Function Authorization: EFB
What is the lowest level determinant of purchase requisition field selection keys?
Does the release strategy field selection key trump the function authorization: EFB field selection key?
Hi,
Yes, this is feasible. What you should do is to define different field selection groups (with different field statuses) in OMF2 transaction (or IMG ---> Material Management ---> Purchasing --> Purchase Requisition ---> Define Screen Layout at Document Level in case your system version is higher than 4.6C). Define different purchasing authorization keys in OMET transaction and assign different field selection groups to each and every authorization keys. Lastly, assign these keys to different groups of users with related parameter EFB.
Cheers,
HT
Similar Messages
-
Price Not Copied from PR to PO with EFB parameter (Function Authorization)
Dear All,
We are doing upgrade of our system from SAP 4.7 to ERP 6.0 system.
I am using the configuration at following path to copy price from PR to PO.
SPRO: Materials Management > Purchasing > Authorization Management > Define Function Authorizations for Buyers > Function Authorizations: Purchase Order > I have created Function Authorization > Tab > General Parameters > Adopt PO Price.
Well, the same functionality works in SAP 4.7 system, but it doesnot work in ERP 6.0 system.
Can you please help me?
Kind Regards,
Prakash
Edited by: Prakash Ayer on Mar 31, 2009 4:05 PMIf you have implmented the functionality as given in OSS note: 393337. Then the price is copied from PR to PO.
I am referring to below functionality:
Contents form OSS note: 393337.
Customizing was not set to be able to adopt the price.
Field EBAN-BPUEB is therefore equal value ' ' at the time the purchase
requisition is used to generate a Purchase Order.
Solution
Change customizing accordingly:
Function Authorizations are set up up in the IMG:
Material Management -> Purchasing -> Authorization management ->
Define Function Authorization for Buyers.
In here choose: "Function Authorizations: Purchase order"
In here you may specify a number of Function Authorization keys.
For each key, you may set rights for the key.
The field in question is "Order price adoption" (T160D-EBPUEB) which
must be ticked.
Then back out and now choose "Maintain Users".
In here choose tab "Parameters" and enter parameter ID "EFB" along
with the value equal to the key you just maintained.
(Remember to use Capitals when entering the key value)
In ME51N in the item detail screen, tab "Valuation", the field
"PO price" will now be visible and can be maintained via a dropdown.
The field will have following possible values:
- "Do not adopt"
SAP Note Nr. 393367 01.04.2009 Page 1
- "As gross price" and
- "As net price"
equivalent to the values ' ', '1' and '2' in field EBAN-BPUEB.
When '1' or '2' a price will be transferred to the Purchase Order when
the purchase requisition is referenced.
Can you please me?
Thanks and Regards,
Prakash
Edited by: Prakash Ayer on Apr 1, 2009 4:50 PM -
Functional authorization "switch"
Hi,
We have requirement to restrict PO creation with custom logic per user group for one doc.type
I was thinking to have two different functional authorization keys (configured in OMET) and then use BAdI to "switch" the used authorization under certain conditions between restricted and non-restricted.
Does anyone of you know, nice way to switch initial value picked from user parameter "EFB" to another value?
First I was thinking to use ME_PO_PROCESS_CUST method FIELDSELECTION_ITEM_REFKEYS and set new value but I do not see that it is possible to restrict the transaction same way as with functional authorization.
Please do not post copy/paste trivial answers..
br, JanneJanne,
Why do you not use auth object M_BANF_BSA ACTVT=01;BSART= Document type for which you want to give authorization? Have a look at note: 751129 - Authorizations in Enjoy Transactions in Purchasing
If you are leaning towards development because your custom logic is so complicated, BADI ME_PROCESS_PO_CUST should be sufficient. Post in the ABAP Development forum and someone can help you better. -
Function authorize in packages for web applications in Oracle XE
Hello,
i have created a simple test package as follows:
PACKAGE TEST IS
function authorize return boolean;
procedure test;
END;
PACKAGE BODY TEST is
FUNCTION authorize return boolean is
BEGIN
if OWA_SEC.GET_USER_ID = 'test' then
return true;
else
return false;
end if;
END;
PROCEDURE test is
BEGIN
htp.prn('Hello World!');
END;
END;
i have also cerated a DAD with this command:
DBMS_EPG.CREATE_DAD (' test ', '/test/*');
i want to run this link in my web browser: http://127.0.0.1:8080/test/test.test
When i use a real database user then the function test works ok.
But i want to make it work with the user name "test" throw the function authorize.
In my opinion i am creating a DAD in a wrong way. Can anybody help me?
Thanks in advance for your help.Hi,
AFAIK, there is no official document which states that "Oracle Functional Testing for Web Applications" is certified with Oracle E-Business Suite 11i/R12. I assume it should work with Forms 10g but not with Forms 6i, so it should work (does not mean it is certified) with R12.
I would suggest you log a SR and confirm this with Oracle Support.
Regards,
Hussein -
Enhanced Approval Procedure Functions- authorization issue
Dear Expert,
I have activated the enhances approval procedure function as per below screen shot:
Granted authorization as mention in New ChaRM Feature with SP 10: Enhanced Approval Procedure Functions by Michael. With SM_APP_AP with 02, 22 and 75.
But the Request for change procedure selection and approval steps was disabled
The requestor able to change the approval procedure and approval steps only if i granted the user with 70 (administer).
Please help as i want the requestor to be able to select the approval procedure and approval steps but not approving the CR. Im following the chart below but seem like is not working.
Role
SAP standard roles
Activity for
Change Manager
SAP_CM_SMAN_CHANGE_MANAGER
37 (approve) approval step, 75 (delete approval step), 22 (add approval step), 02 (change approval procedure assignment)
Potential Approvers
SAP_CM_SMAN_DEVELOPER
SAP_CM_SMAN_OPERATOR
SAP_CM_SMAN_TESTER
37 (delivered inactive)
Power User, Administrator
SAP_CM_SMAN_ADMINISTRATOR
70 (administer), 37 (approve) approval step, 75 (delete approval step), 22 (add approval step), 02 (change approval procedure assignment)
Thanks
Regards,
JunnieHi Jansi,
I have added activity 22 (add approval step) and 02 (change approval procedure assignment) but the approval procesure and approval step are disabled and not allow the requestor to select /add/ male changes.
So im not sure which part is going wrong.
Thanks
Regards,
Junnie -
Hello!
I have faced following requirement:
Price should be adapted from condition record for material. Purchasing Price in purchase order can't be changed. To ensure this I have set in condition record field Manual Entries -D - Not possible to process manually. But still i can change price in PO item. When I make settings in screen layout for PO (making price field "Display"), the field is not available for changes, but in this case it is not possible to set/change price for all PO types, but in case of return PO I need to have possibility set particular price from particular batch, not taking price from condition record.
Is there a way to set screen layout control on PO document type level?
Is there other way to forbid price change in PO without closing field on screen layout level?
Thanx in advance!
BruckeYou can set up separate field selections for different purchasing documents depending
on the document type and document category. For this purpose, you assign a field
selection key to the document type for which the field attributes are defined.
Other options are using
Field selection key based on Item category.
In addition, you can also control the field selection depending on the user parameter
EFB (for purchasing function authorization). You can assign a Function Authorization
(EFB) field selection key to the different keys for this parameter. This field selection
key is for controlling the authorization for the price display or entry in the purchasing
documents (purchase orders, outline agreements). If the user parameter EFB (function authorization in purchasing) has been assigned to a user, this field selection key is also
used. If the authorization for the price display is removed using the EFB parameter
without an additional field selection key having been defined, then the field selection
key $$$$ is used. In addition, this user parameter can be used to assign an additional
field selection key especially for the field selection of the single-screen transactions
for maintaining the purchase requisitions.
Hope it helps.
Best Regards -
User based authorization to create Purchase Orders out of Purchase Req.?
Hello,
I have the following requiment for my client:
User based authorization to create Purchase Orders out of Purchase Req.?
I am told the same can be achieved using same standard menu path in IMG/Customizing.
Please advise with the menu path and detials, Usefull answers will be rewarded.
ThanksUsing OMET Function Authorization, you can restrict users to create Purchase orders without Purchase Reqn.
Using OMET trxn code Create one Function Authorixation Called pr and in General Parameters tab Select the Field Selection and in Possible reference Objects Tab Mark the With ref to Prs check box and save.
Next, you've got to associate via SU01
Click Parameters, insert a new parameter id EFB to the authorization code.
Type in Parameters value you want e.g. XX
You have to assign the control for ALL the SAP buyers via thier SAP users id.
Logoff and login again. Then try to create a Purchase Order without a reference.
From Next time whenever you try to create with out referring PR it will not allow you to Save PO.
Regards,
Ashok -
Hi,
We have a requirement that service order (SV document class) can not be create with a purchase requisition but in PO (NB document class) is mandatory. In SPRO we set the EFB parameters for selection field NBF (is used for PO, not for service order), and for service order we created SVF as selection field but we dont set any configuration for EFB parameters. When user (who have the EFB parameters in SU01) create a service order in me21n an error message for restriction appears, this message is about authorisation settings.
I want to know why me21n shows this message if settings for selection field SVF in SPRO dont exist.
Thanks,
Lili.Hi Lili,
Paramater EFB is Function Authorization for Purchase Orders.
Use OMET you create your Function Auth and assign it to users against parameter EFB. That's why you are getting this error for authorisation.
If you dont want this error message , remove the parameter EFB using SU01 or SU3
Regards
Rajesh
Do reward if useful. -
Purchasing - Alternate to EFB parameter for authority chec
Hi Folks,
I need to restrict the user from entering Purchasing conditions via Me22n. Normally this is achieved by maintaining user parameter EFB in SU3, but this can be deleted by the user. Please suggest an alternate solution if you have done this before.
Thank you for your time.
~SangarIf you have implmented the functionality as given in OSS note: 393337. Then the price is copied from PR to PO.
I am referring to below functionality:
Contents form OSS note: 393337.
Customizing was not set to be able to adopt the price.
Field EBAN-BPUEB is therefore equal value ' ' at the time the purchase
requisition is used to generate a Purchase Order.
Solution
Change customizing accordingly:
Function Authorizations are set up up in the IMG:
Material Management -> Purchasing -> Authorization management ->
Define Function Authorization for Buyers.
In here choose: "Function Authorizations: Purchase order"
In here you may specify a number of Function Authorization keys.
For each key, you may set rights for the key.
The field in question is "Order price adoption" (T160D-EBPUEB) which
must be ticked.
Then back out and now choose "Maintain Users".
In here choose tab "Parameters" and enter parameter ID "EFB" along
with the value equal to the key you just maintained.
(Remember to use Capitals when entering the key value)
In ME51N in the item detail screen, tab "Valuation", the field
"PO price" will now be visible and can be maintained via a dropdown.
The field will have following possible values:
- "Do not adopt"
SAP Note Nr. 393367 01.04.2009 Page 1
- "As gross price" and
- "As net price"
equivalent to the values ' ', '1' and '2' in field EBAN-BPUEB.
When '1' or '2' a price will be transferred to the Purchase Order when
the purchase requisition is referenced.
Can you please me?
Thanks and Regards,
Prakash
Edited by: Prakash Ayer on Apr 1, 2009 4:50 PM -
Action are not occurred in Function
Hi,
We are implementing GRC 5.3 and uploaded text files for
Business process
Function
Function Authorization
Rule set
Risk
But when we are opening Function it show blank for action fileld as below
And getting error like u201Ccom.virsa.cc.rulearchitect.dao.DAOException: ResourceException in method ConnectionFactoryImpl.getConnection(): com.sap.engine.services.dbpool.exceptions.BaseResourceException: SQLException thrown by the physical connection: com.sap.sql.log.OpenSQLException: Error while accessing secure store: File "
GCPLGRC\sapmnt\GRC\SYS\global\security\data\SecStore.properties" does not exist although it should.u201D
I have checked and found file SecStore.properties exist in mentioned location.
What could be the reason for error.
Thanks,
DigambarHello All,
Please help on the issue.
We are also getting the same issue , but when we check following location
GCPLGRC\sapmnt\GRC\SYS\global\security\data\SecStore.properties ....we are able to find file there.
Thanks,
Jagat -
Authorization objects for transaction, one to view, and one to maintain
Hi all,
My requrement is to create two authorization objects for transaction, one to view, and one to maintain.
I know how to create objetcs vai sm21, but i donot know how to crate objects with activity codes.
Please suggest how to create object where i can asign activity codes.
regards
manishThe Authorization Concept
R/3 uses authorization objects to assign authorizations to users. An authorization object is a template for an authorization. For example, authorization object F_SKA1_BUK - G/L Account: Authorization for company codes requires the specification of two field values: Company Code and Activity. To allow a General Ledger supervisor to create a general ledger master record, he/she must be assigned an authorization to create (Activity 1) accounts for a specific company code (eg. Company Code 2000). Such an authorization is created using the object F_SKA1_BUK by assigning these field values and naming the authorization following an appropriate convention (eg. Z_SCC20001).
Authorizations may be classified as general authorizations, organizational authorizations or functional authorizations. General authorizations specify the functions a user may perform. Authorization object F_SKA1_BUK has been assigned to the function for creating general ledger master records. The system checks for the useru2019s authorization to create general ledger accounts (Activity 1) in at least one company code. The system then checks whether the user is permitted to create accounts for the specified organizational unit (company code) and has the required functional authorizations. Authorizations in this case may restrict the user to certain Charts of Accounts. In addition, an authorization group may be defined in certain authorization objects to protect individual master records.
Profiles relating to an organizational role (eg. General Ledger Supervisor) are defined consisting of a list of authorizations and other profiles. Such profiles are then assigned to users with that role and stored in their user master record along with other data (eg. password).
Do check this link as well.
http://articles.techrepublic.com.com/5100-10878_11-5110893.html -
Authorization Objects in Transaction codes
Dear Experts
we are trying to make Authorization Matrix for users authorizations , so what i need to know if is there any way i can get template list includes Tcodes and the Authorization objects corresponding to each Tcode , it will be a lot easier to make the roles .
please if anyone can advice how i can get the tcode list with its objects it will be great.
thanks
Sameh EssaAuthorization Matrix - Not any table / programme will work for you in this case, you better maintain below checklist :
1) Gather company data : Organization Structure HR will help you in this. (you need to get all details on Organization values such as Company Code, Plant, Purchasing / Sales Organization etc.,
2) Prepare a sheet for every module (PP,MM,SD,FI,CO,HR etc.,)
3) Study the Organization structure & Identify the Job responsibility of the person in current organization & what function he / she will do in SAP.
4) A sheet contains T-codes & description (you can get list of tcodes from respective functional consultant), Role Name, Activity - create/change/display et.,
5) Don't add all t-codes Ex- PP : Add only those tcodes access by you users : End or Core users. Sometime it doesn;t make sense to give create / change / delete t-codes to a user who's only responsible for doing data entry job or a user who is responsible only for creating materials not approving / sending.
6) Make a sheet that maps you users to role
7) Always review / approve your Matirx from respective Functional Head, as a BASIS we can't take decision on Functional side.
8) Always test you roles in DEV / QAS (training client) assigned to a test user by your functional cunsultant.
9) Always remember of cross functionality authorizations (like some time they may
10) Always make sure that none of the user gets any BASIS activity authorization.
I gather above points from my experience where I was involved in designing Matrix, It can be defferent depends upon the organization.
Regards; -
Hi experts,
we are testing the upgrade of bw from 3.5 to 7.0 version and we are facing huge trubles and doubts concerning to authorizations.
1-Could we keep the old authorization concept how and when is this decision possible?
2- We are testing the new concept and the old roles are failling. we have already tried to associate the S_RS_AUTH = 0BI_ALL but despite this solve some issues it open all the restrictions that we must to keep in place (ex. company restrictions, profit center restrictions).
3-What steps should i take to adjust the old roles?
Best regards,
rpHi,
When I may add something to the correct previous answer. The migration tool makes profiles that will be directly add to the user. If you are not working with structural authorizations and will be using functional authorizations (composite roles and roles) I can advice you to make an analysis from the info(area) you need and the other authorization objects you need(own created) and take a decision to use the functional solution. I always look to BI authorizations like this: you have the presentation, the information, the activity and organization. Base your authorization on that pillars and you are flexible. I certainly would not choose for profiles directly added to a user without having roles and composite roles.
Have fun
Bye Jan van Roest -
CC 5.2 - Functions point to one system, but analysis should be on another
In our CC 5.2 setup, the functions in Rule Architect have the system listed on which it has been installed. We have completed configuring the connectors to the intended system. However, it's not clear where we can reset the functions so that they all have the intended system listed rather than the system on which they are installed.
Would someone be able to point me in the right direction?
Thanks,
Santosh KrishnanHello,
Unfortunately there is no way to make this automatic... First if you are using CC 5.2 using logical system is usually a good idea (for instance if you have three systems from the same landscape).
Therefore you define your rules at logical system level and then you just have to add new systems (connectors) to your logical system.
If you can't use logical system (for instance if the two systems are different version or type) you have two possibilities:
- The first one is to import again the standard rules using the files provided with the Java packages. You just have to go to configuration / Rule Upload / Function authorization and select the newly connector and import the needed files.
However this will import standard rules disregarding changes you might have made.
- The other possibility is to go to Rule Architect / Export rules then use a good text editor to copy/paste line that are connector specific with the new connector name. Using a good technique this can take 15 minutes and allow you to have the exact same customizing for your systems.
Good luck.
Jerome. -
QA11 - Roles and Authorization
Dear Friends ,
I have a requirement for Authorization of QA11
In QA11 t code we have three sub screen , Defects and charecteristics and Inspection stock
i want to grey out for USER - A the first two screen and open the inspection stock screen for Ware house user to do posting
just wonder did any one faced this requirement by means of any authorization
Thanks & Regards
RajHi
Create a Role in PFCG with Authorizations and assign it to a user. U can use Authorization classes in QM
a) Recording Authorization for Insp. Results in an Operation Q_CHAR_PRC
b) Using Usage Decision Codes Q_UD_CODE
c) Change Stock Posting Fields in UD Transactions Q_STCK_CHG
For EX: Give authorization for Q_CHAR_PRC for one user and remove authorizations for Q_UD_CODE & Q_STCK_CHG. Like this u can provide Specific function authorizations in QA11. Take the help of Basis Consultant for more Guidance on authorizations
Regards
Brahmaji
Maybe you are looking for
-
Can not find class BPELFaultRecoveryContext in 11g
I have a Java program that uses the class BPELFaultRecoveryContext below import com.collaxa.cube.engine.fp.BPELFaultRecoveryContext; which resides in the orabpel.jar file. I jar up the java program and put it in the $ORACLE_MIDDLEWARE_HOME/user_proje
-
BSR code on TDS Certificate for Customer and vendor in india
Hi We have a requirement to print BSR code on TDS Certificates for customer and Vendor in india. Currently the BSR code for Customer TDS certificates picked up from Bank branch ( BNKA-BRNCH ) field and for vendor TDS certificates picked up from Bank
-
Hello, I restored my ipod and now I can't restore my information back on my ipod. I read the manual on how to restore my ipod and I click the ipod under devices but, it won't let me get into the itune store. I keep getting error -9808. What can I do
-
Interactive .pdf form not working
After converting an Acrobat 6.0 document with LiveCycle Designer, it still does not allow any input to the text fields or printing the document or sending it by email. Can anyone please guide me in the right direction? http://www.naturewisetv.org/sur
-
How to Digital Signature Payload not SOAP header
Hi Gurus, How to Digital Signature Payload not SOAP header. Thanks, imommam