Delete Authorizations in BW

Similar Messages

• Park Document delete authorization

  Dear All,
  We want that business users should not be able to delete the park document created with MIR7.
  Is there any authorization control so that users should be able to create/change the park document but cannot delete the document.
  Regards
  Vikas Sehra

  Hi,
  I also tried with different options but could not find authorization object which restricts only delete option.
  Also, I need suggestion whether this is ok to remove delete authorization form all users (may be through a custom authorization object)
  Reason is that there are scenarios such as below where delete is the option we need to choose. Delete functionality is integrated with standard system design. -
  a) different number range if park document is posted in different financial year, so we need to delete the park document or it is automatically deleted while posting.
  b) If document is parked in different Company Code than the purchase order Company Code, such park document needs to be deleted as posting will not be allowed.
  Kindly suggest.
  Regards
  Vikas

• Delete authorization for distribution list

  Hi,
  In our system all the distribution lists suddenly deleted and it was in the shared trash folder.
  so we retrived from the folder.
  To restrict the delete authorization of users for distribution lists  in the object S_OC_ROLE field OFFADMI ' Administrator' has been changed to ' '. But they were not able to create the the distribution list in the shared folder. they are able to create only in their private folder.
  Is there any way to restrict the delete authorization alone.
  Thanks,
  Suganya

  Hi Stef,
  Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
  In the filed BUKRS you can maintain the company code as you required for the users.
  I hope this may help you in resolving the issue.
  Thanks
  Karthick

• Error in Deleting Authorization Object

  Hi,
  I am trying to delete the authorization object in tcode RSSM, and I am getting following error:
  Could not delete profile RSR_00006165 from the DUMMY user master
  Message no. RSSBR063
  Your input will be appreciated and points will be awarded for helpful answers to resolve this.
  Thanks in advance,
  Steve

  Hi Steve,
  All your roles which are depending on the specified authorization object should be free with AUTh.OBJ and then try to reomve the master data from the auth.obj and then delete the auth.obj, now it will allow you to delete the auth.obj
  Regards
  Sarath

• Logoff web dynpro application / delete authorization

  Hi,
  I created an exit to url plug in my WDA window, I'm wondering is there a way to  delete the user authorization when a user click on the logoff button? 
  Thanks,
  Abdul

  You can undeploy directly from NWDS.
  'Windows->Show View->Other' menu, open the view 'Undeploy View'.
  Select the component you want to undeploy on the right and move it (double click) to the right side. The blue ball icon starts the undeploy process.

• Delete authorization for specific Company Code

  All,
  For a specific transactions, our users may only run the transaction for a specific company code. Transaction is TPM55A
  What authorization object do I need to add to my role, so the users have only authorization for let's say Company code range 1000 - 1050.
  Many thanx for help
  kr,
  Stef

  Hi Stef,
  Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
  In the filed BUKRS you can maintain the company code as you required for the users.
  I hope this may help you in resolving the issue.
  Thanks
  Karthick

• Error! Check Activation and Can't Delete Authorization, getting "Please try after some time"

  Hello,
  I am getting "Error! Check Activation" error message when I try to download epub from acsm file. I found that I should erase and re-authorize. When I try to erase authorization I get, "Please try after some time."
  I need a solution.
  Thanks.

  try this
  I can't de authorize my computer. It just keeps saying to try again later.

• Delete authorizations on unavailiable PC´s?

  It seems as if I have authorized too many computers for my iphone, but the problem is that two of them are friends computors that I dont have access to anymore, and the rest are old work pc´s that are thrown away and formatted.
  Now my iTunes wont let me authprize my new PC unless I deauthorize the old ones first......**** Catch 22 here, can someone help me?

  See this... http://support.apple.com/kb/HT1420

• HR infotype authorization

  Dear all,
  I am created role for example "A" which is authorizes to only creation of infotype for example 0002 in role "A" master data
  Authorization level            w,R   
  Infotype                       0002
  Personnel Area                 *   
  Employee Group                 *   
  Employee Subgroup              *   
  Subtype                        *   
  Organizational Key             * 
  but i am unable to understand how to give only infotype change and delete authorization to role "B"
  please guide me and also what is the simple definition of ( what function in authorization in simple way )
  S (write locked record; unlock if the last person to change the record is not the current user),
  E (write locked record),
  D ( change lock indicator )
  Regards
  Rayyan

  Shahid,
  There is not a way to seperate the Create/Change/Delete functionality on HR Infotypes for objects like P_ORGIN. Unfortuntally these are the limiation of SAP HR Security only using the "W" authorizaiton. At my client we had to build processes around this and ensure correct HR Master Data group was centralized for responsibity and authorizations as well as turned on audit logging for reporting.
  Thanks,
  Matt

• Delete Button not appearing in cFolders

  Hi All,
  The user is allowed to upload the document in the cFolders. In the screen where the list of files uploaded is displayed, there are buttons like 'Create', 'Copy' etc. But here there is no option to delete the uploaded file.
  Can any one suggest why the 'Delete' Button is not appearing.....
  Thanks in Advance.
  Regards,
  Mary

  Hi ,
  Are you using custom roles?
  Authorization to delete is missing.
  Two ways you could get that :
  1) authorization object CFX_OBJ should have activity 'delete' (06) in your profile
  or else authorization object ACO_SUPER with activity 'Admin' ( not recommended)
  2) Enable  delete authorization via BBP_CFOLDER_BADI method col_authority_change
  regards
  Alok

• ECC6: Authorizations for GOS

  In ECC6, I should give two different levels authorization into generic object services Toolbox.
  I have two type of users:
  1. Administrator
  2. Accountant
  The Administrator should be able to create, edit, display and delete notes.
  The Accountant should be able just to create and display notes.
  Administrator users were given the S_OC_ROLE athorization object .
  Accountant users were given the S_GOS_ATT authorization object, though this doesnu2019t work since the accountant users are still able to edit and delete notes.
  My question is: how can I remove the edit and delete authorizations for accountant users?
  Thanks,
  Kind Regards

  A concrete scenario I have to deal with:
  The scope for all business partners and transactions should be limited to central Europe.
  The relevant field for this authorization is the id (number range) respectively the business partner grouping.
  - I would use ACE rules to filter the relevant business partners by their ID or grouping and relevant transactions by their account-assignment
  - I would set up ACE rights to limit access for the actions read, write and delete
  - to handle the create authorization, I have to define a PFCG role and limit access to certain CRM components
  The user should be allowed to read Corporate Accounts,
  to read, edit, create Contacts,
  is not allowed to deal with Opportunities,
  is allowed to create, read all activities and to read, edit, delete own activities (if he is the creator),
  is not allowed to deal with any report or pipeline performance.
  - ACE role/right to read Corporate Accounts
  - PFCG role to restrict create access for the BP_HEAD component
  - (ACE role/right to limit search results for opportunities)
  - PFCG role to restrict create, search, overview access for the BT111M component
  - Business role without Work Centers or Logical Links to opportunities
  - ACE role to limit access to read activities
  - ACE role to limit access to read, edit, delete activities which the user has created
  - PFCG role to restrict access to all pipeline performance components
  - remove PFCG roles for report access (e.g. SAP_CRM_OR_USER)

• DMS: CV02N without delete original option...any Authorisation object exist?

  Dear All,
              I have a requirement that a person requires to link WBS element, PO item or PR item to some documents which he doesn't has no authorisation to create or change since those are not created by his Dept. but he wants to links them to his WBS lement or PR item.
  So i was thinking of creating a role for him by giving a change mode athourization to those doc types but then he also gets the authorization to delete the original,
  Which he should not get.
  So is there any athuo. Obj. to control it or by any other method i can control it.
  Suggestions welcome.

  Hi Nishant,
  Delete authorization comes automatically with change role.
  So if you want this solution in SAP GUI then you have 2 options
  1. Make a ZTABLE with User IDs whom you want to restrict deletion activity and maintain the same in the cv02n user exit. This will disable your delete button.
  2. There is a BAPI i.e Document_Auth01 implement that and then remove the activity 52 from Auth Object C_DRAW_TCS. This will also restrict users from deleting originals.
  Else if you also want this solution is Easy DMS then to make you aware both above changes will not have any affect on EASY DMS there you can achieve this via registry Entries or Via ACL's.
  Hoe it answers your query.
  Thanks Amulya

• Authorization issues while acitvation of process chain

  hi
  No delete authorization for job BI_PROCESS_ATTRIBCHAN 16320601
  I couldn't get it..
  sachin

  Hi Sachin,
  Can you be more informative in regards the issue??
  Regards
  GPK

• Authorization in UI

  Hi Gurus,
  I'm wondering how to delete authorization for users to create and delete the product catalog in User Interface.
  I do it from PFCG and effectively in the GUI the user is not able to do it, but in the UI it is still able.
  Is there maybe any buffer to refresh?
  Thanks a lot,
  regards,
  A.

  Hi Srini,
  thanks for replay. Unfoprtunately you answer is not helpful. Infact I need my role to be able to display the product catalog. If I do as per your answer, on the Search option I have anyway the button "New" which allows the role to create a new Product Catalog. And this is not what I want...
  Please help me...all the point for an helpful answer!
  Thanks a lot,
  regards,
  A.

• Limit to UIU authorization

  Hello Experts,
  I faced a issue recently where I am not able to include any more UIU_comp authorizations. The error that pop up is "All authorizations beyond the maximum number are ignored" . Is there a way where we can increase the limit of authorization objects in a given PFCG?
  Thanks!
  Neha

  Hi Neha,
  This problem usually happens due to bad role design. The error message
  description is most likely the following:
  Message no. 5@026
  Diagnosis
  The maximum number of 100 authorizations per object was exceeded.
  System Response
  All authorizations beyond the maximum number are ignored.
  Procedure
  Additional authorizations can only be included if you first delete a
  corresponding number of existing authorizations. Note that deleting
  authorizations with the status "Standard" or "Maintained" can lead to
  the inclusion of new default authorizations at the next merging of the
  authorization data. Avoid the maintenance associated with this by
  removing only changed or manual authorizations.
  Probably you have a role that has among other authorization objects,
  more than 100 occurrances for authorization object UIU_COMP. This is
  more than the recommended, as the system limit of 100. You can confirm
  that by selecting the role in question and reviewing this object in
  table AGR_1251.
  So, in order to overcome the problem, all you have to do is to
  approach your Security expert and ask for a redesign on this role. It
  will be most likely needed to split your authorization data in more
  than one role, to avoid trespassing the expected limit.
  ==================================================
  Hoping that above is helpful.
  Best regards - Christophe