Check partner authorization field

Hello Gurus,
The check partner authorization field is used to determine which partners are authorized
to release against a contract. Should no check be performed, you may leave the field blank.
where to set this check partner authorization field ?
Many thanks
Frank

Hi
You have to specify the release partners in the Customer master record of the Sold To. If you want to include the Ship To also as the release partner, then in the partner function tab of customer master specify the partner function as AW and give the customer number of the SH. Like wise you can add any no of SH.
Thanks,
Ravi

Similar Messages

Check rel. part field on sales contract

Hi all,
In sales contract screen, on Header -> Sales, we have a field "Check rel. part". Please update that where in SPRO, I can maintain options for this field.
Many Thanks.
Best Regards,
AI.

Hi,
Check rel. part field value is coming from the sales document type.
Goto sales document types (VOV8). Select the contract document type and choose details.
you can find this field check partner authorization field in contract sub heading. Here you can choose relevant one.
Regards,
Chandrasekhar

Can we give more than one value for an Authorization field in Auth-Check.

Hi all,
Can we give more than one value for an Authorization field in Auth-Check.
Ex: AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD <Value 1> <Value 2> <Value 3>.
IF SY-SUBRC 0.
MESSAGE E...
ENDIF.
If yes, please help me with exact syntax.
Think it will be like
ID 'CUSTTYPE' FIELD: <Value 1>, <Value 2>, <Value 3>.

Hi,
yes we can give more than one field.
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
   ID <authority field 1> FIELD <field value 1>.
   ID <authority field 2> FIELD <field value 2>.
   ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
please reward points, if it is useful.
satish.

How to add authorization field to a standard authorization object

Hi All,
I'm trying to limit user to can only create & change X type of order type in PM module. This can be fullfill by creating suer with assigned role with only allow X type of order type.
But when I assigned a display role which has authorization to display all order type (maintained as authorization object), now my user can create and change all order type.
How to limit user to can only create & change X order type and only display the rest of order type?
I assume by adding authorization field: AUFART(order type) in authorization object: I_TCODE will solve the problem, is it right? and is it possible to do that?
regards,
Andre

Hi,
your assumption is incorrect. First of all, adding a new field to standard authorization object is a bad idea. You would have to modify all checks for that object. For standard SAP object it means that you would have to modify many SAP programs.
The authorization object I_TCODE is checked in PM transactions. It gives you authorization to run that transactions. That object can't be used to limit what you do in that transaction or what order type you can process. You are looking for some other authorization object(s). You need to go to SU24 which gives you what authorization objects are checked in particular transaction. It does not have to cover all objects but it's a good starting point.
Cheers

Check transaction authorization

How to check transaction authorization using
Z_AUTH_OBJECT_CHECK function module

Hi,
it is not throwing failed authority check error but should work just fine.
    AUTHORITY-CHECK   OBJECT 'A_PERI_BUK'
                      ID      'AM_ACT_PER'      FIELD con_31
                      ID      'BUKRS'           FIELD x093c-bukrs.
    IF sy-subrc NE 0.
*       WRITE: / text-f08, x093c-bukrs. commented by C5053255
      CONTINUE.
    ELSE.
*      Rücklesen des eingegebenen Geschäftsjahres pro Buchungskreis
      p_gjahr = sav_gjahr.                                  "> 627533
    ENDIF.
CONTINUE statement executed in case of failed authority-check causes loop to skip processing for this item ... so only elements for which user has proper authorizations are processed. Try debugging to confirm
Best regards,
FS

Table for Analysis authorization along with values for authorization fields

Hi,
I am looking for table that contains the Analysis Authorization name along with values for all the authorization fields within this Analysis Authorization. Individually i can go to PFCG or Rsecadmin but since i need all the Analysis auth objects, i need to get this info into excel, so need a table.

Hi Prashanth
You can check RSECVAL that is appropriate for your requirement please let us know if any further help is needed.
Thanks & Regards
Santosh Varada

Searching for values of authorization fields

Is there a way to see the transaction codes or programs that makes use of a specific value of an authorization field?
Example: K_PRICE001 has the following authorization fields.
               BUKRS - Company Code
               WERKS - Plant
               CWPRICLABL - Price Type
               ACTVT - Activity
The permitted activities are "02" (Change) and "03" (Display).
Can I find programs/transaction codes that use "02" only? or "03" only? or "*" for all?

> What it does not do is show you what values are linked to it, that you have to do manually but atleast you would have a list to start with.
Someone already did that and left all the information behind in the system for you - both check indicators (the capability of the transaction to control something) and proposals (the intended use of the transaction).
They also update it with each support package, but it is nor 100% correct not a perfect match for all your intentions. You can use authorizations to tune it if you have set it up correctly in the first place...
--> SU24.
Cheers,
Julius

Add Authorization field to Authorization Object (BTRTL to P_ORGIN)

Hi,
Could anybody please let me know the steps to add authorization field to an authorization object.
I want to add authorization field (BTRTL) to authorization object (P_ORGIN).
Please suggest..
Thanks is advance!

Hai..
Goto SU03- access Class HR -> Object P-ORIGIN-> then check/create the values for the field BTRTL.
For checking authorization Reports, we use command 'AUTHORITY-CHECK OBJECT'.

Authorization object with no authorization field

Hi Experts,
I have created authorization object with no field checking.
This is possible? Because i want to create this auth object for conversion only, and its not needed field checking.
Please advice.

Hi
See this and do accordingly
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Take the help of the basis Guy and create and use.
Regards
Anji

Authorization Fields

Dear Friends,
I have authorization object. I want to use it for my Zprogram.
my problem is i want to check plant and product group.
Plant is already added,
I want to use MVGR1 field for product catagory, how can i do this.
or is it possible for add z field as a authorization field. i mean (Z table field)
Please this is open for any suggestions.
Thanks in advance.

Hi ,
u can create a new Autho.Object from Su21 , and u can use that object in ur program, but u need to assign this objects to ur user profiles.
this is only in case if no standard objects are avail.on product grp.
Regards
Prabhu

MAximum number of authorization fields in an authority object

What is the maximum number of authorization object in an authority object ?

An authorization object comprises up to 10 authorization fields.
Read [AUTHORITY-CHECK|http://help.sap.com/abapdocu_70/en/ABAPAUTHORITY-CHECK.htm], look also at [SU21|http://help.sap.com/abapdocu_70/en/ABENBC_AUTHORITY_CHECK.htm] transaction screen.
Regards,
Raymond

Check for Authorization object

Hi All,
I have a report which will authorize the person running the report.
I have been given a requirement which is to not accept some users and accept some users.
Now I know this is possible with authorization object but as I never worked with it so I exactly kind of getting in confusion as to how to go about it.
Could some one let me know how to go about it. I have few questions.
1. what is the exact use of authorization object.
2. I can build in the logic but what all should one start with before going for before implementing authorization object for the report.
3. I know there is some basis work involved in this but what is that ?
Thanks,
Mahen

Hi,
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Take the help of the basis Guy and create and use.
Reward points if useful
Regards
Anji

Is there any way to force a Role Check for authorization from a Ztable

Hi all,
I have an issue that deals with Authorization check using a role. I have to know if there is any way to make a Role force to check if an entry exists in a Ztable.
Eg. A User is assigned a role Z:Ztable_check. Can we now force this Role to somehow check for a particular entry in a Ztable which has a Username and its Corresponding Authorized Cost center. Can the role check from the Ztable and allow the user to view only those cost centers that he is allowed to.
Don't know if this is even theoretically possible.

hi
see if this helps you
<b>The SAP Authorization Concept
Authorization checks are a means of protecting functions or objects in the R/3 System. The programmer of the function determines where and how these checks are made, while the user administrator determines (within the framework defined by the programmer) who can execute a function or access an object.
The terms central to the SAP authorization concept are:
Authorization field
This is the smallest unit against which checks can be made. The programmer can create authorization fields by selecting Tools → ABAP Workbench → Development → Other tools → Authorization objs → Fields.
Example: ACTVT and CUSTTYPE.
Authorization object
An authorization object groups together 1 to 10 authorization fields which can then be checked as a combination. The programmer can create authorization fields by selecting Tools → ABAP Workbench → Development → Other tools → Authorization objs → Objects.
Example: The authorization objekt S_TRVL_BKS groups together the authorization fields ACTVT and CUSTTYPE.
Authorization
An authorization is a combination of permitted values for each authorization field of an authorization object. The user administrator creates authorizations by selecting Tools → Administration → Maintain users → Authorization.
Example:
S_TRVL_CUS1 is an authorization for the authorization object S_TRVL_BKS with the values
for customer type (CUSTTYPE) and
02 for activity (ACTVT).
Users who have this authorization are allowed to change the bookings of all customers.
S_TRVL_CUS2 is an authorization for the authorization object S_TRVL_BKS with the values
B for customer type (CUSTTYPE) and
03 for activity (ACTVT).
Users who have this authorization are allowed to display the postings of all customers.
Authorization profile
An authorization profile represents a simple workplace in the context of authorizations. An authorization profile contains authorizations for the authorization objects a user needs to operate effectively in a restricted task area. The user administrator creates authorizations by selecting Tools → Administration → Maintain users → Profiles.
User master record
Your user master record is checked when you logon to the R/3 system. Through the authorization profiles, this provides restricted access to the functions and objects of the R/3 System. The user administrator creates authorizations by selecting Tools → Administration → Maintain users → Users.
Authorization check
The programmer can perform authorization checks with the ABAP command AUTHORITY-CHECK by specifying the value to be checked for each authorization field defined. The system then scans the profiles in the user master record for the authorizations specified. If one of the authorizations found for all fields of the authorization object covers the values specified by AUTHORITY-CHECK, the check was successful.
Example: Check whether the user is allowed to change the postings of business customers:
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
                ID 'ACTVT'    FIELD '02'
                ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
If the authorization S_TRVL_CUS1 exists in the user's master record, the authorization check is successful. However, if the authorization S_TRVL_CUS2 exists, but not the authorization S_TRVL_CUS1, the check fails.
Authorization assignment
The system administrator is responsible for assigning user master records with the correct authorizations. You should use the Profile Generator to maintain authorization profiles. However, you can also change them manually. Each authorization object contains authorizations. These are grouped together in authorization profiles such that each authorization profile represents a job description, for example 'flight reservations clerk'. You assign one or more authrization profiles to each user master record. You can assign an authorization to as many authorization profiles as you like, and an authorization profile to as many composite profiles and users as you like. Composite profiles are used in manual authorization maintenance, and form a further division in the authorization structure. However, they are not strictly necessary.
                  User master record
                Auth. profile Composite auth. profile
           Authorization              Auth. profile
             Values              Authorization
                               Values</b>
plz reward if satisfied

Authorization Field

Hi All,
I have a problem regarding Authorization Field in Role assignment.I need to know whether if we add a Authorization Field to a Authorization Object will affect the standard customization of the object.Next one is that how can we add a authorization field? i am not able to add the field to a Profit center accounting object K_KA_RPT.I want to make a authorization check with the controlling area for these reports so tried to add controlling area(KOKRS) to this object.i have a manual version for this object created and trying to add it in that.will it affect the standard customization of that object K_KA_RPT??
very urgent.
Regards
Andrew

Hi Andrew,
Using transaction SU21 (List of authorization fields) you can display the details for AUTH field PPFCODE. If you push the button Input Help (Shift+F4) you will get all 33 possible values (Note: my system is ECC 5.0).
A very handy function module for your purpose is SUSR_AUTF_GET_F4_HELP. Simply call the function module with your AUTH field and it displays all search help values. There you should find a programmatic way to determine AUTH field values.
Go through this to understand the authorization concept completely
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Reward if helpful.
Regards,
Harini.S

Authorization field value

Hi Experts,
Basis team has created one authorization object and created one authorization field for warehouse number. They will assign value to that field.
My question is:
Is there any table to get the authorization field value for that object? or How could I get the value for this authorization field value?
Because I should use that value in my select statement.
Any possible solution will be gratefully accepted.
Thanks & Regards,
Arindam Samanta.

Hi Arindam,
You shall get the warehouse number using SELECT query from it's master or transaction table and pass it to the AUTHORITY-CHECK statement.
Example:
SELECT SINGLE pernr
        INTO   l_pernr
        FROM   pa0105
        WHERE uname EQ sy-uname AND
               usrty EQ '0001'   AND
               begda LE sy-datum AND
               endda GE sy-datum.
AUTHORITY-CHECK OBJECT 'ZAUTH_HRT' ID 'PERNR' FIELD l_pernr.
IF sy-subrc <> 0.
   MESSAGE 'No authorization' TYPE 'E'.
ELSE.
   MESSAGE 'Congrats! You are authorized' TYPE 'I'.
ENDIF.
Hence, it will automatically check the values in l_pernr with the values in Authorization field.
You can check the values passed to authorization field using the T.code - PFCG
With Regards,
Gurulakshmi

Check partner authorization field

Similar Messages

Maybe you are looking for