Authorization Switches in SAP HR

Similar Messages

• Workbench Request for changing the Analysis Authorizations Switch in SPRO

  Hi Gurus,
  While changing the Analysis Authorizations Switch in DEV(SPRO), its asking to create a work bench request.
  so it means after creating a work bench request should we transport that particular work bench request to QA.
  Please help with some suggestion.
  Regards
  Padmaja.

  Just to add to this... the same way you need to transport a role up the stack, you have to transport AA object up the stack.
  Check out this Wiki
  https://wiki.sdn.sap.com/wiki/display/BI/HowtotranportroleandAAtogetherinBI
  Regards,
  Zaheer

• Maintain Authorization Field in SAP ECC6.0

  Hello all,
  Our SAP system has upgraded from SAP 4.7 to ECC6.0 recently. After upgrade, I find that the function Maintain
  Authorization Field - SU20 cannot be launched.
  When I run the T-code SU20, the maintain authorization fields screen does not appear and a message "Start of Application: Maintain Authorization Fields" flash one time in the message bar  (bottom left corner at the SAP screen).
  Can I ask how to maintain Authorization Field in SAP ECC6.0?
  Thanks
  Sunny

  Hello,
  Does anyone know how to maintain Authorization Field in SAP ECC6.0?
  Many thanks
  Sunny

• Webdynpro ABAP content authorization object in SAP portal ?

  Hi
  We are on EHP 6.06 , we have an authorization problem in sap portal for the webdynpro abap content. our standart users got the error "page can not be found" for the services provided from webdynpro abap. when I assign the user to administrator group in sap portal the services working fine. I also checked the SAP ERP roles no problem is there.  I guess I should create a new portal role for them cause its the only difference between users who can reach or not but have no idea what to put in it in SAP portal. Any idea ?

  in portal content directory => double click on the Content provided by sap folder. Than you should have a dropdown somewhere where you can select "Authorizations". You should add the group endusers and check the checkbox.

• 1 year 3 Months Exp / wanting to switch to SAP

  Hi Experts
  I am a Electrical Engineering student, having 1 year 3 months experience in a manufacturing plant .
  I am planning to switch to SAP . I have few queries here.
  1. With this experience, if I do a SAP MM course, How would be the job prospects.
  2.Is this experince enough?
  2. Which module of SAP should I chose. Is it SAP MM , if not, please guide me for any other module.
  Regards
  Edited by: Swastik35 on May 9, 2011 4:50 AM
  Moderator Message : Duplicate post locked.
  Edited by: Vinod Kumar on May 9, 2011 9:53 AM

  Welcome to the Forums!
  +1. What screen should I go with? Regular or the Hi-res. LED screen.+
  Whatever you like! High-res is nice, but the text will be ~small~ !!
  +2. Why should I buy 4gig of ram with my computer from Apple for $400 when I get get it for almost 1/4 the price from a retailer and install it myself? Any reason the apple memory would be better?+
  You shouldn't. Buy it from a 3rd party like Crucial or Newegg. Apple memory is just bought from other OEMs anyway, not made by Apple.
  +3. Any advantage or disadvantage to get the black case?+
  MacBook Pros are aluminum, not black. You're thinking of MacBooks.
  +4. Does the 7200rpm 200gig HDD really add that much speed from the 250gig 5200rpm HDD?+
  Adds a little, but honestly unless you're running I/O-intensive tasks you'll get more out of the extra 50 GB.
  +5. Here is the big question. I don't need the computer until mid July. Should I wait to purchase to see if Apple comes out with a better processor and graphics card or is it unlikely this will happen?+
  Although speculation about future Apple releases is +against the Terms of Use for these forums+, it's safe to say that there will ALWAYS be a better processor, better graphics card, faster this, more that, bigger the other released in a few months. That's the computer industry. If you need one, buy now. If you can wait, wait. No matter when you buy, there will always be something better soon. This link may help.
  +6. Any advantage or disadvantage to the 15" over the 17"?+
  Just a different size in a different configuration.
  Go to an Apple Store, try them out!

• Newly Created authorization Objects after SAP Upgrade

  Can someone tell me whether there is any transaction or table that display the added object authorizations after a Sap Upgrade ?
  Thanks in advance.

  Also, you can check SAP_NEW profile which shows which authorization objects have been added in which release.

• Switching to SAP Consultancy

  Hi all,
  I am a Cost & Management Accountant, at 42 yrs of age. Now I want to switch to SAP Consultancy.
  Until today, I had a 12 years to teaching experience for accounts & finance, cost & management. before that I had some Programming experience in CoBOL.
  Can any body advise me, as my wish to switch over is GOOD, BAD, Ok or Excellent. or any thing else?
  Thanking you in advance.

  Well, I wasn't waiting to strike (I only do that when moderating
  I just wanted to point out that skill as a programmer is more important than being able to use any particular language.
  But you may still run into difficulties trying to move from accountancy back into programming. Most employers do want to hire programmers who already know ABAP. So while age shouldn't be an issue, there will be others.
  Rob
  PS - It doesn't look like you can assign po1nts in this forum. But I wouldn't worry about it. A good deed is it's own rew ard

• CK40N error: Missing authorization for BOM (SAP Error: CK-581)

  Hi Experts,
  When running CK40N, I found an error message Missing authorization for BOM (SAP Error: CK-581).
  If this is the problem of my CK40N that make object cannot be costed, how can I solve this?  Is this relate to SAP authorizartion?
  Thanks.
  sbmel

  Hello,
  While doing Costing run CK40N or Cost estimate CK11N, you require having authorization of T. Code CS03 for the plant in your SAP ID as it explodes BOM.
  Kindly contact basis team & take the authorization on your SAP ID.
  Regards,
  Anand

• Confuse to switch on SAP -QM

  Dear all,
  I want suggestions from you all. I have completed my BE(Mech) in 2007. I was worked  in manufacturing industry for 6 months. Then I have done the course of SAP Business One. Currently I am working as Senior SAP Business One Functional Consultant.
  Now I want to switch to SAP R/3. I have started the study of Quality Management. Can you please suggest me that I have chosen right way at right time or not.
  Please guide me on the same. Is QM module is benefitial to me? How to start the study? Please give me the way for getting break in SAP R/3. i am bit confused at this stage. Need help of all of you as you are  experts in this field.
  Waiting for your reply.
  Swapnil

  without proper functional expertise never jump to any functional modules in R/3.

• Authorizations concept in SAP BI

  Hi All,
  Can you please tell me about Authoriions concepts in SAP BI ?
  Regards
  Syed

  hi ,
  About Authorizations Concept in SAP BI .....
  SAP BI 7.0 Authorization concept (analysis authorization) change a lot in accessing, analyzing and displaying BI information. The approach allow to restrict data access on Key figure, Characteristic, Characteristic value, Hierarchy node, and InfoCube levels. It enables more flexible data access management.
  Check this links
  http://help.sap.com/bp_bw370/documentation/Authorization_BW_Proj.pdf
  and
  check this two links too
  http://www.bwarea.com/2009/01/sap-bi-70-authorization-part-1.html
  http://www.bwarea.com/2009/01/sap-bi-70-authorization-part-2-creating_18.html
  Regards
  ChandU
  <removed by moderator>
  Edited by: Siegfried Szameitat on Jun 1, 2011 2:26 PM

• Roles and Authorization strategy for SAP BIBO

  Hello All,
  We are doing an implementation where Source is a Oracle, SAP BI warehouse and BO XI3.1 as reporting solution.
  Our customer has asked for the authorization strategy that will be implemented in SAP BI. Currently the users belong to different companies or plants or countries
  Current structure is like,
  User 1 belongs to Plant1 of Country1
  User 2 belongs to Plant2 of Country2
  user 3 belongs to Plant3 of Country1 etc..     
  We have more than 500 users who will use the reports. The user belonging to a particular plant should only see the plant data/Country data he belongs to.
  As I understand, we need to create the roles in BW and these roles to be imported into BO to use for the row and column level security.
  The options we considered are,
  1. Use Bex queries in BW to with ABAP code in CMOD to identify the user belongs to Plant  1, 2 or 3 and provide necessary authorizations.
  2. Create user groups based on the country or company they belong to and create as many roles as required. This will however impact the maintenance of so many roles in the BI system.
  We are also forced to avoid Bex queries in BW and hence,  trying to connect Multiproviders directly in BO universe.
  How should we go forward in designing the authorization concept? Any better ideas?
  Thanks and Regards,
  Srinivas

  There are two ways which we can implement this kind of authorization based on my knowledge.
  1. Data Security purely at BW
  If the data is secured based on roles and users, there is no  need of additional authorization from BO side except at report and folder level if you go for SAP Authentication.
  Once you use SAP authenication and enable single sign on option in universe connection, the SAP users can access data based on their profile set at BW.
  2. Data Security from BO
  Let's assume that, if nothing is set at BW and every thing to be take care from BO.
  Then you could create one multiple provider for each plant / country. Create one connection for each multiprovider
  Create restrictions (Tools--> Manage Access Restrictions) for each plant/country. There you can change connection names.
  So you would need to create many restrictions for different permutations and combinations.
  I never tries this option with Multiprovider. But It worked well with NON-SAP data.
  Hope this helps!
  Regards
  Gowtham

• Role creation and authorization objects in sap

  Hi
  i want to know the full relationship between  creation of roles , authorization objects ,authorizations in web as abap
  Please explain the process in detail the use of PFCG and all its options and how to create Z roles

  Although, It would be a very long document to explain the query, I have briefed you on the concept. I hope it leads you well.
  - Roles are nothing but a container for authorizations. A role represents a specific part of an employeeu2019s job.
  - The R/3 authorization concept permits the assignment of either general and/or finely detailed user authorizations. These assignments can reach down to transactions, field and field value level.
  For e.g. If a user wants to create a PO we can restrict him on:
  u2022     Activity : Create/Change/Display
  u2022     Org elements like Company Code, Plant, Purchase Organization etc
  u2022     Document type etc.
  - Authorization objects are grouped in an object class such as Materials Management: Master Data (MM_G). Each Object Class may have several authorization objects and within each object we can have several authorizations (max. up to 99).
  - Fields :The permissible values for the fields constitute the authorization. For e.g. ACTVT (Activity) is a field with permissible values of 01 (Create), 02 (Change) & (03 Display) for the object M_MATE_CHG (Material Master: Batches/Trading Units). Value * for field BEGRU signifies all possible values.
  - An authorization allows you to carry out an R/3 task based on a set of field values in an authorization object. By themselves authorizations do not exist and they only have a meaning inside a profile
  - Authorizations are contained within profiles and these profiles are assigned to users manually or automatically via role assignment. When you assign the field values for all the authorization objects and save system will auto generate a profile name.
  - Authorization check are included in the transactions source code in standard SAP R/3.A user may carry out an action if the authorization check is successful for each field in the object.
  Edited by: Subramaniam Iyer on Nov 27, 2008 12:08 PM

• Webi  Bypassing BEx Authorization Variable with SAP Exit

  BEx query has Hierarchy Node Variable with Authorization as processing type. Its set as User Input ready
  When the Webi report is refreshed, the LoVs appear as per the Authorization. However, if user doesn't select any value (pushes from right to left in variable screen) he gets NOT_AUTHORIZED error. Which is not intended, it should check the authorization in the background via SAP exit and populate the result. This is how it runs inBEx query.
  However, in Webi it's giving NOT_AUTHORIZED error? This is how the product is designed to work or is it a bug.
  I see several forum threads and SAP KBAs/notes but they are not answering my question. Could anyone please help.
  I am ready to provide more details on this error.
  Thanks,
  Tilak

  Hi,
  this is how authorization variable would work in any of the clients and not just Web Intelligence.
  You created an authorization variable which is configured as "read for input", so the user is getting prompted.
  So In Web Intelligence the LoV shows up.
  if the user does not select a value, then you are not sending a value, so you basically asking for all data and you are not allowed to see all data and therefore you are getting the message "no authorization".
  if you are making authorization variables as ready for input then the user needs to select the proper values - regardless of the BI tool.
  if you want the authorization to be check in the background then the authorization variable should be configured to not have ready for input.
  regards
  Ingo Hilgefort

• Authorization check in SAP Queries.

  Hi All,
  We have created a SAP query and infoset for displaying invoices. We want to restrict the users from viewing data of company code for which they don't have display authorization. For instance if user is authorized only for displaying data for US company code then he should not be able to see the data for company Italy. Also the company code parameter is a select option in SAP query.
  So the user can enter '*' also. In that case we want to display the data for all company codes for which user is authorized to. We tried to do change in code in infoset on AT SELECTION SCREEN but its not working as the variables in the program generated for query are not visible in Infosets. Please let us know how can we fix this requirement.
  KR Jaideep,

  Hi All,
  Thanks alot for your valuable inputs.
  I have made following modifications in the infosets.
  *---Authorization for Company code entered by the users.
  *---This code will restrict users to see data for company
  *---codes which they are not authorized to.
  *---Select all the company codes based upon selection entered by the
  *---user
  SELECT bukrs
     FROM t001
     INTO TABLE li_bukrs
    WHERE bukrs IN bukrs.
  IF sy-subrc EQ 0.
  *---Clear Screen variable for Company code
     CLEAR bukrs.
     REFRESH bukrs.
  *---Filter and prepare Select options for Company code table to be
  *---passed to query. Table will only have values of company codes he is
  *---authorized to for display.
     LOOP AT li_bukrs INTO lwa_bukrs.
       AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                         ID 'BUKRS' FIELD lwa_bukrs
                         ID 'ACTVT' FIELD '03'.
       IF sy-subrc = 0.
         bukrs-sign = 'I'.
         bukrs-option = 'EQ'.
         bukrs-low = lwa_bukrs.
         bukrs-high = space.
         APPEND bukrs.
       ELSE.
         lv_flag = 'X'.
       ENDIF.
     ENDLOOP.
  *---Give warning message to the user in case he is not authorized to see
  *---data for all the company codes that he has entered.
     IF lv_flag = 'X'.
       MESSAGE ID 'ZF_MSS_FNG' TYPE 'W' NUMBER '015'.
     ENDIF.
  ENDIF.

• BO authorization model with sap roles / access tot folders, functionalities

  Hi Specialists,
  As authorization cunsultant in BI, I have little knowledge of the security setup in Business Objects.
  I have to setup an authorization model were the authorizations are assigned via sap roles in the backend BI system. These roles are imported in BO were they can serv as 'user groups' and access to folders, functionalities.
  Can anyone provide me a overview, guide, training document... on how the authorizations are managed in BO and best practice when they are linked to sap backend roles.
  The goal will be to user the sap BI backend roles and user them to grant users in BO specific access to specific folders. Eg; User A can access folders 1 as "refresher only", User B is able to publish reports in folder 2, User C has only view access in folder 2...
  Any help would be great!
  Thanks very much in advance.
  rgrds
  Kristof

  Hello,
  this is the best approach you mentioned here.
  I prefer to create roles serverd as functionalities in the Backend. For Example you have a "View" role, a "Refresh" role and so on.
  On the other hand i saw some setups where there is only on role in the Backend with all the BO Users. Then you have to create you functional groups in BO and have to assign the Users there to the Groups.
  Check the Adminguide of BO XI 3.1 for more Informations.
  Regards
  -Seb.