Display Authorization
Hi all
I have to configure the CMS for NWDI setup
Iwas unable to click the LANDSCAPE CONFIGURATOR,it is in disable mode
When i login usin my user id,having NWDI.admin role and NWDI.developer roleit is saying that this use is not havin the display authorizations.
What is this DISPLAY authorization
Plz help me out
thnx
madhu
have a look at the std documentation here --
http://help.sap.com/saphelp_nw04s/helpdata/en/da/f812d366aa44ad83a30418b34dae1c/frameset.htm
it talks about authorization on CMS
Thanks,
GLM
Similar Messages
-
Create Display Authorization Profile for SAP Transaction SPRO (IMG).
Dear All,
In my current implementation project there is an requirement to create display authorization profile for SPRO. I have tried a lot but was not able to do so.
Any one is having an experience in creating display profile for SPRO (IMG) ? If any one has worked on this issue then please guide me.
Thanks,
AvinashHi
This is security related question. I am not security expert.
But you can check this, Include the following authorization objects in the profile and assign this profile to the target user.
S_IMG_ACTV
S_PROJECT
S_PROJ_AUT
S_PRO_AUTH
and assign activity = 03 (Display).
Hoipe it helps.
regards
Srinivas -
Display Authorization for MASSD
Hi,
There is a requirement for giving a user only display authorizations for MASSD.
I've tried various combinations of objects, however have been unsuccessful so far..
Pls. help.
Thanks,
Saba.Hi Saba,
the proposals (values maintained in SU24) should save time to role administrators.
The developers maintain those values which make sense in their eyes. As example if they provide a transaction for creation of an item, they propably would maintain the activity 01, for a display transaction actvt=03 and so on. That will save time to admins, as they would not have to enter the values once more (compared to an empty field....). Of course, that proposals are still proposals only!
For complex transactions it makes sense, to have a proposal of which authorization objects are necessary to be able to execute that transaction.
Maybe you can remember the old procedure before pfcg had been invented - it was hard work first to identify all the objects checked with its values, then create the corresponding authorizations in SU03, then create the corr. profiles in SU02 and finally assign that profiles to users in SU01. That was really time consuming....
So the invention of pfcg opened a very comfortable and quick possibility for that tasks with a high range of automatism. Of course this automatism can only be as good as the values which are behind it. So having accurate SU24 settings help a lot.
So enjoy pfcg
b.rgds, Bernhard -
Role for display Authorizations
Hi All,
We need to know if thre are any standard Roles available by which i can have all Display authorizations in Production system.
Currently we have many Custom roles and this thisng is really messed up in our organization. So i have suggested to Standardized the role related issues and starting with MM, i would like to know if in production we can have access with all Disply rights for all relevant authorizations along with SPRO display. Can anyone suggest something on this?
Also if we need to create some "Z" or "Y" role; please suggest how we can achieve it.
thanks a lot in advance!
PrashantHi Prashanth,
First identify all the transactions which you want to have to give display authorization.
Go to PFCG--> Enter All transactions which everyou want to give authorization for display.
Save.
Go to Authorization tab check for objects vreated for relevant transactions and provide display as activity in those objects.
With Regards,
Vijaykumar P -
Display Authorization for webdynpro component
I have a requirement where , the source code has to be hidden . I have seen programs where it hides ABAP report but none for We dynpro. Is there a way to hide web dynpro code . Or is there any way to revoka even display authorization for the web dynpro components ? Please provide any suggestions.
Regards,
SriHi Srivijaya,
Go to application, parameters tab give WDDISABLEUSERPERSONALIZATION give value to 'X'. It will disable user personalization settings, user can't see any help regarding component.
Cheers,
Kris. -
Complaints Display Authorization
Hi Experts,
My requirement is to restrict complaints Transaction Types to search and Dispaly for certain users.
I tried restricting autorization object CRM_CMP and CRM_ORD_PR in the PFCG roles. In Autorization object CRM_ORD_PR, though I have given Activity as Display and in Transaction types the companis which I want to be displayed.
Despite all this in the Web UI it allows me to create complaints. More over I have given display authorization for 3 complaints where as it is pops up for all complaints transaction types.
Could please guide me, if I am missing any other authorization objects to be restricted??
Only complaints should be searched and display.
Regds...
ArupHi
check all the PFCG roles if your user has multilple roles assigned and make sure that SAP_ALL and SAP_NEW profiles are not assigned to your user.
Regards,
S Reddy -
Display authorization for all modules Including Basis.
Hi All,
Is there any Role or profile for display authorization for sap modules .
Regards,
Eswar.Dear,
That ROLE will be SAP_ALL_DISPLAY
"what is to be done"
just assign the role to the display user via SU01
Hope this help!
Also refer this ,
DISPLAY ONLY AUTHORIZATION
Regards,
R.Brahmankar -
WEB UI- only Display authorization for LEADS to users
Hi Gurus,
I have a requirement like i need to give only display authorizations for users to leads.
I have created a new business role and assigned only search links. but in that search link we have Create New option. How i need to disable this.
Users needs only display authorizations for Leads.
Waiting for reply...
Regards,
Ajay.Hi Ajay,
First of all, It is possible to disable the New button on the Search page without any code change. There is an SPRO setting which is to be done in order to achieve this.
You might have created a new z navbar profile as you have created a new business role as per your business requirement.
Lets take an example, you want to disable the New button on Contact Search Page. follow these steps:
1.Go To T. code /ncrmc_ui_nblinks
2. Select the Z navbar profile you have created for your business role
3. Double Click on "Define Generic OP Mapping" in left hand side
4. Select Object Type as BP_CONTACT and remove the Following entry
BP_CONTACT D Create MD-BPCP-CR MD-CONP-SR
Please note the Obj. Action here D Create, if you remove this entry it means you are disabling the Create Action for this business role for object Contact.
Hope this will help you.
Regards
Ajay -
Display authorization for resource planning missing
Hi,
while open the Resource planner with log in service manager.it is showing following error
Display authorization for resource planning missing
i am not getting this error why it is showing.any one help me to solve this issue
Thanks & Regards
Kishore KumarMaintain the authorization Objects for the PFCG role assigned to the user
Authorization Object
Description
Authorization Field
Value
Value: System
Relevance
WFDS_RPA
Authorization Object Transaction
ACTVT
3
WFD server
Service resource planning application (RPA)
WFDS_RPA
Authorization Object Transaction
ACTVT
2
WFD server
RPA
B_BUPA_GRP
Business Partner: Authorization Groups
ACTVT
3
SAP CRM
RPA
Appointment scheduling
B_BUPA_RLT
Business Partner: BP Roles
ACTVT
3
SAP CRM
RPA
Appointment scheduling
B_BUPA_RLT
Business Partner: BP Roles
ACTVT
3
SAP CRM
RPA
Appointment scheduling
WFDS_JFUNC
Authorization Object Resource (Type of WFD Resource)
WFDS_RTYPE
WFD server
RPA
Appointment scheduling
WFDS_JFUNC
Authorization Object Resource (Job Function)
WFDS_JFUNC
WFD server
RPA
Appointment scheduling
WFDS_JFUNC
Authorization Object Resource (Job Level)
WFDS_JLEVE
WFD server
RPA
Appointment scheduling
WFDS_SAREA
Authorization Object Resource (Type of WFD Resource)
WFDS_RTYPE
WFD server
RPA
Appointment scheduling
WFDS_SAREA
Authorization Object Resource (Service Area)
WFDS_SAREA
WFD server
RPA
Appointment scheduling
S_TCODE
Transaction Code
TCD
/SAPAPO/LRP_ACCESS
WFD server
RPA
Appointment scheduling
UIU_COMP
Authorization UI
COMP_NAME
WCC_SRV_RPA
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_WIN
WCC_SRV_RPA/MainWindow
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_PLUG
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_NAME
WFDRPA
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_WIN
MainWindow
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_PLUG
DEFAULT
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_NAME
WFDRPA
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_PLUG
DEFAULT
SAP CRM
RPA
UIU_COMP
Authorization UI
COMP_WIN
WFDRPA/MainWindow
SAP CRM
RPA -
Roles for only display authorizations
Hi Experts,
Can any one suggest me how to creat the role only for display authorizations for basis.
Is any standard role like this? if it is please let me know.
Thanks & Regards.
Reddy Vn k wrote:>
> Hi,
>
> just give the tcodes required with the display activity, that is 03.
I consider that to be dangerous advice because it assumes that activities are checked in all transactions. -
Hi Gurus,
I need to give display authorization of SPRO(including all the nodes)
How should i do this ?
Thanks and regards
Tushar PathakYou might want to try a search for "SPRO Display" first...
I vaguely remember about 100 threads about the same topic...
Cheers,
Julius
ps: Feel free to delete this thread if you find the answer via the search. -
Display Authorization to PE01,PE02,PE03,PE04 and PE50
Hi Experts,
We have requirement to have display authorization only to PE01,PE02,PE03,PE04 and PE50 transactions. Is it possible? Is their any alternative transactions which would provide that access?
Would really apprecaite kind guidance on the same.
Thanks in advance.
Thanks,
AashishHi,
When I check in the objects behind this transactions only three objects found.
P_PCLX (HR: Clusters). Only this object has maintainance functionality. Read more about this object in
http://help.sap.com/saphelp_47x200/helpdata/en/98/b7b83b5b831f3be10000000a114084/content.htm
If you just set the filed AUTHC to R and test it. The display possibility might be okay. You can also perform trace and see if this transactions are using any other HR objects and set only display access on them as well.
and other two objects are S_TCODE and P_TCODE. Which are used to call the transactions.
Regards,
Gowrinadh -
Customer Master Data and Line Items Balances Display - Authorization Group
One autorization group was created and assigned to some customer masters in General, Company Code and Sales Area's.
User is restricted to one authorization group. When executing FBL5N, all customer balances are displayed i.e. including blank authorization group customer. It is not restricted to authorization group customer! Why?Kindly check the authorization objects assigned in the user profile. You may ask your basis to help you with the authorization.
-
Difference between Change Authorization Data / Display Authorization Data
Hello,
My question is wrt to implementation of "principle of treble control" i.e three SAP administrators i.e.
1. Authorization data administrator
2. Authorization profile administrator
3. User Administrator
I have created a role & added a transaction to it e.g. "FAGLL03" or "FF67".
No authorization data is displayed in the authorization tab unless I enter authorization tab with change button and provide inputs for org level field & generate profile. Even when I save the profile with the proposed name, it status still says "No authorization data exists". Since no authorization data is available, administrator 2 is unable to generate profile. If administrator 1 has to generate profile then why is administrator 2 required.
Definition of Administrator 1 is:
The authorization data administrator creates the roles, selects transactions and
maintains the authorization data. He or she simply saves the data in the Profile
Generator since he does not have the necessary authorization for generating the
profile. He or she accepts the proposed profile name T-.... The authorization data
administrator may not change users, nor generate profiles.
Definition of Administrator 2 is:
The authorization profile administrator starts transaction SUPC and chooses All
Roles. He or she then restricts his selection, for example by entering the ID of the
role to be edited. On the next screen, he or she chooses Display Profile to check
the data. If all the data is correct, he or she generates the authorization profile. The
authorization profile administrator may not change users, change the data for roles,
nor generate profiles containing authorization objects beginning with S_USER*.
Thanks.Hasan Saeed Khan wrote:
Actually I started off my question with the "implementation of treble control" that SAP course AD940 suggests.
I had never heard of this treble control and the added value of splitting rolebuilding and profile generation doesn't make much sense to me but that's my personal opinion.
On the technical side of things: in your first post you state "No authorization data is displayed in the authorization tab unless I enter authorization tab with change button and provide inputs for org level field & generate profile."
It is also possible to change the data and save this but not generate the profile yet. I just tried this by doing the following:
Create role
Add transactions to menu
Edit profile, org levels & authroization data.
Hit 'save'.
Accept proposed profile name.
Go back to PFCG main screen and ignore message of profile not being generated. (Click 'continue')
And this leaves me with a role with yellow traffic light on the authorization tab an the profile status is: "Current version not generated"
So it should be possible to maintain roles and profiles separately. -
Display authorization for particular line of table
Hi Experts,
I have a Z table contains sales area data. I want to display those records only which user has authorization for the sales area. It is possible through the table maintenance event or there is any other way to achieve this.
Quick response will be appreciated.
Thanks in advance for your sincere help.
Cheers,
AnilHi Anil,
Yes,Its possible through table maintainance event itself.
Only thing u need to do is check for the sales area the user is authorized..using
FM: SUSR_USER_AUTH_FOR_OBJ_GET
SEL_OBJECT:- CRM_ORD_OE.
Hope it helps!!
Regards,
PePe
Maybe you are looking for
-
I updated my iphone 4s on my computer - I lost a lot of pictures - it gave me messages that I had sent back in June and now it wont allow me to play any of my itunes on my phone - any got any solutions to what I should do? HELP
-
Problem:Excise invoice and ARE-1
Hi Friends, Please help me... thanks in advance... Below are the details for Exports Scenario. Customer 123 is from US. Company ABC is in India. In Sales Order,Pricing details C.type Name Amount Currcy Per U Cond.Value Currcy PR00 Price
-
ITunes freezes when syncing my iPad
Everytime I plug in my iPad 2 into iTunes, it starts the automatic sync, but when it starts "backing up" it only get like 5% progress and then the progress bar freezes. The rest of iTunes still works, I can listen to my music, browse my playslits, do
-
I have attach a vi that open .lvm file whenever i pressed the open button. The problem is when i try to reopen while still in the while loop, it can't open a new file and blank the graph. What is my problem of my VI? Thanks. Attachments: Temp.vi 231
-
Don't permit release maintenance orders after Period-End CO
Hello. Is there a standard way in SAP to don't permit the creation or release of maintenance orders after a Period-End CO is established? We had a case the last month when an user created an order after a specific hour and it caused an incongruity in