Authorization object to import mb51 detail list to excel
Dear all,
What is authorization object to import mb51 detail list to excel ?
Able to see report material document list,but export to local file is greyed out ?
Jeyakanthan
Hi,
you can export ALV using menu option List -> Export -> Local file. Icon with green arrow which is usually used for download functionality in ALV has a different meaning in MB51. I know it's confusing. It's used to get full MM documents from archive. It's active only if you set option Short Documents in the section Data Source.
Cheers
Similar Messages
-
MB51 Detail list import to excel - Authorization object
Dear all,
What is authorization object to import mb51 detail list to excel ?
JeyakanthanHI,
Try this link
Problem with authorization object belongs to MB51
Regards
KK -
Import of activity list from Excel sheet.
Dear all,
I have configered PS module and is working fine.
I have some existing data of activities in Excel sheets. Which are around 2000 activies for every project.
I want to directly imports these activiteis from Excel sheet to SAP activity list.
IS there any method by with I can upload these activities from Excel file directly.
Regards
SCSharmafirst create a BDC (or record LSMW) and rearrange your excel sheet as per BDC requirement and upload...!
-
BW 3.5 which authorization objects available rssm (checks for infoprovider)
Hi all,
How does SAP generates the list of authorization objects in RSSM when you enter a specific infoprovider (checks for infoprovider)? Are only the authorization object related to this infoprovider listed?
Is there any documentation about the purpose in RSSM for the button 'update check status (Authorization objects, infoprovider).
thanks for your help.Based on which criteria?
Is there somwhere detailed documentation available about the RSSM part in BW authorizations? It seems hard to find any...
Thanks, -
Hi everyone,
How can I get the list of all authorization objects and their details for a specific user ?
Is there a function ?
Thanks.
Regards.Hi
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Take the help of the basis Guy and create and use.
<b>Reward points for useful Answers</b>
Regards
Anji -
MB51 - report layout and detail list
We are running jobs with MB51 with a specific layout. when the report displays, we click the detail box to convert it to a one line report.
Is it possible t execute MB51 and have the detail list display - so this could be run in the background and the one line list display would be the spool file.
OR - Can I create a one line report with MAterial number oand vendor on each line with quantities, values etc.
thanks
AltheaI finally had a chance to look into this -
All report layouts are using a "header" line and a "Position" line
It is this Header and Position that are making it "not useful" as a download file at this level. As I said - if I click "details" - I get the report I'd really like to see for back ground process spool file or export file.
Any ideas how to create a report layout without the header and position line? or just no header line would work. When I try modifying an existing report - Material and Plant are always on the header line and not available on the position line.
Any and all help will be rewarded - thank you -
Does anybody know of a document that lists each SAP authorization object and what functions you can restrict with each authorization object?
I'm looking for something that says (for example) "If you want to restrict access to roles, use this"Hi Jim,
See if the following help you:
http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6873e07211d2acb80000e829fbfe/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/content.htm -
List of Authorization Object with Transaction Code
Dear All ,
Does SAP provide any report to list all the Authorization Object ? and which object is belong to which transaction code ?
Thanks .hi olrang ,
STEP BY STEP TO CREATE AUTHORIZATION OBJECT:
STEP1: goto SU21 transaction and create a new Authorization Object
Object Name: Z.....
Text: ...........
ClassL SD (YOUR MODULE)
AUTHOR: YOUR ID
STEP2: Give authorizatin fields as
ACTION - Action of the Authorization
Activity - Document Destribution.
STEP3: Basis will create a role using transaction PFCG and assign this authorization object to that role.
STEP4: Call the AUTHORITY-CHECK Object in your code.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
IF sy-subrc 0.
MESSAGE e000(zzpp) WITH 'No Authorization'.
ENDIF.
and it belongs to SU24 transaction code
Saurabh Goel -
User List for a specific Authorization Object
Hi all,
i am looking for a way to get a list of all users assigned to a specific Authorization Object with specific values. The FM 'authority_check' is the other way arround and not that what i need. Do someone have an idea.
Many thanks in advance.
AliHi,
Try this FM
SUSR_USER_AUTH_FOR_OBJ_GET
Check this FM
AUTHORIZATION_DATA_READ_SELOBJ
Rgds,
Prakash
Message was edited by: Prakashsingh Mehra -
TOBJ Authorization Object Details
Hi All,
I am trying to see the logic of a Z-Authorization object. I can see an entry in the table TOBJ but am wandering about where to see the details for that Z-authorizations.
Where can i get the details for any authorization objects?
Please help.
Thanks!Hi ,
At run time/Debugging Create a BreakPoint using key word 'authority-check'.
The Debugger will stop at all those place where Authority check is done.
See attached screen shot for reference.
Regards,
Vikas -
MB51 scheduled in background - with result as 'Detailed list'???
Hi All.
I run MB51 (report RM07DOCS) with a predifined variant and get a list of material documents. Then GOTO> Detail list.
Is there a possibility to schedule RM07DOCS with a variant as a background job that would give detail list right away with a predifined layout.
thanks
Ivan Sobol
Edited by: Ivan Sobol on Oct 14, 2008 8:55 AMHi Brahmankar
thanks for your answer. The variant for program RM07DOCS already exist and it works fine. I get the output but then i need to go to 'Detail list' where i need to choose specific layout. Layout is not for a variant of RM07DOCS but for a 'Detail list'.
And our user want to get 'Detail list' as final result of the batch job
May be there is any any report that could give sum (by quantity & Loc. curr. amount) for a specific movement type/period of time.
thanks
Ivan Sobol -
Details about authorization Object
Please help ,i had two fields ex sales org & distribution chanel and i have to write a code for authorization , is the authorization object which i wrote is right or not.
I know that we can use at max of 10 fields , but say vkorg / vtweg is used 5 times with different variable name in same prog how to make sure that this code will work for authorization check on VKORG/ VTWEG can anybody please explain me in step's
AUTHORITY-CHECK
OBJECT 'Z_zzlau'
ID 'VKORG' FIELD 'S_VKORG'
ID 'VTWEG' FIELD 'S_VTWEG'
ID 'ACTVT' FIELD '02'
ID 'ACTVT' FIELD '03'
ID 'ACTVT' FIELD '70'.
ThanksHi,
ACTVT field is used for checking the create /display / change authorizations.
after creation of the activity group , add it to the user profiles which need authorizations.
01-create 02-change 03-display
AUTHORITY-CHECK
OBJECT 'Z_zzlau'
ID 'VKORG' FIELD 'S_VKORG'
ID 'VTWEG' FIELD 'S_VTWEG'
ID 'ACTVT' FIELD '02'
ID 'ACTVT' FIELD '03'
ID 'ACTVT' FIELD '70'.
if you are checking authorizations with the selection screen parameters then change your code like below:(if change is required)
AUTHORITY-CHECK
OBJECT 'Z_ZZLAU'
ID 'VKORG' FIELD S_VKORG
ID 'VTWEG' FIELD S_VTWEG
ID 'ACTVT' FIELD '02'.
and also check SAP help on this :
AUTHORITY-CHECK
Basic form
AUTHORITY-CHECK OBJECT object
ID name1 FIELD f1
ID name2 FIELD f2
ID name10 FIELD f10.
Effect
Explanation of IDs:
object
Field which contains the name of the object for which the authorization is to be checked.
name1 ...
Fields which contain the names of the
name10
authorization fields defined in the object.
f1 ...
Fields which contain the values for which the
f10
authorization is to be checked.
AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).
You must specify all authorizations for an object and a also a value for each ID (or DUMMY).
The system checks the values for the IDs by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.
If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.
If the return code value in SY-SUBRC is 0, the user has the required authorization and may continue.
The return code value changes according to the different error scenarios. The return code values have the following meaning:
4
User has no authorization in the SAP System for such an action. If necessary, change the user master record.
8
Too many parameters (fields, values). Maximum allowed is 10.
12
Specified object not maintained in the user master record.
16
No profile entered in the user master record.
24
The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.
28
Incorrect structure for user master record.
32
Incorrect structure for user master record.
36
Incorrect structure for user master record.
If the return code value is 8 or 24, inform the person responsible for the program. If the return code value is 4, 12, 16 or 24, consult your system administrator if you think you should have the relevant authorization. In the case of errors 28 to 36, contact SAP because authorizations have probably been destroyed.
Individual authorizations are assigned to users in their respective user profiles, i.e. they are grouped together in profiles which are stored in the user master record.
Note
Instead of ID name FIELD f, you can also write ID name DUMMY. This means that no check is performed for the field concerned.
The check can only be performed on CHAR fields. All other field types result in 'unauthorized'.
Example
Check whether the user is authorized for a particular plant. In this case, the following authorization object applies:
Table OBJ: Definition of authorization object
M_EINF_WRK
ACTVT
WERKS
Here, M_EINF_WRK is the object name, whilst ACTVT and WERKS are authorization fields. For example, a user with the authorizations
M_EINF_WRK_BERECH1
ACTVT 01-03
WERKS 0001-0003 .
can display and change plants within the Purchasing and Materials Management areas.
Such a user would thus pass the checks
AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
ID 'WERKS' FIELD '0002'
ID 'ACTVT' FIELD '02'.
AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
ID 'WERKS' DUMMY
ID 'ACTVT' FIELD '01':
but would fail the check
AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
ID 'WERKS' FIELD '0005'
ID 'ACTVT' FIELD '04'.
To suppress unnecessary authorization checks or to carry out checks before the user has entered all the values, use DUMMY - as in this example. You can confirm the authorization later with another AUTHORITY-CHECK.
Regards
Appana -
BI authorization objects not appearing in RAR, error while generating role
Hi
I am facing certain problems relating to integration of BI module version 7 with GRC Access Controls version 5.3 and support package 06. I am describing the problems in details below:
(a) In Risk Analysis and Remediation (RAR) component, I am creating Functions and
Risks for Business Intelligence (BI) module. For that I have downloaded the
descriptive text and authorization object data from BI development system and
uploaded the same in RAR. Then I have created 2 Function Ids DBI1 (having action
RSA1) and DBI2 (having actions RSA11, RSA12, RSA13, RSA14, RSA15) and 1
Risk Id for BI (having Function Ids DBI1 and DBI2) in RAR. But when I checked
the permission tabs of the Function Ids DBI1 and DBI2, I could not find any
authorization objects for the actions in them.
(b) In Enterprise Role Management (ERM), when I am trying to create a Role TEST-BI
in DBI 100 and I put the BI transaction codes in authorization data , I get the
authorization objects . Risk analysis is also being done successfully. But at the time
of Role generation in background mode , it is giving an error message :
Error generating role TEST-BI for system DBI 100: Unable to interpret * as a number.
I am thus unable to generate any role in DBI 100.
(c) In Compliance User Provisioning (CUP), I have imported a standard role from DBI
100. Then I have added Functional Area, Business Process, Subprocess and
Criticality Level to this role in CUP. But when I try to assign this Role to an user, it
gives an error Error creating request. But requests are getting created and roles are
being assigned to users in ECC development systems using the same Initiator, CAD, stage
and path.
Can anyone please help me ?-
-
RSSM: Checks Authorization Objects for Infoprovider are not activ
Hello,
we have BW 3.5 and we use RSSM Authorization Objects.
When we create a new cube with an Infoobject that is authorization relevant, in our development-system in rssm the flags for the checks are automatically activ.
When we transport the new cube to our production-system, the flags in RSSM for the authorization object are not activ.
Sometimes the new infoprovider is not in the list of the infoprovider in rssm, so we have to "update check status" with the appropriate icon.
My question:
It is possible, that when we import the new cube in our production-system, that all authorization objects are activ??Hi,
Normally system would check all the authorization relevant objects whenever a new Info cube is imported and in case if you want to transport these changes to Production system manually then follow the below listed steps:
1) In Development system, check or un-check the authorization relevancy using the transaction RSSM on a given Info provider
2) These changes are stored in table RSSTOBJDIR
3) Create a manuall transport request and include these entries covering the required Authorization objects manually.
R3TR TABU RSSTOBJDIR
Ex: If Info object 'A' is authorization relevant in Development system but not in Production system and you want to transport this change to Production system then include object 'A' table entries manually.
Hope this helps.
Cheers
Bala Koppuravuri -
Authorization objects which contain company code field
Hi,
We are looking for list of Authorization objects which contain company code field for Audit. The listing should have Role, Authorization obj and the <b>company code and values</b>.
Is there any we can query this info.
Thanks,
Sam
Message was edited by: SamHi,
You can use the follwing
in USR12 table
in USOBT table (but you get the details for the Auth Obj in the Tcodes and their field values.
But as far as my knowledge goes you will get all the Auth Obj with Company code field
Caution: If there are some objects in not check or are which are not in any tcodes then they will not be captured.
But they are very less I guess and so i think you can capture most of the Auth Obj I guess
Message was edited by: Manohar Kappala
Maybe you are looking for
-
I have both iPhone and iPad that will not send emails when I am connected via wi if. Have tried three wi if networks. I get a messag that says the sender address (my address) was rejected by the server. Any ideas on what I need to do? Rusty
-
I am using Zaurus CVM in Linux Platform to develop java application for Sofcomp machine.I have a problem with File Dialog. The following code: FileDialog f=new FileDialog(this,"Select a Directory",FileDialog.LOAD); f.show(); While using this code,it
-
How to Export/Import in Windows-Oracle10g-EnterprisesManager
Hi How to Export/Import in Windows operating system / Oracle 10g through Enterprises manager. 1)Which oracle user has privilege to logon in Enterprises manager for export/import purpose. 2)After loging on to the Enterprises manager's Maintaince menu
-
Is Observable thread safe?
hello im trying to write a programme that uses observer observable. I have an observing class that may be observing 3 or 4 instances of an observable class. each of these observable classes runs a separate thread. Am i right to think that when an obs
-
I need to install and boot to OS 9 to update firmware
I have purchased my first Mac (yahoo!!)The Mac is a G4 model M5183, so far I have purchased OS 9 retail cd, Jaguar 10.2 retail, The mac came with jag already installed and that is why i cannot update the firmware. The retail os 9 will not start up wh