DMS - view authorization control

Similar Messages

• Authorization Control for Quick Viewer

  Hi,
  I have create a quick viewer using table join and I notice that the authorization when I execute the program is only at table authorization level.
  Question: Is quick viewer authorization be down to the field level. For example, if I join MKPF and MSEG and RESB to view stock movement with reservation information. Can quick viewer check the plant authorization object (M_MSEG_WMB) to make sure that the person execute the report is only able to view his/her own data?
  Regards,
  Norman

  It's not an ABAP question. You might want to ask your Basis/Security consultant or move the question to the corresponding forum.

• Authorization control for cost analysis/itemization view

  Hi Experts,
  Can we control the access to cost analysis/itemization report  in CO03 by authorization control ?
  Thanks

  Hi,
  Most probably it may not be possible.
  moreover, Why do you want this? Cost analysis will be in display mode only. Infact it benefits the user. They can analyse and correct the master if required.
  Think once again before making control. Because, everytime people has to come to authorised person to see the cost difference, which will disturb the authorised person.
  This is my personal opinion.
  Madhava

• Authorization control for document status

  Dear All,
  I want to control the status change of Documets created,
  How can i achieve this, so that a perticular user /ID can change the perticular status,
  I have ,
  01
  02,
  03,
  04, Rel.
  05,
  Do i need to put some trace anf find Objects to control...
  or there is any standard method to do this..
  Please guide me..
  Regards
  Raghu

  Hi Raghu,
  Here are DMS authorizatoins objects. For handle status it should be C_DRAW_STA
  C_DRAD_OBJ          Create/Change/Display/Delete Object Link                         
  C_DRAW_BGR          Authorization for authorization groups                         
  C_DRAW_DOK          Authorization for document access                         
  C_DRAW_MUP          Authorization for Markups                         
  C_DRAW_STA          Authorization for document status                         
  C_DRAW_TCD          Authorization for document activities                         
  C_DRAW_TCS          Status-Dependent Authorizations for Documents                         
  C_DRZA_TCD          Document Distribution: Authorization for Recipient Lists                         
  C_DRZI_TCD          Document Distribution: Authorization for Distribution Order                         
  S_ECL_CAT          ECL Viewer: Authorization Object for Stamp Categories                         
  S_ECL_STP          ECL Viewer: Authorization Object for Printing with Meta Data                         
  S_ECL_STP2          ECL Viewer: Authorization Object for Printing with Meta Data                         
  Hope that it will help you
  //Håkan

• Authorization control for batch master

  Hello Experts,
  I have a special requirement from client on authorization control on batch master. The requirement is user should not be allowed to change the batch header details but allow to change selected characteristic values. For e.g If I have a batch A, the header values such as prod date, country of orgin etc should not be allowed to change. In classification view few characteristics only should be editable, rest all should only be displayed.
  Is there any option to do this. Either through authorization control or exits. We dont want to create a custom transaction to achieve this.
  Thanks in advance
  Prathib

  Hello
  The following document explains how to check which authorization objects are called on each transaction:
  How to analyze authorization issues in debug
  BR
  Caetano

• Authorization control- WBS specific

  Hi Experts
  My client handles major projects.
  Each WBS is owned by a management personnel like:
  DGM Mehanical: Mechanical activities
  DGM Electrical: Electrical engg activities
  DGM Civil: Civil engg activities
  Like wise various other responsible teams handle each work package (WBS).
  In this context, can we ensure authorization control WBS wise?
  It means, the WBS owned by Mech DGM should be editble to him only, and rest users should not be allowed for editing the sub objects of Mech WBS?
  Or, if this can be managed using user status, please suggest how the required functionality can be achieved.
  warm regards
  ramSiva

  Hi,
  You can use Person Resposible field in the WBS master data for the purpose.
  In T-code OPS6 you enter Person Responbile , Name , Office User.
  Create Three roles , DGM Civil (12), DGM Elec (13) , DGM Mech (14).
  For Authorization object C_PRPS_VNR enter for field PS_VERNR = 12 and PS_ACTVT = 01,02 & 03 for DGM Civil Role.
  Similarly for other roles.
  Key in 12 in person responsible field of the WBS belongs to DGM Civil.
  Assign DGM Civil role to DGM Civil user.
  Then he can only edit and ret can only view.
  Option 2 :
  You can also use Project Type.
  Object = C_PRPS_ART
  Create three project types Civil, Elec, Mec . In respective WBS select the project type as desired and assign that project type to the concerned role.
  You can take help of Basis consultant for clear understanding.
  Thanks
  Saikishore.Ganga

• Where can I find manual Crystal 11.0 viewer activex control for download?

  Hello,
  Where can I find manual Crystal 11.0 viewer activex control for download?
  I'm having a heck of a time installing the control on a client machine.
  Thanks,
  -Drew
  Moved to Crystal Forums Edited by: Marilyn Pratt on Apr 20, 2010 1:58 AM

  The ActiveXViewer is not downloadable from our SAP site. The file is hosted on your web server, and also installed on the system where you have Crystal Reports XI installed.
  Look here, C:Program FilesBusiness ObjectsCommon3.0crystalreportviewers11ActiveXControls for ActiveXViewer.cab. Extract the contents and right click crviewer.inf, then select Install.
  Also see knowledge base article 1218519 here, http://www.sdn.sap.com/irj/sdn/crystal-xcelsius-notes.

• MD61 -Authorization control for Version , requirements type -reg

  Hi,
  We have an issue in providing MD61 -Create Planned Independent Requirements to the users
  By standard authorization objects available , Plant level authorization control only is there
  if we have to give authorization for many users in the same plant based on teh VERSION , REQUIREMENTS TYPE  etc... is it not possible ?
  can the authorizations objects be created manually for these and assign to teh concerned user's roles ?
  please provide your thoughts
  regards,
  madhukiran.

  Dear Madhu,
  Authorization objects can be added for an individual T Code also in SU24.
  Check with your Basis consultant,Also i think its possible to give the authorization for versions as well
  as requirement type also.
  Regards
  Mangalraj.S

• Authorization control for Z fields

  Hi all,
  We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
  Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
  Regards,
  Krishna.
  SAP SD Techno Functional.

  Hi all,
  We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
  Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
  Regards,
  Krishna.
  SAP SD Techno Functional.

• Authorization control for actual price calculation

  Dear all,
  I found that there is no authorization control for actual price calculation(KSII), this means user can calculate actual price for all cost centers, even this cost center belongs to other company. Is there a way to control this?
  Thanks,
  Ben

  Hi Ben,
  By SAP standard we do not have the control.  we also have the same situation.  We are venturing in to Realisation phase and we decided to have some kind of program (development) to control this.
  Please let me know if you find some better solution
  Best Regards
  Surya

• Authorization control in Web Dynpro

  Dear experts,
  I have a question about setting authorization in Web Dynpro.  For example, how can I control if a button can be pressed or what kinds of data should be displayed based on user role in UME. 
  Moreover, if I have security settings declared in EJB (ejb-jar.xml). Then I use this EJB in Web Dynpro.  Can the UME role be passed to the EJB, i.e. the security setting in EJB still valid?  Thanks.
  Best regards,
  Ken

  Hi
    I have created a webdynpro component that interacts with SAP. I have done the authorization control through SLD. Well for individual elements of a webdynpro application i dont know if it is possible to restrict through authorization control.Maybe its something that needs to be worked upon.
  thanks
  ravi

• BOM authorization controls -reg

  Friends ,
  we use only BOM with usage 1 -production BOM , we dont want to maintain many BOMs like engineering bom ,design bom ,production bom like that seperately.
  in this context we require some authorization control to control the users for BOM changes for
  BOM during new product developmental stage
  BOM once mass production kicks
  we want certain people only authorised to create or change BOM at new product development stage (precisely at R&D personnel )
  once it goes to mass production we dont want the R&D personnel control on it we would like to authorize operations personnel to take owership of it 
  is this can be done ? which object i have to use to differentiate between BOM at new product stage and mass production stage
  once it changes from new product stage to mass production stage some where we have to maintain this object and contro, through this
  please help at the earliest
  thanks
  madhu kiran

  Hi Madhu,
  The authorization objects checked for BOM, Inform your basis personnel to use them to authorize as per your business need.
  C_STUE_BER     CS BOM Authorizations     
  C_STUE_NOH     CS Authorization to process BOMs without a change number     
  C_STUE_WRK     CS BOM Plant (Plant Assignments)
  C_AENR_BGR          CC Change Master - Authorization Group
  C_AENR_ERW     CC Eng. Chg. Mgmt. Enhanced Authorization
  C_AENR_RV1     CC Engineering change mgmt - revision level for materials
  C_DRAD_OBJ     Create/Change/Display/Delete Object Link     
  C_TCLA_BKA     Authorization for Class Types
  Hope the above answers your query.
  Regards,
  Vivek

• Hidden Report Viewer Confiugration Error on aspx pages that use report viewer web control

  I try to fix the problem. The error below is embedded on aspx pages that use report viewer web control. Please note that the div element is hidden, and the reportviewer is displaying correct contents.
  Div element hidden on aspx page
  <div id="ReportViewer1_HttpHandlerMissingErrorMessage" style="border-color:Red;border-width:2px;border-style:Solid;padding:10px;display:none;font-size:.85em;">
  <h2>
  Report Viewer Configuration Error
  </h2><p>The Report Viewer Web Control HTTP Handler has not been registered in the application's web.config file. Add &lt;add verb="*" path="Reserved.ReportViewerWebControl.axd" type = "Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /&gt; to the system.web/httpHandlers section of the web.config file, or add &lt;add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /&gt; to the system.webServer/handlers section for Internet Information Services 7 or later.</p>
  </div>
  I tried adding the two elements to web.config, but to no avail.
  Add below to system.web/httpHandlers
  <add verb="*" path="Reserved.ReportViewerWebControl.axd" type = "Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  or add below to system.webServer/handlers for Internet Information Services 7 or later.
  <add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  The required assemblies below are installed under C:\Windows\assembly folder. I have installed both Microsoft ReportViewer 2010 Redistributable, and 2008 SP1.
  Microsoft.ReportViewer.WebForms, version 10
  Microsoft.ReportViewer.Common, version 10
  Below is the whole web.config:
  <?xml version="1.0" encoding="utf-8"?>
  <!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
  <configuration>
  <connectionStrings>
  <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient" />
  </connectionStrings>
  <appSettings>
  <add key="car" value="myCar" />
  <!--<add key="ReportViewerServerConnection" value="WebForm.Lab.ReportConnection, WebForm" />-->
  </appSettings>
  <system.web>
  <httpHandlers>
  <add verb = "*" path = "Reserved.ReportViewerWebControl.axd" type = "Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  <!--<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" validate="false" />-->
  </httpHandlers>
  <compilation debug="true" targetFramework="4.0">
  <assemblies>
  <add assembly="Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
  <add assembly="Microsoft.ReportViewer.Common, Version=10.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
  <add assembly="Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
  <add assembly="System.Management, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
  </assemblies>
  <buildProviders>
  <add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  </buildProviders>
  </compilation>
  <authentication mode="Forms">
  <forms loginUrl="~/Account/Login.aspx" timeout="2880" />
  </authentication>
  <membership>
  <providers>
  <clear />
  <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
  </providers>
  </membership>
  <profile>
  <providers>
  <clear />
  <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
  </providers>
  </profile>
  <roleManager enabled="false">
  <providers>
  <clear />
  <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
  <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
  </providers>
  </roleManager>
  <pages>
  <controls>
  <add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
  </controls>
  </pages>
  </system.web>
  <system.webServer>
  <modules runAllManagedModulesForAllRequests="true" />
  <validation validateIntegratedModeConfiguration="false" />
  <handlers>
  <add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  </handlers>
  <httpProtocol>
  <customHeaders>
  <remove name="X-Powered-By" />
  </customHeaders>
  </httpProtocol>
  </system.webServer>
  <system.serviceModel>
  <bindings>
  <basicHttpBinding>
  <binding name="WebService1Soap" />
  </basicHttpBinding>
  </bindings>
  <client>
  <endpoint address="http://localhost:58269/WebService1.asmx" binding="basicHttpBinding"
  bindingConfiguration="WebService1Soap" contract="ServiceReference1.WebService1Soap"
  name="WebService1Soap" />
  </client>
  </system.serviceModel>
  </configuration>
  Any idea?
  Update:
  IIS is7.5, AppPool is Integrated.
  I have tried below, none of them works:
  1) Add it only to system.web\httpHanders. Changed AppPool to classic, still got hidden error.
  2) Add it only to system.webServer\handlers. Integrated mode,still got hidden error.
  3) Add both to both element. Integrated mode, still got hidden error.

  Hi Kingofwebguru,
  According to your description, when you use reportviewer control, you got the error message: The Report Viewer Web Control HTTP Handler has not been registered in the application's web.config file.
  To troubleshoot the problem, please refer to the following steps:
  Click Start, click Run, then type InetMgr.exe and click OK.
  Click plus sign next to server name to expand it.
  Click Application Pools in left pane.
  In Application Pools list, click DefaultAppPool.
  In the Actions pane, in Edit Application Pool section, click Edit Settings to check the Pipeline mode.
  Configuration settings for the HTTP handlers are specified in the system.web/httpHandlers element and the system.webServer/handlers element. of your application Web.config file. The handler specified in system.web/httpHandler is used by Internet Information
  Services (IIS) 6.0 or IIS 7.0 in Classic mode, whereas the handler specified in system.webServer/handlers is used by IIS 7.0 in Integrated mode. To use IIS 7.0 in Integrated mode, you must remove the HTTP handler in system.web/httpHandlers. Otherwise, IIS
  will not run the application, but will display an error message instead.
  For more information about Web.config Settings for ReportViewer, please refer to the following document:
  http://msdn.microsoft.com/en-us/library/ms251661.aspx
  If you have any more questions, please feel free to ask.
  Thanks,
  Wendy Fu
  If you have any feedback on our support, please click
  here.
  Wendy Fu
  TechNet Community Support

• After upgrade from TFS 2010 users cannot view source control

  I recently did a in place of upgrade of TFS 2010 to TFS 2013.   All of my users permissions stayed in tact. The users (contributors) cannot view any of the source control in either in VS 2010 or 2013.  Since I am the administrator I
  see everything and have no issue.   Is there something that did not get brought over in the upgrade?

  Hi Rrenn49, 
  Thanks for your post.
  You upgraded to TFS 2013 Update 4?  There’s no any issue or warning during upgrade process? 
  What’s the detailed message they received when the contributors try to view source control files?
  Please manually check the contributors group’s permissions on your TFS Source Control.
  If you add a new user into your contributors group, this new user can access TFS Source Control correctly?
  If you have any further research of this issue, please share your experience here.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Authorization control based on responsible persons

  Hi Experts
  My project structure is operated by several users.
  To have a control on each WBS (based on responsible person) i have set up authorization control for auth object C_PRPS_VNR.
  I have acheived control on WBS elements.
  However, the activities and network are still editable.
  Please suggest the auth control for the wbs and resp NWAs based on resp person.
  warm regards
  ramSiva

  Hi Ram Siva,
  If you are using individual Network header for different WBS element,you can use MRP controller field in the assignment tab page of Network heade for this authorisation.You can create the equal number of Person responsible as MRP controller and control the authorisation.