Delete Authorizations in BW

All,
     I was wondering how do we delete Authorization generated by Profile generation Program in 3.5. I have read from help Sap.com that I should do the following
If a data record with the user name 'D_E_L_E_T_E' is loaded into the DataStore object 0TCA_DS01, first the generated authorizations for all users in the BI system for the DataStore object record are deleted (separated by the first part of the name before the digits) and then generated for the rest of the data.
I have tried the above and it does not seem to be working. I was wondering if any body has done it successfully before.
Here is how my data looks like when I tried to delete. ABC Already existed in the system which I want to delete now.
0TCTUSERNM         D_E_L_E_L_E_T_E
0TCTAUTH               ABC
0TCTADTO               99991231
0TCTIOBJNM            XYZ
0TCTSIGN                I
0TCTOPTION            EQ
0TCTLOW                 123
0TCTHIGH
0TCTOBJVERS          A
0TCTSYSID
0TCTADFROM          10000101
the rest is the data for ABC............. The message I get is that There is no Active user as D_E_L_E_L_E_T_E Which makes Sense.
Any Ideas?
Neha

Hi,
2 things:
1. You say you entered D_E_L_E_L_E_T_E as the user name; shouldn't it be D_E_L_E_T_E?
2. Display data in the ODS 0TCA_DS01; are there any users present there?
Cheers...

Similar Messages

Park Document delete authorization

Dear All,
We want that business users should not be able to delete the park document created with MIR7.
Is there any authorization control so that users should be able to create/change the park document but cannot delete the document.
Regards
Vikas Sehra

Hi,
I also tried with different options but could not find authorization object which restricts only delete option.
Also, I need suggestion whether this is ok to remove delete authorization form all users (may be through a custom authorization object)
Reason is that there are scenarios such as below where delete is the option we need to choose. Delete functionality is integrated with standard system design. -
a) different number range if park document is posted in different financial year, so we need to delete the park document or it is automatically deleted while posting.
b) If document is parked in different Company Code than the purchase order Company Code, such park document needs to be deleted as posting will not be allowed.
Kindly suggest.
Regards
Vikas

Delete authorization for distribution list

Hi,
In our system all the distribution lists suddenly deleted and it was in the shared trash folder.
so we retrived from the folder.
To restrict the delete authorization of users for distribution lists in the object S_OC_ROLE field OFFADMI ' Administrator' has been changed to ' '. But they were not able to create the the distribution list in the shared folder. they are able to create only in their private folder.
Is there any way to restrict the delete authorization alone.
Thanks,
Suganya

Hi Stef,
Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
In the filed BUKRS you can maintain the company code as you required for the users.
I hope this may help you in resolving the issue.
Thanks
Karthick

Error in Deleting Authorization Object

Hi,
I am trying to delete the authorization object in tcode RSSM, and I am getting following error:
Could not delete profile RSR_00006165 from the DUMMY user master
Message no. RSSBR063
Your input will be appreciated and points will be awarded for helpful answers to resolve this.
Thanks in advance,
Steve

Hi Steve,
All your roles which are depending on the specified authorization object should be free with AUTh.OBJ and then try to reomve the master data from the auth.obj and then delete the auth.obj, now it will allow you to delete the auth.obj
Regards
Sarath

Logoff web dynpro application / delete authorization

Hi,
I created an exit to url plug in my WDA window, I'm wondering is there a way to delete the user authorization when a user click on the logoff button?
Thanks,
Abdul

You can undeploy directly from NWDS.
'Windows->Show View->Other' menu, open the view 'Undeploy View'.
Select the component you want to undeploy on the right and move it (double click) to the right side. The blue ball icon starts the undeploy process.

Delete authorization for specific Company Code

All,
For a specific transactions, our users may only run the transaction for a specific company code. Transaction is TPM55A
What authorization object do I need to add to my role, so the users have only authorization for let's say Company code range 1000 - 1050.
Many thanx for help
kr,
Stef

Hi Stef,
Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
In the filed BUKRS you can maintain the company code as you required for the users.
I hope this may help you in resolving the issue.
Thanks
Karthick

Error! Check Activation and Can't Delete Authorization, getting "Please try after some time"

Hello,
I am getting "Error! Check Activation" error message when I try to download epub from acsm file. I found that I should erase and re-authorize. When I try to erase authorization I get, "Please try after some time."
I need a solution.
Thanks.

try this
I can't de authorize my computer. It just keeps saying to try again later.

Delete authorizations on unavailiable PC´s?

It seems as if I have authorized too many computers for my iphone, but the problem is that two of them are friends computors that I dont have access to anymore, and the rest are old work pc´s that are thrown away and formatted.
Now my iTunes wont let me authprize my new PC unless I deauthorize the old ones first......**** Catch 22 here, can someone help me?

See this... http://support.apple.com/kb/HT1420

HR infotype authorization

Dear all,
I am created role for example "A" which is authorizes to only creation of infotype for example 0002 in role "A" master data
Authorization level            w,R
Infotype                       0002
Personnel Area                 *
Employee Group                 *
Employee Subgroup              *
Subtype                        *
Organizational Key             *
but i am unable to understand how to give only infotype change and delete authorization to role "B"
please guide me and also what is the simple definition of ( what function in authorization in simple way )
S (write locked record; unlock if the last person to change the record is not the current user),
E (write locked record),
D ( change lock indicator )
Regards
Rayyan

Shahid,
There is not a way to seperate the Create/Change/Delete functionality on HR Infotypes for objects like P_ORGIN. Unfortuntally these are the limiation of SAP HR Security only using the "W" authorizaiton. At my client we had to build processes around this and ensure correct HR Master Data group was centralized for responsibity and authorizations as well as turned on audit logging for reporting.
Thanks,
Matt

Delete Button not appearing in cFolders

Hi All,
The user is allowed to upload the document in the cFolders. In the screen where the list of files uploaded is displayed, there are buttons like 'Create', 'Copy' etc. But here there is no option to delete the uploaded file.
Can any one suggest why the 'Delete' Button is not appearing.....
Thanks in Advance.
Regards,
Mary

Hi ,
Are you using custom roles?
Authorization to delete is missing.
Two ways you could get that :
1) authorization object CFX_OBJ should have activity 'delete' (06) in your profile
or else authorization object ACO_SUPER with activity 'Admin' ( not recommended)
2) Enable delete authorization via BBP_CFOLDER_BADI method col_authority_change
regards
Alok

ECC6: Authorizations for GOS

In ECC6, I should give two different levels authorization into generic object services Toolbox.
I have two type of users:
1. Administrator
2. Accountant
The Administrator should be able to create, edit, display and delete notes.
The Accountant should be able just to create and display notes.
Administrator users were given the S_OC_ROLE athorization object .
Accountant users were given the S_GOS_ATT authorization object, though this doesnu2019t work since the accountant users are still able to edit and delete notes.
My question is: how can I remove the edit and delete authorizations for accountant users?
Thanks,
Kind Regards

A concrete scenario I have to deal with:
The scope for all business partners and transactions should be limited to central Europe.
The relevant field for this authorization is the id (number range) respectively the business partner grouping.
- I would use ACE rules to filter the relevant business partners by their ID or grouping and relevant transactions by their account-assignment
- I would set up ACE rights to limit access for the actions read, write and delete
- to handle the create authorization, I have to define a PFCG role and limit access to certain CRM components
The user should be allowed to read Corporate Accounts,
to read, edit, create Contacts,
is not allowed to deal with Opportunities,
is allowed to create, read all activities and to read, edit, delete own activities (if he is the creator),
is not allowed to deal with any report or pipeline performance.
- ACE role/right to read Corporate Accounts
- PFCG role to restrict create access for the BP_HEAD component
- (ACE role/right to limit search results for opportunities)
- PFCG role to restrict create, search, overview access for the BT111M component
- Business role without Work Centers or Logical Links to opportunities
- ACE role to limit access to read activities
- ACE role to limit access to read, edit, delete activities which the user has created
- PFCG role to restrict access to all pipeline performance components
- remove PFCG roles for report access (e.g. SAP_CRM_OR_USER)

DMS: CV02N without delete original option...any Authorisation object exist?

Dear All,
I have a requirement that a person requires to link WBS element, PO item or PR item to some documents which he doesn't has no authorisation to create or change since those are not created by his Dept. but he wants to links them to his WBS lement or PR item.
So i was thinking of creating a role for him by giving a change mode athourization to those doc types but then he also gets the authorization to delete the original,
Which he should not get.
So is there any athuo. Obj. to control it or by any other method i can control it.
Suggestions welcome.

Hi Nishant,
Delete authorization comes automatically with change role.
So if you want this solution in SAP GUI then you have 2 options
1. Make a ZTABLE with User IDs whom you want to restrict deletion activity and maintain the same in the cv02n user exit. This will disable your delete button.
2. There is a BAPI i.e Document_Auth01 implement that and then remove the activity 52 from Auth Object C_DRAW_TCS. This will also restrict users from deleting originals.
Else if you also want this solution is Easy DMS then to make you aware both above changes will not have any affect on EASY DMS there you can achieve this via registry Entries or Via ACL's.
Hoe it answers your query.
Thanks Amulya

Authorization issues while acitvation of process chain

hi
No delete authorization for job BI_PROCESS_ATTRIBCHAN 16320601
I couldn't get it..
sachin

Hi Sachin,
Can you be more informative in regards the issue??
Regards
GPK

Authorization in UI

Hi Gurus,
I'm wondering how to delete authorization for users to create and delete the product catalog in User Interface.
I do it from PFCG and effectively in the GUI the user is not able to do it, but in the UI it is still able.
Is there maybe any buffer to refresh?
Thanks a lot,
regards,
A.

Hi Srini,
thanks for replay. Unfoprtunately you answer is not helpful. Infact I need my role to be able to display the product catalog. If I do as per your answer, on the Search option I have anyway the button "New" which allows the role to create a new Product Catalog. And this is not what I want...
Please help me...all the point for an helpful answer!
Thanks a lot,
regards,
A.

Limit to UIU authorization

Hello Experts,
I faced a issue recently where I am not able to include any more UIU_comp authorizations. The error that pop up is "All authorizations beyond the maximum number are ignored" . Is there a way where we can increase the limit of authorization objects in a given PFCG?
Thanks!
Neha

Hi Neha,
This problem usually happens due to bad role design. The error message
description is most likely the following:
Message no. 5@026
Diagnosis
The maximum number of 100 authorizations per object was exceeded.
System Response
All authorizations beyond the maximum number are ignored.
Procedure
Additional authorizations can only be included if you first delete a
corresponding number of existing authorizations. Note that deleting
authorizations with the status "Standard" or "Maintained" can lead to
the inclusion of new default authorizations at the next merging of the
authorization data. Avoid the maintenance associated with this by
removing only changed or manual authorizations.
Probably you have a role that has among other authorization objects,
more than 100 occurrances for authorization object UIU_COMP. This is
more than the recommended, as the system limit of 100. You can confirm
that by selecting the role in question and reviewing this object in
table AGR_1251.
So, in order to overcome the problem, all you have to do is to
approach your Security expert and ask for a redesign on this role. It
will be most likely needed to split your authorization data in more
than one role, to avoid trespassing the expected limit.
==================================================
Hoping that above is helpful.
Best regards - Christophe

Delete Authorizations in BW

Similar Messages

Maybe you are looking for