Authorization Relevant Infoobject restriction for particular value

Similar Messages

• Table name for authorization relevant InfoObjects

  Hi Gurus,
  In which table I could see all Authorization relevant InfoObjetcs ?
  Thanks
  Liza

  Hi,
  Table RSDCHA, field AUTHRELFL.
  or
  1. Go to RSSM t-code
  2.click the radio button Authorizations for several users there u have to enter ur login  Id name
  3.right hand side 1 spects symbol is there for disply-- click on it.
  It will show u all authorisation Infoobjects for u.
  Try this link. this might be helpful.
  Program to find the list of Authorization relevent info objects for given
  Regards,
  Haritha.
  Edited by: Haritha Molaka on Dec 7, 2009 5:47 AM

• How to restrict the particular value in BEx?

  HI,
  I have added particular dimension in query prompt. While refreshing i got more value in particular dimension. How to restrict the the value in bobj or bex?
  Here i attached the screen shot. Please find the attachment.

  Hi Mani,
  Please make sure of your requirement. If you are using only one single query for multiple reports then i strongly recommend the below criteria or else it better to restrict the value in the BEx itself if you have no other reports on the same BEx query.
  If you are trying to restrict a report to a default prompt value then use equal to in query filter prompt or you can also restrict them to list of values i.e multiple values.Please follow as per the screens below. I am mentioning two ways.
  Method:1
  Step 1: Click on Prompt Options(Blue Questionmark Symbol)
  Step: 2 : Click on the Values after you check the prompt properties options as shown below.
  Step 3: Search for values if they are keys by checking the "Search in keys" or else not required.
  Method 2: Here is another Easy way is Just give the input in the value box as shown below.
  Let me know if you need any further help.
  Regards,
  Naveen

• Authorization object to restrict a particular customer code in a sales org

  Hi,
  I have a requirement whereby a sap user who is assigned to Sales organization A needs to access a particular customer from sales organization B. However the sap user has no access to sales organization B. However the requirement is such that the sap user cannot be given access to all the customers in Sales organization B. He must only access one particular customer from Sales organization B and not all the customers in Sales organization B.
  The problem here is if we give the sap user access to Sales organization B, then the sap user can access all the customers in Sales organization B. So how can we give access only to a particular customer in the Sales organization B?
  Is there any authorization object which can accomplish this?

  Hi.
  You can use The Authorization object
  <b>V_KNA1_VKO</b>
  Tcode for Authorization objects: SU21
  Tcode for Authorization FIELDS: SU20
  Statement to perform Auth. Check  AUTHORITY-CHECK(See F1 HELP)
  <b>Reward if Helpful</b>

• How to create a trigger for particular value insertion?

  If I have a Table T, which has columns as A,B,C,D. I want to create a trigger to give an error message if someone inserts or updates T with values in A as '001' AND value in B as '99'
  Please reply soon....
  Thanks

  user8560155 wrote:
  I need a trigger only not a constraint...
  Why? Is there any valid reason for that?
  I tried the above trigger but it was not successful :(
  Can I use 'If statements' as well???The below will work..
  create table t
    a varchar2(10),
    b varchar2(10),
    c varchar2(10),
    d varchar2(10)
  create or replace trigger trig1
  after insert or update on t
  for each row
  --"trigger will be fired only when below condition is satisfied"
  when ( new.a = '001' or new.b = '99' )
  begin
  raise_application_error(-20000, 'Invalid value in A or B');
  end;
  insert into t(a) values('001');
  SQL Error: ORA-20000: Invalid value in A or B
  ORA-06512: at "SCOTT.TRIG1", line 2
  ORA-04088: error during execution of trigger 'SCOTT.TRIG1'
  insert into t(a) values('002');
  1 rows inserted.

• Customizing the prompt - un editable for particular values

  Hi,
  Version:11.1.1.7.1
  Details: In prompt we have 3 fields, Country, State, City
  Values in the three fields,
  Country  State    City
  1)India          TN     Chennai
  2)India          KA     Bangalore
  3)China        SH     Shanghai
  4)China        BG      Beijing
  5)USA          GA     Atlanta
  6)USA          GA     Savannah
  Requirement:
  when the user selects the value as ALL in the field1 then field 2 and field 3 should go as un editable.
  ex: when I choose ALL column values in Country, then State and City should become un editable filed, such that user cannot add any values to that field.
  when the user choose any specific country value then it should turn as editable.
  ex: When I choose country India then the user can able to select any vlaue in sate and city.
  Thanks in advance for suggestions.
  Satheeshkumar P

  Hi,
  in the Prompt, edit the prompts--> under that options tab will come --> there is the option "Limit By Prompts", "Enable user to select multiple values","Enable user to type values".
  there will be the check box for this options, if the user wants to enter the values you can use "Enable user to type values"
  Use the "Limit By Prompt" to control between Country, State, City.
  http:mkashu.blogspot.com
  Regards
  VG

• To display all tables for particular value

  hi All
  I know one column value(Suppose ename as SMITH in emp table). So now I want to display all the tables which will contain ename as SMITH.
  Thanks
  null

  Hi Smiller
  Its displaying the tables which has column name what we are giving in Query . But here instead of passing column name(ename) I want to pass column value(SMITH). If I pass this SMITH to the query I want do display the tables where smith exists. Hope You got.
  Thanks
  Devender
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by smiller ():
  select table_name from user_tab_columns where column_name like 'ename';
  OR
  select table_name from dba_tab_columns
  where column_name like 'ename';
  <HR></BLOCKQUOTE>
  null

• List Database Table – Infoprovider, InfoObject, Flag Authorization Relevant

  Dear Expert,
  I’m working with SAP BI 2004s user management & authorization. I have several objects that I’ll have check. I don’t like check one by one, I like to check for the SE16 transaction, for this reason, I need to know what is the database table have content Infoprovider by InfoObject (Characteristics) which each have the flag authorization relevant.
  Moreover, in the same idea, which database has content Queries by Infoprovider which authorization variable?
  Thank for all,
  Luis

  For your first question:
  In addition to be above mentioned table, RSDCUBEIOBJ will give the information about Infoprovider and all the Infoobjects within this infoprovider.
  1. Find all the authorization relevant Infoobjects from RSDCHA table and copy them.
  2. In the table RSDCUBEIOBJ, paste all the Infoobjects obtained from 1 in the field "Infoobject". The result will be list of Infocubes and their corresponding authorization relevant Infoobjects.

• Restrict the badi for particular transaction code

  hi, i have implemented BADI_FDCB_SUBBAS01 and in the subscreen area 10 i attatched my own module pool program and screen number. my requirement is for FB60 only. and it is working for FB60 fine. the problem is also working for FV60.
  Is there any possibility to restrict for particular transaction code say for FB60.
  Please reply me soon....

  Hi Praveen,
  Since this is a single use badi you have the option to create a new filetr of your own. You can create a filter of type sy-tcode and in your implementation assign it a value of your transaction. Thus if someone else also wants to use it for some other transaction can have a implementation of his own for some other transaction.
  The other way which is though not the recommended way buy easy to use is to put a check before your code on SY_TCODE = your transaction.
  revert for more clarifications if required.
  <b>Always reward points to useful suggestions.</b>
  regards,
  Vikas
  Message was edited by:
          Vikas Taneja

• User ID restriction for Project/WBS to create service entry sheet

  Dear All,
  My client requirement is that the user id should be restrict for particular project or WBS to create service entry sheet(ML81N). Can we do it in this manner?
  Further i want to give you my organization structure as given below.
  1. Project :-   20
  2. Plant    :-  Single
  3. Bus. Area:- 2
  4. Co area :- Single.
  Thanx,
  Vishal Kr. Sharma

  Standard restriction is possible for this T code based on document type,purchasing group,purchasing org and plant.
  Others being ruled out I think solution is to restirct using purchasing group which is smaller entity.
  Regards
  Sreenivas

• Authorizations: restrictions for InfoObjects and InfoProvider

  Hi Gurus,
  I am trying to define authorizations via RSECADMIN in 7.0 for a specific InfoObject and specific InfoProviders. The situation is: I want user USER1 to see only Company 4360 on Cube 'XXXXX', but he must be able to see all the Companies in all the other Cubes.
  I have used in RSECADMIN the icon "InfoCube Authorizations" to introduce the single Cube and corresponding single values for my Company, but it seems that the system use this restriction for all the Cubes.
  Please help me.
  Ciao.
  Riccardo.

  Problem solved.

• Wanted: Dictionary-/ Metadatatable for the Mapping of the (old,3.5.) Authorization Object to the (Auth.relevant) InfoObject

  Hi,
  I am looking for the concrete BW's dictionary-/ metadatatable(s)
  which contain/describe the
  Mapping of the (old,3.5.) Authorization Object to the (Auth.relevant) InfoObject
  of  the transaction "RSSM-Authorization for Reporting"
  For example:
  I got 3.5 Auth.Object ZCOMP_CODE and want to know to which   (Auth.relevant) InfoObject
  this is mapped, basically what's in the usage of this Authorization Object.
  ThanXs
  Martin

  Hi,
  As of now, your authorizations still in 3.x. so please check the below tables.
  RSSBAUTHGEN - it holds info provider and authorization object
  RSSBAUTHGENERATD - it have user name and info provider
  RSSBAUTHTRACE
  RSSBAUTHTRUSER
  RSSBAUTVAL
  RSSAUTHHIER
  RSSAUTHHIERNODE
  Coming to 7.x , Above mentioned T code kumar is enough to handle authorization concepts.
  There is best document about 3.x and 7.x comparison on Google.
  please search for it by using search term "An Expert Guide to new SAP BW Security Features"
  Written by Marc Bernard
  Thanks

• Mark InfoObject authorization relevant

  Dear Community,
  we've activated "authorization relevance" in one of our frequently used InfoObject and added it to an authorization object.
  We've the situation that the field information of this InfoObject disappears in reports.
  (The authorization object is nowhere marked as relevant for a DataProvider)
  Am I right that this isn't an expected bw system behavior??!
  Thx for some tips or remarks in advance.
  br, michael

  Sounds very peculiar...
  Did you add the authorization object to any roles? Did you specify any restrictions on values?
  For an overview of how we chose to implement security, see the following thread:
  Re: Auth Relevancy Not Working
  Hope this helps...
  Bob

• Authorization restriction for Goods issue against an Order

  Hello All,
  We have a situation wherein the user is able to issue goods using tcode MIGO by choosing Goods issue --> Others and mentioning an order number that belongs to another plant in the account assignment tab and issues a material which belongs another plant.
  For eg we have material A that has been created for plant 1. The user issues the material (movement type 261)and the account is assigned to an order which has been created for plant 2.
  I could not find any authorization object that restricts this.
  I checked the objects M_MSEG_BWA and M_MSEG_WWA and he has authorizations only for plant 1 and all movement types.
  Any pointers to restrict this access will be appreciated.
  Thanks & Regards,
  Subramaniam Iyer

  Hi,
  MIGO transaction by default restricted with Plant.  If you say that the user A is having access to only Plant 1 & 3, but not for 2, please check the below authorization objects does not have any manual objects inserted into the Role and restricted with the value only in organization field.
  M_MSEG_LGO
  M_MSEG_WMB
  M_MSEG_WWA
  M_MSEG_WWE
  This issue may occur because if the objects are maintained manually in the role.  If so, when you check in the organization field, it may not be showing the value which are manually added into the manual object.
  Also, please check the other roles are assigned to the user.  If any of the other roles assigned to the user having any of the above objects with * value, this may provide the user to do the Goods movement for any plant.
  To check the issue, please go to SUIM and check the user under "Roles by Complex Selection Criteria" and make sure that you are checking the objects for the particular user.  This should be able to identify whether the user is getting access from any other roles assigned to the user.
  Regards
  Anandm

• 'No authorization' error for selection values outside the authorized range

  Hi All,
  We are currently trying to use the authorization analysis concept for 'Cost center reporting'.
  We have made 0COSTCENTER info-object as authorization relevant and have created a analysis authorization object for it through RSECADMIN and we have maintained a single value as '1875' . We have assigned this object to 1 of the test users.
  So now if the user runs the report for cost center '1875' , he is able to view the data/report. Now if he enters any other cost center apart from '1875' than he gets an authorization error (Everything works as per requirement till this point).
  But now if the user enters multiple cost centers like 1875, 1876, 1877 as multiple single values and runs the report, he gets an 'No authorization error'.
  So all the experts, please let me know if it's possible in anyway for the user to see the result/report for the value he is authorized to (in this case - 1875) and should give an information/warning/error message saying that he is not authorized to other cost center (in this case - 1876, 1877).
  Same thing is occuring if user enters a range. Suppose a user is authorized for cost center - 1875 to 1880. Now if he puts multiple single values or range in between the authorized range than he can see the result but if he enters even 1 single value outside the range he gets an error - what I mean by this is - if the user enter a range from 1875 to 1801, he does not get any data display but instead he recieves an error message saying 'No authorization' even though he is authorized for all the cost centers in that range except 1801.
  I would really appreciate your help regarding this. Any comments/suggestions are very welcome.
  Thanks & regards,
  Sunny

  Hi Sunny
  That is the way analysis authorizations work!!
  If you ask for a number of values i.e. cost centers and you don't have authorization to *all* of them you will get a system error as you say.
  There is no way of partially evaluating the query as you suggest (only for the authorized values).
  Try to be less restrictive when defining characteristic values in RSECADMIN.
  In queries use variables with
  Processing by Authorization and Input Ready.
  So the system will tell the user which are the allowed values. In your example the system suggests the range 1875-1880.
  Hope this helps, regards
  Germá