All,
  Does anyone know if there is an authorization object for field, EBAN-ESTKZ?
  I need to control the PR's authorization at creation indicator level. i.e. we need to remove the ability for all users to change Purchase Requisitions created by MRP.
  Thanks,
  Arun.

  Hi Jay,
  Thanks for your response.
  I didnt find it there. You have any Z options?
  Thanks,
  Arun.

• Authorization Objects for GL, AP, and PCA

  Hi,
  What is the difference in:
  1. Authorization Objects
  2. Facility Objects
  3. Profit Center Objects
  Where can I find the above objects related to:
  1. GL
  2. AP
  3. PCA (Profit Center Accounting)
  Please give me the answer, I will assign points to you.
  Thanks in advance.

  Hi,
  1) Make the characterstics like Company code, Controlling Area, Proficenter ..etc as authorization relevent (RSA1)
  2) Create the Respective Authorization objects for each of the above Characterstics (RSSM).
  3) And assign the Cubes and ODS es to the Authorization Object RSSM
  4) Create and use the Authorization variables on the above characterstics in reports
  5) maitain the access for all users through the roles by including and maintaining the AOs (created in step 2)
  With rgds,
  Anil Kumar Sharma .P

• Authorization Object for Clear G/L account (trx F-03)

  Hi,
  my client wants need to restrict some G/L accounts for certain company codes when clearing G/L accounts. In other words, I need to check that some users are cannot clear (trx F-03) some G/L accounts for some company codes.
  I have reviewed the authorization objects (FI & FI_T) and I could not find one for that purpose. It seems that 'clearing' is not an activity for authorizations as create, display, delete, post... are.
  Do you know if an authorization object (or activity) for clearing G/L account exists?
  Thanks you in advance
  Rafa

  ST01 shows all the objects checked in F-03 from calling the transaction, through simulation, till clearing:
  S_TCODE    RC=0  TCD=F-03;          
  F_BKPF_BUK RC=0  ACTVT=01;BUKRS= ;  
  F_BKPF_BUK RC=0  ACTVT=01;BUKRS=1000; 
  F_BKPF_BUK RC=0  ACTVT=01;BUKRS=2000; 
  F_BKPF_BUK RC=0  ACTVT=01;BUKRS=2000; 
  F_BKPF_BUP RC=0  BRGRU=0001;  
  S_TCODE    RC=0  TCD=F-03;              
  F_BKPF_BUK RC=0  ACTVT=01;BUKRS= ;      
  (I have cleard an account between company code 1000 and 2000.)
  Activity "post" means in this case "clear". There is no different activity for clearing.

• Authorization Object for using Object Services

  Can you tell me how to limit a users authorization to create or delete attachements using the object services functionality?  We'd like to control the addition and deletion of the attachments.  Is there a specific authorization object for this functionality?
  Thank you, Julie

  Hi julie;
  I hope that following are the solution for you problem. Check wheather this is helpful to you or not.
  Authorization Object C_DRAW_BGR (Authorization Group)
  The following table shows authorization object C_DRAW_BGR. This authorization object allows you to limit access to individual documents.
  Fields      Possible Values      Description
  BEGRU (Authorization group)      0000 - ZZZZ      Used to restrict the authorizations for document maintenance further.
  Authorization object C_DRAW_BGR can be used to restrict access to individual documents. It works like a simple on/off switch. If the check of object C_DRAW_BGR is fine, the user's authorization can be further restricted by checking C_DRAW_TCD (check only based on the document type) or C_DRAW_TCS (check of the
  combination of document type and status). At the fifth level there is a BADI called DOCUMENT_AUTH01, which you can use to design your own authority check.
  Authorization Object C_DRAW_DOK (Document Access)
  The following table shows authorization object C_DRAW_DOK. This authorization object controls which original data of a specific document type there are access authorizations for.
  Fields      Possible Values      Description
  ACTVT (Activity)      52 53 54 55 56 57      Change application start Display application start Display archive application Change archive application Display archive Store archive
  DOKAR (Document type)            Here you enter the document type that access to original data is allowed for.
  Authorization Object C_DRAD_OBJ (Object Link)
  The following table shows authorization object C_DRAD_OBJ. This object controls which users can process which document info records, based on a combination of activity, object, and status.
  Fields      Possible Values      Description
  ACTVT (Activity)      01 02 03 06      Create Change Display Delete
  DOKOB (Object)            You must enter the data base table for the objects here (for example, MARA for material record).
  STATUS (Document status)
  if useful rewards points.           
  Regards,
  nitin
  Edited by: nitin bhagat on Feb 18, 2008 6:23 AM

• Authorization object for Object services

  Hello together,
  I want to know if there is an authorization object for Generic object services functionilty especially the WF options like WF overview, start WF, Archieve WF..............................
  My understanding is any user who has access to a particular Business object, can user GOS to view WF stuff..................Is my understanding correct or should we have extra functions.....................
  Regards

  Check authorization objects S_OC_ROLE and, for recent releases, S_GOS_ATT.
  Regards,
  Raymond

• Authorization object for plant on selection-screen

  Hi All,
  I need to cehck the authorization object for plant on sleection screen..the palnt is select-options.
  I have written the code
  Declaration of local constants.
    CONSTANTS : lc_i(1)  TYPE c VALUE 'I',
                lc_eq(2) TYPE c VALUE 'EQ'.
    REFRESH : r_werks.
    LOOP AT s_werks.
      IF s_werks-low IS NOT INITIAL.
        AUTHORITY-CHECK OBJECT 'M_MATE_WRK'                "Check if the user has autorization for the plant.
                             ID 'ACTVT' FIELD '03'
                             ID 'WERKS' FIELD s_werks-low.
        IF sy-subrc NE 0.
          r_werks-sign   = lc_i.
          r_werks-option = lc_eq.
          r_werks-low    = s_werks-low.
          APPEND r_werks.
        ENDIF.
      ENDIF.
    ENDLOOP.
    LOOP AT s_werks.
      IF s_werks-high IS NOT INITIAL.
        AUTHORITY-CHECK OBJECT 'M_MATE_WRK'                "Check if the user has autorization for the plant.
                             ID 'ACTVT' FIELD '03'
                             ID 'WERKS' FIELD s_werks-high.
        IF sy-subrc NE 0.
          r_werks-sign   = lc_i.
          r_werks-option = lc_eq.
          r_werks-low    = s_werks-high.
          APPEND r_werks.
        ENDIF.
      ENDIF.
    ENDLOOP.
  My doubt is will the authorization will check the plants in between 1001 and 2001..suppose i have pplants 1001,1002,1003,1004,2001..Now will the above code will check for all the plants or only 1001 and 2001 if i specify in the select-options.
  Regards,
  raj

  Hi Raj
  First no need to LOOP AT s_werks and check s_werks-high as it will always be present only once in the table s_werks.
  Do this
  SELECT werks FROM t001w INTO li_werks
  WHERE werks IN s_werks.
  LOOP AT li_werks.
  *check your authority thing here and fill the range
  ENDLOOP.
  Pushpraj

• Authorization Object for Marketing Attributes

  Hi Experts,
  We are working with CRM 2007 and use in BP Marketing Attributes. Does someone know if there are any authorization objects for Marketing Attributes? We would like to restrict some of users to see some Attribute sets!
  Thank you in advance,
  Roula

  Hi Roula,
  Thank you so much for awarding points.
  Please note that in Transaction PFCG you have to assign the appropriate three digit attribute set key under the authorization group BGKRL to the authorization object C_KLAH_BKL for assigning attribute sets and to the authorization object C_KLAH_BKP for editing attribute sets.
  Please have a look at the Note in the bottom of the page at the following link for further information.
  http://help.sap.com/saphelp_crm60/helpdata/en/46/3517cc86e01421e10000000a1553f6/frameset.htm
  Regards,
  Deepak

• Authorization object  for PLANNING PLANT

  Hi all,
  My client has different Planning plant & Production plant.
  If I need to give access to GR for order (MB31), how do I know the authorization object for the Planning plant.
  User should be given access to MB31 to the Planning plant & NOT to the Production plannt.
  Any idea where we could find the authoriz. objects for a particular field?
  Pls advise.

  Goods Receipt for Production Order: Movement Type            M_MSEG_BWF
  Goods Receipt for Production Order: Plant                    M_MSEG_WWF
  these are the authorisation objects with activities as  ACTVT and WERKS
  Maintaine the values for ACTVT  as
  01 Create or generate,
  02  Change
  03 Display
  04 Print, edit messages
  and maintaine the values WERKS   (ur plants 4 which u want to give authorisations)
  and BWAR ( movement types 4 which u want to give authorisations)

• Kindly give authorization object for mrp type in material master

  Hi friends,
  Kind tell me what is the authorization object for MRP type in material master.
  Your help is considered more important.
  thanks in advance
  willaims

  hi,
  check your authorisation objects here:
  Go to PFCG --> Environment (at menu bar) --> authorization objects --> Display...
  Here see for MRP and MM for material managament in the tree structure...
  Regards
  Priyanka.P

• Maintain assignments of authorization objects for Z Webdynpros in SU24

  Hello experts,
  When we display the assignments of authorization objects for External Services -   Webdynpros in transaction SU24,  Z_webdynpros are not shown in the screen.
  We need to add more webdynpros in that table.
  I suposse that there must exist a way for updating that table with the Z webdynpros developed or some configuration is needed.
  Thanks in advance...
  Hector Longarte

  The Zwebdynpros I am talking about are Java Webdynpros in the SAP Portals, and the SAP ERP is onlyan ABAP stack.
  Is this configuration posible??

• Custom Authorization Object for HR

  Hi,
  As per our Company's internal needs I have created a Custom Authorization Object for HR named ZP_ORGIN (it has Personnel Subarea field BTRTL besides what's there in Auth. Object P_ORGIN) and made it Check/Maintain for transaction PA30 in SU24.
  I can see the entries in the USOBT_C & USOBX_C tables for this object, I am also able to add this object in the roles as well.
  Everything looks fine, but when I execute the transaction & do a trace on it, the object ZP_ORGIN is never checked (for a user having this object in his/her User Master). Only P_ORGIN object is checked instead.
  I believe I'll have to write some ABAP code e.g. AUTHORITY-CHECK OBJECT 'ZP_ORGIN' etc. Can anybody tell  which User Exit or Field Exit I'll have to put the AUTHORITY-CHECK code in, so that my new custom authorization object is alwayz checked.
  Your help will be appreciated.
  Thanks,
  Mandeep Virk

  Hi,
  I have created a Custom Authorization Object for HR named Z_ORIGIN (it has Personnel Subarea field BTRTL besides what's there in Auth. Object P_ORIGIN) and made it Check/Maintain for transaction PA30 in SU24.
  I can see the entries in the USOBT_C & USOBX_C tables for this object, I am also able to add this object in the roles as well.
  Everything looks fine, but when I execute the transaction  the object Z_ORIGIN is never checked (for a user having this object in his/her User Master). Only P_ORIGIN object is checked instead.
  We've ran the report RPUACG00 also which is mentioned in this thread.
  We also coded the authority check code in the both user exit ZXPADU01 and ZXPADU02 for PA infotype operations
  I believe I'll have to write some ABAP code e.g. AUTHORITY-CHECK OBJECT 'ZP_ORGIN' etc. Can anybody tell which User Exit or Field Exit I'll have to put the AUTHORITY-CHECK code in, so that my new custom authorization object is alwayz checked
  but still it is taking the P_ORGIN object.