Authorization restriction qwery companycode

Similar Messages

• Organization level authorization restrictions

  Hello All,
  Please can you let me know
  1) f it is possible to org level authorization restrictions for CLM documents and master data without any development?
  - E.g. while creating suppliers the user should only be able to create for the Company assigned to the user id?
  2) What is the significance of the company and organization unit fields in the user account information page?
  Regards,
  Subramaniam Iyer

  Hi ,
  Could you share about your solution ? I think I have face the same problem as yours.

• Ad-hoc Authorization restricting the user

  Hi All,
  The users needs to be restricted from Ad-hoc broadcasting the reports using the Bex Broadcasting Wizard.
  where can i restrict the broadcast using Authorization restrictions in the user profile?
  Can i restrict the user by deactivating Broadcast Tab in  the menu ?
  suggest me the feasible solutions.
  Thanks,
  Mike

  Hello Mike,
  Do you got the solution for the same? Kindly let me know the details as We have same issue at our location
  Thanks in Advance.
  Regards:Gaurav

• Posting authorization restriction in t-code F-02

  I have created a scenario for park/post for special GL entries. for that I will be using f-02 to hold the invoice and fb11 to post the invoice.
  I need to restrict the authorization of posting in F-02 so that the user can only held the invoices. any possibility to restrict the posting rights? I dont want to go on screen variants? cant it be done from second level authorization?
  Looking forward for the feedback!

  @Vinod Vemuru
  I have checked, system is still allowing to post the document.
  I have trace the system for authorization check in ST01, I can see system has checked just the activity as 01 to post the document.
  @Obaid Javed
  I don't think it can be possible through any standard authorization object. You may have to go for your own custom authorization object or you may go for the exit or badi to restrict that.

• Authorization restriction for Goods issue against an Order

  Hello All,
  We have a situation wherein the user is able to issue goods using tcode MIGO by choosing Goods issue --> Others and mentioning an order number that belongs to another plant in the account assignment tab and issues a material which belongs another plant.
  For eg we have material A that has been created for plant 1. The user issues the material (movement type 261)and the account is assigned to an order which has been created for plant 2.
  I could not find any authorization object that restricts this.
  I checked the objects M_MSEG_BWA and M_MSEG_WWA and he has authorizations only for plant 1 and all movement types.
  Any pointers to restrict this access will be appreciated.
  Thanks & Regards,
  Subramaniam Iyer

  Hi,
  MIGO transaction by default restricted with Plant.  If you say that the user A is having access to only Plant 1 & 3, but not for 2, please check the below authorization objects does not have any manual objects inserted into the Role and restricted with the value only in organization field.
  M_MSEG_LGO
  M_MSEG_WMB
  M_MSEG_WWA
  M_MSEG_WWE
  This issue may occur because if the objects are maintained manually in the role.  If so, when you check in the organization field, it may not be showing the value which are manually added into the manual object.
  Also, please check the other roles are assigned to the user.  If any of the other roles assigned to the user having any of the above objects with * value, this may provide the user to do the Goods movement for any plant.
  To check the issue, please go to SUIM and check the user under "Roles by Complex Selection Criteria" and make sure that you are checking the objects for the particular user.  This should be able to identify whether the user is getting access from any other roles assigned to the user.
  Regards
  Anandm

• Users Authorization- Restrict value of one variable corresponding to other.

  Dear Experts,
  I have query regarding BEx Authorization for the given selection screen of any variable for any report :
  I have two parameters/variables( Category and Sub Category) which needs to be passed from User. I want to restrict the value of second variable corresponding to the values passed in first variable. For e.g. :  if i passed Category value -Engineering ,Sub Category variable should only show the value related to engineering only other than all the values in sub category field in the selection screen for the user.
  Please suggest.

  Hi Shikhar,
  E.g. Category: Engineering , Arts , Commerce
  Sub Categories for Engg. ECE, IT , CSE.
                                 Arts : sociology philosophy etc
                                 Commerce: economics, accountancy etc
  Now Maintain authorization for Char. related to Engineering and create Auth. variable, follow this steps:
  Transaction Code- RSECADMIN
  Steps to create Authorization based on Division e.g. InfoObject    is 0DIVISION.
  Check for 0DIVISION, it must be Authorization relevant checked, if not then maintain 0DIVISION and check Authorization relevant box.
  Step 1: Create Analysis Authorization Maintenance using RSECADMIN T-Code, in that add 3 special characteristics i.e. 0TCAACTVT , 0TCAIPROV and 0TCAVALID, these are the mandatory Char. along with that add 0DIVISION for which you want to create Authorization, 0DIVISION details restrict value as 01 (EQ 01).
  Step 2: Again goto RSECADMIN -> User tab-> Assignment, enter username (e.g. User1) which you want to restrict. insert Auth. obj. from step1.
  Step 3: Now in Query designer, create Authorization variable for 0DIVISION, i.e. process type Authorization.
  Execute That query with restricted user (e.g. User1) it will only show the data for Division = 01.
  For reference: [http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/c0b7acf2-6121-2e10-5591-eaec182d9315]
  Hope this will meet your requirement, let me know if further explanation required.
  Regards:
  Avinash

• Authorization restriction for Goods issue . others radio button in migo tcode

  Hello All,
  We have a situation wherein the user is able to issue goods using tcode MIGO by choosing Goods issue --> Others and  the movement type 201
  the above mentioning details i need to block the others tab only for specific user ids i have checked the MIGO objects But its not worked
  please give me solution for block the others button on the drop down box
  please find the attachment of screen shot its helpful to sort out the issue
  Best Regards
  suresh

  Dear Anandan,
  Please use trace t.code ST01 to fix the issue.
  You can restrict the movement type using the authorization object M_MSEG_BWA.
  If you can provide the step by step screens where you want to exactly restrict we can fix it.
  Regards,
  Venkatesh

• Authorization restriction for bank details in FK03

  Hi,
  Please help me in restricting display of Bank details (payment transactions) in vendor master when we use transaction FK03 or XK03.
  Thanks,
  Nitish

  Hello Nitish,
  You can protect all general data (i.e. address data, payment transaction
  data, ...) with the authorization object F_LFA1_GEN. However, it is not
  possible to protect only bank data using authorization objects.
  As a workaround(!) for your requirement, you can do the following:
    1) Use the IMG Customizing tool (transaction SPRO) or transaction OB23
       directly to define Payment transactions data as "Suppress" within
       transaction FK03 and as "Display" within transaction XK03.
    2) The use of transaction XK03 should only be allowed to the managers,
       but not to the normal users who should use transaction FK03.
  Hope that helps,
  Jon

• Authorization restriction for executing the ABAP queries

  Hi
  In ABAP queiries how the restriction can be done for where users should not execute /authorized
  of other plant or company code - Projects/ WBS/NWA and its related components. I tried the following methods but not working - seems something is missing .
  method 1) restricting based on the profit center ( free coding )
  AUTHORITY-CHECK OBJECT 'C_PRPS_PRC'
           ID 'PRCTR' FIELD PROJ-PRCTR
           ID 'PS_ACTVT' FIELD '02'.
  (or)
  method 2 -(free coding)
  *---Authorization for Company code entered by the users.
  *---This code will restrict users to see data for company
  *---codes which they are not authorized to.
  *---Select all the company codes based upon selection entered by the
  *---user
  SELECT bukrs
     FROM t001
     INTO TABLE li_bukrs
    WHERE bukrs IN z_bukrs.
  IF sy-subrc EQ 0.
  *---Clear Screen variable for Company code
     CLEAR z_bukrs.
     REFRESH z_bukrs.
  *---Filter and prepare Select options for Company code table to be
  *---passed to query. Table will only have values of company codes he is
  *---authorized to for display.
     LOOP AT li_bukrs INTO lwa_bukrs.
       AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                         ID 'BUKRS' FIELD lwa_bukrs
                         ID 'ACTVT' FIELD '03'.
       IF sy-subrc = 0.
         z_bukrs-sign = 'I'.
         z_bukrs-option = 'EQ'.
         z_bukrs-low = lwa_bukrs.
         z_bukrs-high = space.
         APPEND z_bukrs.
       ELSE.
         lv_flag = 'X'.
       ENDIF.
     ENDLOOP.
  *---Give warning message to the user in case he is not authorized to see
  *---data for all the company codes that he has entered.
     IF lv_flag = 'X'.
       MESSAGE ID 'ZF_MSS_FNG' TYPE 'W' NUMBER '015'.
     ENDIF.
  ENDIF.
  Just make sure that Z_BUKRS field is available in selection tab.
  Also, declare below mentioned variables in INITIALIZATION.
  DATA: li_bukrs TYPE TABLE OF bukrs,
         lwa_bukrs TYPE bukrs,
         lv_flag TYPE c.
  Kindly help if there is missing anything on the above or is there any other alternative.
  Regards
  PP

  Hi,
  Kindly help if there is missing anything on the above or is there any other alternative.
  Carlos is right about the Authorization check.
  If you further wants to explore something extra, just visit these links:
  1. http://help.sap.com/saphelp_NW70EHP1core/helpdata/en/52/671449439b11d1896f0000e8322d00/frameset.htm
  2. http://help.sap.com/saphelp_wp/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm
  3. http://help.sap.com/crmcg_en/5c/deaa74d3d411d3970a0000e82de14a/content.htm
  4. http://www.sap-img.com/bc042.htm
  May this information helps you.
  Regards.
  Deepak Sharma.

• Authorization Restriction for Object Changeability :

  Hi ,
  How to restrict users from using Object changeability in Production System if they are given access to RSA1, even though the system is completely closed , with Object changeability, the users can still create a new Info package and upload data ?
  I have gone through the SDN and SAP documentation, but I could not find any such references.
  Looking forward to your valuable input on this.
  Regards,
  Ahmed.

  Hi there,
  You have an authorization object named S_RS_ADMWB (Data Warehousing Workbench - Objects).
  You can with that object restrict the several activities (display, execute, create, etc.) for different Datawarehouse InfoObjects (InfoPackage, etc.).
  Try to restrict that to the users.
  Diogo.

• Authorization restriction for IK34

  Dear Experts,
  We want to restrict user from entering one plant reading from another in t-code ik34. Currently user can enter measurement document of all plant. We want to restrict the user plant wise. Our basis consultant is trying with authorization group(i_begrp). But not getting the desired result. Please suggest how to restrict it.
  Regards,
  Shivang

  When I had this issue a while back, we found that you cannot restrict on plant for measurement documents.
  One way to restrict it is to tie the measuring pionts to an authorization group. You can classify each authorization group into each plant. Then maintain these authorization groups in the measuring point in IK01 or IK02. These measuring points would be tied to the measurement documents and should show up in the trace.
  I would also ask if the restriction is really required. Would it do that much damage if a person is able to touch other measurement documents. Some may say yes, others no.
  Hope this helps.

• Authorization restriction for Transaction PK13N

  Hi @ all
  My colleagues and I are responsible for the authorizations in our system.
  Since few days we test the Kanban functions in SAP.
  In abovementioned transaction are two buttons "To Empty" and "To Full".
  Does anybody know if there is a possibility to restrict some users for these buttons?
  Thanks @ all!!
  Greets Kristin

  Hi Kristin,
  The "Save to Empty" and "Save to Full" buttons are screen elements and can't be restricted with the authorization objects.
  Further, below are the authorization object that are checked with PK13N transaction code:
  C_KANBAN     PP KANBAN Processing
  C_TCLA_BKA     Authorization for Class Types
  CPE_SETTIN     Commodity Pricing Engine: General Settings
  You can imply restriction on any of these.
  If you with to show/remove one of these buttons, you can achieve this with screen variants using SHD0 transaction code.
  Hope this helps.
  Regards,
  Raghu

• Authorization restriction for material group field in MM02 for user role

  Dear All,
               My client wants to restrict 'material group' field usage in MM02 for certain users.
               How to achieve this task?
               Kindly advice
  Thanks &Regards
  Thangavel Ganesh

  Hi all ,
  You can use authorization object advised by AKPT MM. For related transactions , you can benefit from MM Related Authorization Objects - How to Find out & Assign , thanks to Sudeep A
  Regards.
  M.Ozgur Unal

• Authorization restriction for PO price change

  Hello Experts,
    I want to know is there a good way to restrict user authorization about PO price change when user access ME22 and ME22N?
    We tried to check the authorization object
    M_BEST_BSA
    M_BEST_EKG
    M_BEST_EKO
    and ignore the value 09-display price, is that possible to block the change PO price authority?

  Dear Asaduzzaman,
  You can achieve the same by creating transaction variant using SHD0 transaction.
  I think below mentioned document may help you to resolve your issue.
  How to Create a Transaction Variant
  Regards,
  Hardik Patel

• Authorizations: restrictions for InfoObjects and InfoProvider

  Hi Gurus,
  I am trying to define authorizations via RSECADMIN in 7.0 for a specific InfoObject and specific InfoProviders. The situation is: I want user USER1 to see only Company 4360 on Cube 'XXXXX', but he must be able to see all the Companies in all the other Cubes.
  I have used in RSECADMIN the icon "InfoCube Authorizations" to introduce the single Cube and corresponding single values for my Company, but it seems that the system use this restriction for all the Cubes.
  Please help me.
  Ciao.
  Riccardo.

  Problem solved.