Authorization roles for Release Codes

Hi,
We have a requirement wherein the release codes for the PO release strategy are about 100. The roles are repeating itself i.e. Buyer, Manager, Director etc for different countries and other attributes. Is there any way by which we can reduce the authorisation roles.
Regards,
Mohit Sehgal

If you have implemented the Work flow than you don't need the repeated code for manager or buyer etc.
you can just define the oce code for each position and use them in release strategy and based onthe workflow with combination of HR org structure you can send them to appopriate manager
e.g. you have 10 manager and each manage has 10 buyer
so you create one manager relese code e.g. MG and one Buyer code BY
now you have create many release strategy where you enter the MG code and BY code but you want send the PO for approval based ont he buyer
so you have to set up the HR ord sturcture in the tcode PPOCE and create teh tree for the buyer code and manager relation ship
now when you create the release strategy you will enter the purchase group in the release strategy which is assigned to the buyer code and based on the HR org structue it will find the appropriate manager whitout defining many manager code and buyer code.
or if you don't have the workflwo than you have to create diff buyer code and manager code.

Similar Messages

  • Authorization roles for release strategy FRGSX

    Hi guys,
    we are using R/3 4.7. We are going to implement release strategy for Purchase orders in our company .
    We have customized different release groups, for several release strategies and release codes, without implementing any workflow.
    We have a problem on authorization roles because we assigned for each combination of release group and release code a authorization role but it is not sufficient to restrict the role for users because we don't take into consideration the release strategy.
    We had a look on the system but we didn't find any object related to release strategy (techical name FRGSX).
    Could you someone help me?
    Thanks in advance
    Vir

    When assigning user authorization for PO release strategy each user is assigned to release group and release code. You cannot make a connection between specific release strategy to user.
    Pay attention that the authorization needed are also for change PO (ME22N) - meaning you can limit the users by all the authorization values of the ME22N objects.
    Use t.code SU24 to explore what auth. are checked in each transaction.
    Nir

  • How to create authorization role for just displaying query prefix Q and X.

    Hi Expert,
    I hope someone can help me on how to create authorization role for just displaying and executing  BEX  Queries prefix Q and X. I'm currently using SAP BI 7.1.
    Actually, I already created one role called : Z_FORINDO_ONLYDISPLAY_QX
    where I only put in the Authorization Component (in the Role Maintenance - Tcode 'pfcg'):
    -->Manually Business Information Warehouse
        --> Manually Business Explorer - Components
    Activity : Display, Execute, Enter, Include, Assign
    InfoArea : *
    InfoCube : *
    Name(ID) of a reporting component : *
    Type of a reporting component : Calculated key figure, Restricted key figure, Template structure
        --> Manually Business Explorer - Components
    Activity : Display, Execute
    InfoArea : *
    InfoCube : *
    Name(ID) of a reporting component : Q* , X*
    Type of a reporting component : Query
    But, the problem is I still can make changes on that queries (Q* and X*). Even, I still can run query with prefix Z. I use S_RS_RREPU Tamplete for Query Display and execution.
    Please assist. Very much appreciate your help. Thanks.
    Edited by: nadiyah salleh on Mar 18, 2008 11:22 AM

    Question close. This issue has been resolved.

  • Required Authorization Role for E-commerce manager

    Hi ,
    Could you please tell me required Authorization Role for E-commerce manager and catalog administartor?
    Thanks.
    Regards,
    PV

    SAP_CRM_ECO_ISA_WU_B2B_FULL           CRM-ECO: ISA Internet User (Full Document Authorization)             ISA_B2B_FULL
    SAP_CRM_ISA_UA_SUPERUSER              Internet Sales User Administration Authorizations                              Superuser
    *SAP_CRM_ISA_WEBSHOP_MANAGER     *    Authorizations for the Internet Sales Web shop Manager         Webshop Manager
    SAP_CRM_ECO_ISA_WU_B2C                  Internet User for B2C

  • Authorization Role for S_ALR_87099918

    Hi all,
    I am not sure if this is the right place to post this one (if it is not, please tell me which one is, i have tried to search the forum, but can't seem to find the place to post about this "security" problem)
    Currently having a trouble while creating the authorization role for transaction s_alr_87099918 (primary cost planning : depreciation / interest).
    I have already maintained the authorization objects:
    -  A_A_VIEW and
    - A_PERI_BUK
    Checked with Su53, but no missing authorization object or anything
    While executing the transaction, the system said "no records were found", when i execute it with another ID, there are results. I have checked the parameter input-ed, both are already the same.
    I am wondering if anyone has ever experienced this before? 
    What can be the possible cause and the solution?
    Thank you so much
    Regards, Erwin
    Edited by: Erwin Hartono on Dec 3, 2010 9:39 AM

    Sorry, my deepest apologies, i think i found the right place to post this

  • How add Authorization check for user with assigened role for t.code-MIR4

    Hi All,
    Regarding authorization how to check authorizations check for user whith assigned roles for the t.code MIR4  using ABAP.
    In Detail:2)     All users are allowed to go to MIR4(invoice number), But ONLY for users with role: MM_RELEASE_INVOICE can proceed to do the posting.
    suggest me...
    Thanks,
    srii..

    Hi Sri ,
    first u need to find out  in which user rules u are using this object , after that if u want to restrict users then remove create/change values from that object values .
    make use of Tcode SUIM to find out all roles which are using this Object.
    or
    ask ur basis guy to remove authorizations to create/change....
    regards
    Prabhu

  • Authorization Object for Release To Accounting Icon (VF02)

    Hello, does anybody know wich is the Object Authorization for the icon "Release To Accounting" that is dispose in VF02.
    I need that some ROLE doen't have permision to apply this action.
    My basis consultant haven't help me at all.
    Thanks.
    JEOS.

    Hello,
    Try executing the process of releasing the Billing document and after that please go the t-code "SU53"/ "PFCG". You can get the
    details of the object which is required for releasing the billing document.
    Regards,
    Sarthak

  • Authorization Issue for Transaction Codes PA10,PA20,PA30 &PA40

    Hi Experts,
    I have created Custom role for accessing ALL HR Transaction codes in IDES System and added to the user & Tested.
    All transactions codes are working except PA10,PA20,PA30 &PA40
    Please help me regading this.
    Advance Thanks,
    BBC

    Hi,
    I had check with basis Team, they told that I have all authorizations.
    This is New Installation for R/3 HR IDES System. even basis Team  also created role for above transaction code but not getting access.
    We can accesss all transaction codes except these.
    All are new for HR. here anything needs to  be configure for access PA10 to PA40 Transaction codes.
    Please advice me.
    Thanks & Regards,
    BBC

  • Help Required in Authorization Roles for Workbooks

    Hi All,
    In our project, we have a requirement of creating a role for users with below authorizations.
    1.     Can display and execute the workbooks in the role menu.
    2.     Can create copy workbooks ( Save as) in the role menu.
    3.     Can not delete the original and the copy workbooks from role menu.
    We are using an authorization object S_RS_FOLD with u2018FALSEu2019 for restricting the user from deleting workbooks.
    We also need to add one more object S_USER_AGR (without u2018Deleteu2019 property) to give the authorization of creating copy workbooks in the role menu.
    Object S_RS_FOLD this is working fine without S_USER_AGR. But after adding S_USER_AGR (without delete property), user is again able to delete the workbooks.
    So how can we achieve both the functionalities where user can not delete the workbook but can create copy workbooks in the role menu.
    Thanks,
    Sachin

    Re: Adding report (query & workbook, templates) in roles
    Go through this thread.
    And in our Project we have created one role for accessing workbooks. in that end user can access the work book but saved one and user cannot resave or delete the work book.
    we have added Auth objects S_TCODE and S_GUI.
    in S_TCODE we have added RRMX and in S_GUI we have given 60(IMPORT) access to the users.
    So that they can just share the workbook. nothing else can be done.
    Try like this. Hope this would help you.

  • Authorization Object for Transaction Code

    Hi,
    Is there a report I can execute to give me the list of authorization object for this transaction code?
    Thanks.

    Check Transaction SU24
    Alternatively you can go to SE16-- enter the table name TSTCA, then enter the T CODE, you will get the object related to that T Code.
    Reward points..

  • Is there any table for see  Authorization object for Function code?

    Hi,
    I am facing problem in finding autho. object for function code.
    My problem is, in tcode cor2 there is function Approval (in Menubar->process order->function->approval), I want to restrict this to some users.
    So is there any way or table to see function code's authorization object..
    Thanks...

    Hi ,
    I such scenario the best way is to run trace (ST01) and analyse to find used/missing authorization objects.
    Regards,

  • What authorization-roles for user login (java stack)

    Hello SAP-Fans ,
    which authorization role needs to be assigned to the users for logging into a java-stack on port 50.000?
    We always get the error-message: "Error 403 forbidden, You are not authorized to view the requested resource."
    I know this is a beginner's question. Java is completely new to us.
    Thanks in advance
    Danny Winn

    Hi Danny,
    Welcome to SDN,
    Logon to the portal with the user Administrator, go to User Administartion and create a user for yourself by assigning Super Admin Role.
    portal Url must be http://<host.fqdn>:50XX0/irj/portal where XX is the system number in this case 00.
    You will able to see at the user admin tab all the SAP standard roles.
    regards
    Juan
    Please reward with points if helpful

  • Authorization check For T code

    Hi everyone,
    Can anybody guide to set a  authorization check  for a particular Tcode.
    I have ztable where users are assigned particular numbers.
    I want the users who are assigned some numbers should be able to use this particular t code
    Thanks in advance

    hi
    chk this out
    AUTHORITY-CHECK
    Basic form
    AUTHORITY-CHECK OBJECT object
        ID name1  FIELD f1
        ID name2  FIELD f2
        ID name10 FIELD f10.
    Effect
    Explanation of IDs:
    object
    Field which contains the name of the object for which the authorization is to be checked.
    name1 ...
    Fields which contain the names of the
    name10
    authorization fields defined in the object.
    f1 ...
    Fields which contain the values for which the
    f10
    authorization is to be checked.
    AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).
    You must specify all authorizations for an object and a also a value for each ID (or DUMMY).
    The system checks the values for the IDs by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.
    If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.
    If the return code value in SY-SUBRC is 0, the user has the required authorization and may continue.
    The return code value changes according to the different error scenarios. The return code values have the following meaning:
    4
    User has no authorization in the SAP System for such an action. If necessary, change the user master record.
    8
    Too many parameters (fields, values). Maximum allowed is 10.
    12
    Specified object not maintained in the user master record.
    16
    No profile entered in the user master record.
    24
    The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.
    28
    Incorrect structure for user master record.
    32
    Incorrect structure for user master record.
    36
    Incorrect structure for user master record.
    If the return code value is 8 or 24, inform the person responsible for the program. If the return code value is 4, 12, 16 or 24, consult your system administrator if you think you should have the relevant authorization. In the case of errors 28 to 36, contact SAP because authorizations have probably been destroyed.
    Individual authorizations are assigned to users in their respective user profiles, i.e. they are grouped together in profiles which are stored in the user master record.
    Note
    Instead of ID name FIELD f, you can also write ID name DUMMY. This means that no check is performed for the field concerned.
    The check can only be performed on CHAR fields. All other field types result in 'unauthorized'.
    Example
    Check whether the user is authorized for a particular plant. In this case, the following authorization object applies:
    Table OBJ: Definition of authorization object
    M_EINF_WRK
       ACTVT
       WERKS
    Here, M_EINF_WRK is the object name, whilst ACTVT and WERKS are authorization fields. For example, a user with the authorizations
    M_EINF_WRK_BERECH1
       ACTVT 01-03
       WERKS 0001-0003 .
    can display and change plants within the Purchasing and Materials Management areas.
    Such a user would thus pass the checks
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' FIELD '0002'
        ID 'ACTVT' FIELD '02'.
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' DUMMY
        ID 'ACTVT' FIELD '01':
    but would fail the check
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' FIELD '0005'
        ID 'ACTVT' FIELD '04'.
    To suppress unnecessary authorization checks or to carry out checks before the user has entered all the values, use DUMMY - as in this example. You can confirm the authorization later with another AUTHORITY-CHECK

  • Any BAPI to release SE without asking for release code? (to set ESSR-KZABN)

    Hi guys,
    I have a requirement such that: Currently,all the BAPIs to relase SE requires the entry of a release code to approve SEs.
    We have some SEs that are not subjected to release strategies, therefore not requiring release code to be entered. But in order for these SEs to generate a Receipt number, the acceptance indicator (ESSR-KZABN) needs to be flagged.
    Is there a standard BAPI that allows releasing of SEs but without prompting the release code field as a mandatory requirement.
    Regards
    Rahul

    BAPI
    http://help.sap.com/saphelp_46c/helpdata/en/9b/417f07ee2211d1ad14080009b0fb56/frameset.htm
    http://searchsap.techtarget.com/originalContent/0,289142,sid21_gci948835,00.html
    Checkout !!
    http://searchsap.techtarget.com/originalContent/0,289142,sid21_gci948835,00.html
    http://techrepublic.com.com/5100-6329-1051160.html#
    http://www.sap-img.com/bapi.htm
    http://www.sap-img.com/abap/bapi-conventions.htm
    http://www.sappoint.com/abap/bapiintro.pdf
    Difference between FM and BAPI
    http://help.sap.com/saphelp_47x200/helpdata/en/c3/4099978b8911d396b70004ac96334b/content.htm
    http://www.sappoint.com/abap/bapiintro.pdf
    http://www.sappoint.com/abap/bapiprg.pdf
    http://www.sappoint.com/abap/bapiactx.pdf
    http://www.sappoint.com/abap/bapilst.pdf
    http://www.sappoint.com/abap/bapiexer.pdf
    http://service.sap.com/ale
    http://service.sap.com/bapi
    http://www.planetsap.com/Bapi_main_page.htm
    http://www.topxml.com/sap/sap_idoc_xml.asp
    http://www.sapdevelopment.co.uk/
    http://www.sapdevelopment.co.uk/java/jco/bapi_jco.pdf
    BAPI-step by step procedure
    http://www.sapgenie.com/abap/bapi/example.htm
    list of all BAPI's
    http://www.planetsap.com/LIST_ALL_BAPIs.htm
    Rewards if useful...................
    Minal

  • Any BAPI to release SE without asking for release code ?

    Hi guys,
    I have a requirement such that: Currently,all the BAPIs to relase SE requires the entry of a release code to approve SEs.
    We have some SEs that are not subjected to release strategies, therefore not requiring release code to be entered. But in order for these SEs to generate a Receipt number, the acceptance indicator (ESSR-KZABN) needs to be flagged.
    Is there a standard BAPI that allows releasing of SEs but without prompting the release code field as a mandatory requirement.
    Regards
    Rahul

    BAPI
    http://help.sap.com/saphelp_46c/helpdata/en/9b/417f07ee2211d1ad14080009b0fb56/frameset.htm
    http://searchsap.techtarget.com/originalContent/0,289142,sid21_gci948835,00.html
    Checkout !!
    http://searchsap.techtarget.com/originalContent/0,289142,sid21_gci948835,00.html
    http://techrepublic.com.com/5100-6329-1051160.html#
    http://www.sap-img.com/bapi.htm
    http://www.sap-img.com/abap/bapi-conventions.htm
    http://www.sappoint.com/abap/bapiintro.pdf
    Difference between FM and BAPI
    http://help.sap.com/saphelp_47x200/helpdata/en/c3/4099978b8911d396b70004ac96334b/content.htm
    http://www.sappoint.com/abap/bapiintro.pdf
    http://www.sappoint.com/abap/bapiprg.pdf
    http://www.sappoint.com/abap/bapiactx.pdf
    http://www.sappoint.com/abap/bapilst.pdf
    http://www.sappoint.com/abap/bapiexer.pdf
    http://service.sap.com/ale
    http://service.sap.com/bapi
    http://www.planetsap.com/Bapi_main_page.htm
    http://www.topxml.com/sap/sap_idoc_xml.asp
    http://www.sapdevelopment.co.uk/
    http://www.sapdevelopment.co.uk/java/jco/bapi_jco.pdf
    BAPI-step by step procedure
    http://www.sapgenie.com/abap/bapi/example.htm
    list of all BAPI's
    http://www.planetsap.com/LIST_ALL_BAPIs.htm
    Rewards if useful...................
    Minal

Maybe you are looking for

  • How to Load a wav file into a JFrame

    Ok, I have a JFrame with a JPanel and JButtons, play, pause, stop....etc...I have a menu with items load song and exit. Now when you click file load song, it pops up a JFileChooser.....that all works fine. Now I want to be able to select a wav file f

  • How can I get my ipod touch to turn on or to charge?

    How can I get my ipod touch to turn on or charge?

  • ORA-600 during Apply of patch 3.1.2.00.02

    I receice during installation of ApEx patch 3.1.2.00.02 following errors in the apxpatch.log ERROR at line 1: ORA-00600: internal error code, arguments: [kokegPinLob1], [], [], [], [], [], ORA-06512: at line 548 ERROR at line 1: ORA-00600: internal e

  • Open new windows in tab

    anyone know a way that when a web page is coded to open in a new window to have it open in a new tab instead, i know ur able to do this with firefox just wondering if u can in safari. Thanks

  • Photoshop CS5.1 - can't do ANYTHING

    Hi there, I am having a major problem with Photoshop CS5 Extended under Windows 7.  Basically, the software has become virtually unusable. I can't open any files and creating new files rarely works (I have to try about 20 times before it finally open