Function Authorization: EFB

Similar Messages

• Price Not Copied from PR to PO with EFB parameter (Function Authorization)

  Dear All,
  We are doing upgrade of our system from SAP 4.7 to ERP 6.0 system.
  I am using the configuration at following path to copy price from PR to PO.
  SPRO: Materials Management > Purchasing > Authorization Management > Define Function Authorizations for Buyers > Function Authorizations: Purchase Order > I have created Function Authorization > Tab > General Parameters > Adopt PO Price.
  Well, the same functionality works in SAP 4.7 system, but it doesnot work in ERP 6.0 system.
  Can you please help me?
  Kind Regards,
  Prakash
  Edited by: Prakash Ayer on Mar 31, 2009 4:05 PM

  If you have implmented the functionality as given in OSS note: 393337. Then the price is copied from PR to PO.
  I am referring to below functionality:
  Contents form OSS note: 393337.
  Customizing was not set to be able to adopt the price.
  Field EBAN-BPUEB is therefore equal value ' ' at the time the purchase
  requisition is used to generate a Purchase Order.
  Solution
  Change customizing accordingly:
  Function Authorizations are set up up in the IMG:
  Material Management -> Purchasing -> Authorization management ->
  Define Function Authorization for Buyers.
  In here choose: "Function Authorizations: Purchase order"
  In here you may specify a number of Function Authorization keys.
  For each key, you may set rights for the key.
  The field in question is "Order price adoption" (T160D-EBPUEB) which
  must be ticked.
  Then back out and now choose "Maintain Users".
  In here choose tab "Parameters" and enter parameter ID "EFB" along
  with the value equal to the key you just maintained.
  (Remember to use Capitals when entering the key value)
  In ME51N in the item detail screen, tab "Valuation", the field
  "PO price" will now be visible and can be maintained via a dropdown.
  The field will have following possible values:
  - "Do not adopt"
  SAP Note Nr. 393367 01.04.2009 Page 1
  - "As gross price" and
  - "As net price"
  equivalent to the values ' ', '1' and '2' in field EBAN-BPUEB.
  When '1' or '2' a price will be transferred to the Purchase Order when
  the purchase requisition is referenced.
  Can you please me?
  Thanks and Regards,
  Prakash
  Edited by: Prakash Ayer on Apr 1, 2009 4:50 PM

• Functional authorization "switch"

  Hi,
  We have requirement to restrict PO creation with custom logic per user group for one doc.type
  I was thinking to have two different functional authorization keys (configured in OMET) and then use BAdI to "switch" the used authorization under certain conditions between restricted and non-restricted.
  Does anyone of you know, nice way to switch initial value picked from user parameter "EFB" to another value?
  First I was thinking to use ME_PO_PROCESS_CUST method FIELDSELECTION_ITEM_REFKEYS and set new value but I do not see that it is possible to restrict the transaction same way as with functional authorization.
  Please do not post copy/paste trivial answers..
  br, Janne

  Janne,
  Why do you not use auth object M_BANF_BSA   ACTVT=01;BSART= Document type for which you want to give authorization? Have a look at note: 751129 - Authorizations in Enjoy Transactions in Purchasing
  If you are leaning towards development because your custom logic is so complicated, BADI ME_PROCESS_PO_CUST should be sufficient. Post in the ABAP Development forum and someone can help you better.

• Function authorize in packages for web applications in Oracle XE

  Hello,
  i have created a simple test package as follows:
  PACKAGE TEST IS
  function authorize return boolean;
  procedure test;
  END;
  PACKAGE BODY TEST is
  FUNCTION authorize return boolean is
  BEGIN
  if OWA_SEC.GET_USER_ID = 'test' then
  return true;
  else
  return false;
  end if;
  END;
  PROCEDURE test is
  BEGIN
  htp.prn('Hello World!');
  END;
  END;
  i have also cerated a DAD with this command:
  DBMS_EPG.CREATE_DAD (' test ', '/test/*');
  i want to run this link in my web browser: http://127.0.0.1:8080/test/test.test
  When i use a real database user then the function test works ok.
  But i want to make it work with the user name "test" throw the function authorize.
  In my opinion i am creating a DAD in a wrong way. Can anybody help me?
  Thanks in advance for your help.

  Hi,
  AFAIK, there is no official document which states that "Oracle Functional Testing for Web Applications" is certified with Oracle E-Business Suite 11i/R12. I assume it should work with Forms 10g but not with Forms 6i, so it should work (does not mean it is certified) with R12.
  I would suggest you log a SR and confirm this with Oracle Support.
  Regards,
  Hussein

• Enhanced Approval Procedure Functions- authorization issue

  Dear Expert,
  I have activated the enhances approval procedure function as per below screen shot:
  Granted authorization as mention in New ChaRM Feature with SP 10: Enhanced Approval Procedure Functions by Michael. With SM_APP_AP with 02, 22 and 75.
  But the Request for change procedure selection and approval steps was disabled
  The requestor able to change the approval procedure and approval steps only  if i granted the user with 70 (administer).
  Please help as i want the requestor to be able to select the approval procedure and approval steps but not approving the CR. Im following the chart below but seem like is not working.
  Role
  SAP standard roles
  Activity for
  Change Manager
  SAP_CM_SMAN_CHANGE_MANAGER
  37 (approve) approval step, 75 (delete approval step), 22 (add approval step), 02 (change approval procedure assignment)
  Potential Approvers
  SAP_CM_SMAN_DEVELOPER
  SAP_CM_SMAN_OPERATOR
  SAP_CM_SMAN_TESTER
  37 (delivered inactive)
  Power User, Administrator
  SAP_CM_SMAN_ADMINISTRATOR
  70 (administer), 37 (approve) approval step, 75 (delete approval step), 22 (add approval step), 02 (change approval procedure assignment)
  Thanks
  Regards,
  Junnie

  Hi Jansi,
  I have added activity 22 (add approval step)  and 02 (change approval procedure assignment) but the approval procesure and approval step are disabled and not allow the requestor to select /add/ male changes.
  So im not sure which part is going wrong.
  Thanks
  Regards,
  Junnie

• Price change in PO

  Hello!
  I have faced following requirement:
  Price should be adapted from condition record for material. Purchasing Price in purchase order can't be changed. To ensure this I have set in condition record field Manual Entries -D - Not possible to process manually. But still i can change price in PO item. When I make settings in screen layout for PO (making price field "Display"), the field is not available for changes, but in this case it is not possible to set/change price for all PO types, but in case of return PO I need to have possibility set particular price from particular batch, not taking price from condition record.
  Is there a way to set screen layout control on PO document type level?
  Is there other way to forbid price change in PO without closing field on screen layout level?
  Thanx in advance!
  Brucke

  You can set up separate field selections for different purchasing documents depending
  on the document type and document category. For this purpose, you assign a field
  selection key to the document type for which the field attributes are defined.
  Other options are using
  Field selection key based on Item category.
  In addition, you can also control the field selection depending on the user parameter
  EFB (for purchasing function authorization). You can assign a Function Authorization
  (EFB) field selection key to the different keys for this parameter. This field selection
  key is for controlling the authorization for the price display or entry in the purchasing
  documents (purchase orders, outline agreements). If the user parameter EFB (function authorization in purchasing) has been assigned to a user, this field selection key is also
  used. If the authorization for the price display is removed using the EFB parameter
  without an additional field selection key having been defined, then the field selection
  key $$$$ is used. In addition, this user parameter can be used to assign an additional
  field selection key especially for the field selection of the single-screen transactions
  for maintaining the purchase requisitions.
  Hope it helps.
  Best Regards

• User based authorization to create Purchase Orders out of Purchase Req.?

  Hello,
  I have the following requiment for my client:
  User based authorization to create Purchase Orders out of Purchase Req.?
  I am told the same can be achieved using same standard menu path in IMG/Customizing.
  Please advise with the menu path and detials, Usefull answers will be rewarded.
  Thanks

  Using OMET Function Authorization, you can restrict users to create Purchase orders without Purchase Reqn.
  Using OMET trxn code Create one Function Authorixation Called pr and in General Parameters tab Select the Field Selection and in Possible reference Objects Tab Mark the With ref to Prs check box and save.
  Next, you've got to associate via SU01 
  Click Parameters, insert a new parameter id EFB to the authorization code. 
  Type in Parameters value you want e.g. XX 
  You have to assign the control for ALL the SAP buyers via thier SAP users id.
  Logoff and login again. Then try to create a Purchase Order without a reference.
  From Next time whenever you try to create with out referring PR it will not allow you to Save PO.
  Regards,
  Ashok

• EFB parameter

  Hi,
  We have a requirement that service order (SV document class) can not be create with a purchase requisition but in PO (NB document class) is mandatory. In SPRO we set the EFB parameters for selection field NBF (is used for PO, not for service order), and for service order we created SVF as selection field but we don’t set any configuration for EFB parameters. When user (who have the EFB parameters in SU01) create a service order in me21n an error message for restriction appears, this message is about authorisation settings.
  I want to know why me21n shows this message if settings for selection field SVF in SPRO don’t exist.
  Thanks,
  Lili.

  Hi Lili,
  Paramater EFB is Function Authorization for Purchase Orders.
  Use OMET you create your Function Auth and assign it to users against parameter EFB. That's why you are getting this error for authorisation.
  If you dont want this error message , remove the parameter EFB using SU01 or SU3
  Regards
  Rajesh
  Do reward if useful.

• Purchasing - Alternate to EFB parameter for authority chec

  Hi Folks,
  I need to restrict the user from entering Purchasing conditions via Me22n. Normally this is achieved by maintaining user parameter EFB in SU3, but this can be deleted by the user. Please suggest an alternate solution if you have done this before.
  Thank you for your time.
  ~Sangar

  If you have implmented the functionality as given in OSS note: 393337. Then the price is copied from PR to PO.
  I am referring to below functionality:
  Contents form OSS note: 393337.
  Customizing was not set to be able to adopt the price.
  Field EBAN-BPUEB is therefore equal value ' ' at the time the purchase
  requisition is used to generate a Purchase Order.
  Solution
  Change customizing accordingly:
  Function Authorizations are set up up in the IMG:
  Material Management -> Purchasing -> Authorization management ->
  Define Function Authorization for Buyers.
  In here choose: "Function Authorizations: Purchase order"
  In here you may specify a number of Function Authorization keys.
  For each key, you may set rights for the key.
  The field in question is "Order price adoption" (T160D-EBPUEB) which
  must be ticked.
  Then back out and now choose "Maintain Users".
  In here choose tab "Parameters" and enter parameter ID "EFB" along
  with the value equal to the key you just maintained.
  (Remember to use Capitals when entering the key value)
  In ME51N in the item detail screen, tab "Valuation", the field
  "PO price" will now be visible and can be maintained via a dropdown.
  The field will have following possible values:
  - "Do not adopt"
  SAP Note Nr. 393367 01.04.2009 Page 1
  - "As gross price" and
  - "As net price"
  equivalent to the values ' ', '1' and '2' in field EBAN-BPUEB.
  When '1' or '2' a price will be transferred to the Purchase Order when
  the purchase requisition is referenced.
  Can you please me?
  Thanks and Regards,
  Prakash
  Edited by: Prakash Ayer on Apr 1, 2009 4:50 PM

• Action are not occurred in Function

  Hi,
  We are implementing GRC 5.3 and uploaded text files for
  Business process
  Function
  Function Authorization
  Rule set
  Risk
  But when we are opening Function it show blank for action fileld as below
  And getting error like u201Ccom.virsa.cc.rulearchitect.dao.DAOException: ResourceException in method ConnectionFactoryImpl.getConnection(): com.sap.engine.services.dbpool.exceptions.BaseResourceException: SQLException thrown by the physical connection: com.sap.sql.log.OpenSQLException: Error while accessing secure store: File "
  GCPLGRC\sapmnt\GRC\SYS\global\security\data\SecStore.properties" does not exist although it should.u201D
  I have checked and found file SecStore.properties exist in mentioned location.
  What could be the reason for error.
  Thanks,
  Digambar

  Hello All,
  Please help on the issue.
  We are also getting the same issue , but when we check following location 
  GCPLGRC\sapmnt\GRC\SYS\global\security\data\SecStore.properties ....we are able to find file there.
  Thanks,
  Jagat

• Authorization objects for  transaction, one to view, and one to maintain

  Hi all,
  My requrement is to create two authorization objects for  transaction, one to view, and one to maintain.
  I know how to create objetcs vai sm21, but i donot know how to crate objects with activity codes.
  Please suggest how to create object where i can asign activity codes.
  regards
  manish

  The Authorization Concept
  R/3 uses authorization objects to assign authorizations to users. An authorization object is a template for an authorization. For example, authorization object F_SKA1_BUK - G/L Account: Authorization for company codes requires the specification of two field values: Company Code and Activity. To allow a General Ledger supervisor to create a general ledger master record, he/she must be assigned an authorization to create (Activity 1) accounts for a specific company code (eg. Company Code 2000). Such an authorization is created using the object F_SKA1_BUK by assigning these field values and naming the authorization following an appropriate convention (eg. Z_SCC20001).
  Authorizations may be classified as general authorizations, organizational authorizations or functional authorizations. General authorizations specify the functions a user may perform. Authorization object F_SKA1_BUK has been assigned to the function for creating general ledger master records. The system checks for the useru2019s authorization to create general ledger accounts (Activity 1) in at least one company code. The system then checks whether the user is permitted to create accounts for the specified organizational unit (company code) and has the required functional authorizations. Authorizations in this case may restrict the user to certain Charts of Accounts. In addition, an authorization group may be defined in certain authorization objects to protect individual master records.
  Profiles relating to an organizational role (eg. General Ledger Supervisor) are defined consisting of a list of authorizations and other profiles. Such profiles are then assigned to users with that role and stored in their user master record along with other data (eg. password).
  Do check this link as well.
  http://articles.techrepublic.com.com/5100-10878_11-5110893.html

• Authorization Objects in Transaction codes

  Dear Experts
  we are trying to make Authorization Matrix for users authorizations , so what i need to know if is there any way i can get template list includes Tcodes and the Authorization objects corresponding to each Tcode , it will be a lot easier to make the roles .
  please if anyone can advice how i can get the tcode list with its objects it will be great.
  thanks
  Sameh Essa

  Authorization Matrix - Not any table / programme will work for you in this case, you better maintain below checklist :
  1) Gather company data : Organization Structure HR will help you in this. (you need to get all details on Organization values such as Company Code, Plant, Purchasing / Sales Organization etc.,
  2) Prepare a sheet for every module (PP,MM,SD,FI,CO,HR etc.,)
  3) Study the Organization structure & Identify the Job responsibility of the person in current organization & what function he / she will do in SAP.
  4) A sheet contains T-codes & description (you can get list of tcodes from respective functional consultant), Role Name, Activity - create/change/display et.,
  5) Don't add all t-codes Ex- PP : Add only those tcodes access by you users : End or Core users. Sometime it doesn;t make sense to give create / change / delete t-codes to a user who's only responsible for doing data entry job or a user who is responsible only for creating materials not approving / sending.
  6) Make a sheet that maps you users to role
  7) Always review / approve your Matirx from respective Functional Head, as a BASIS we can't take decision on Functional side.
  8) Always test you roles in DEV / QAS (training client) assigned to a test user by your functional cunsultant.
  9) Always remember of cross functionality authorizations (like some time they may
  10) Always make sure that none of the user gets any BASIS activity authorization.
  I gather above points from my experience where I was involved in designing Matrix, It can be defferent depends upon the organization.
  Regards;

• Authorizations Bw migration

  Hi experts,
  we are testing the upgrade of bw from 3.5 to 7.0 version and we are facing huge trubles and doubts concerning to authorizations.
  1-Could we keep the old authorization concept how and when is this decision possible?
  2- We are testing the new concept and the old roles are failling. we have already tried to associate the S_RS_AUTH = 0BI_ALL but despite this solve some issues it open all the restrictions that we must to keep in place (ex. company restrictions, profit center restrictions).
  3-What steps should i take to adjust the old roles?
  Best regards,
  rp

  Hi,
  When I may add something to the correct previous answer. The migration tool makes profiles that will be directly add to the user. If you are not working with structural authorizations and will be using functional authorizations (composite roles and roles) I can advice you to make an analysis from the info(area) you need and the other authorization objects you need(own created) and take a decision to use the functional solution. I always look to BI authorizations like this: you have the presentation, the information, the activity and organization. Base your authorization on that pillars and you are flexible. I certainly would not choose for profiles directly added to a user without having roles and composite roles.
  Have fun
  Bye Jan van Roest

• CC 5.2 - Functions point to one system, but analysis should be on another

  In our CC 5.2 setup, the functions in Rule Architect have the system listed on which it has been installed.  We have completed configuring the connectors to the intended system.  However, it's not clear where we can reset the functions so that they all have the intended system listed rather than the system on which they are installed.
  Would someone be able to point me in the right direction?
  Thanks,
  Santosh Krishnan

  Hello,
  Unfortunately there is no way to make this automatic... First if you are using CC 5.2 using logical system is usually a good idea (for instance if you have three systems from the same landscape).
  Therefore you define your rules at logical system level and then you just have to add new systems (connectors) to your logical system.
  If you can't use logical system (for instance if the two systems are different version or type) you have two possibilities:
  - The first one is to import again the standard rules using the files provided with the Java packages. You just have to go to configuration / Rule Upload / Function authorization and select the newly connector and import the needed files.
  However this will import standard rules disregarding changes you might have made.
  - The other possibility is to go to Rule Architect / Export rules then use a good text editor to copy/paste line that are connector specific with the new connector name. Using a good technique this can take 15 minutes and allow you to have the exact same customizing for your systems.
  Good luck.
  Jerome.

• QA11 - Roles and Authorization

  Dear Friends ,
  I have a requirement for Authorization of QA11
  In QA11 t code we have three sub screen , Defects and charecteristics and Inspection stock
  i want to grey out for USER - A the first two screen and open the inspection stock screen for Ware house user to do posting
  just wonder did any one faced this requirement by means of any authorization
  Thanks & Regards
  Raj

  Hi
  Create a Role in PFCG with Authorizations and assign it to a user. U can use Authorization classes in QM
  a) Recording Authorization for Insp. Results in an Operation Q_CHAR_PRC
  b) Using Usage Decision Codes                                         Q_UD_CODE
  c) Change Stock Posting Fields in UD Transactions             Q_STCK_CHG
  For EX: Give authorization for Q_CHAR_PRC for one user and remove authorizations for Q_UD_CODE & Q_STCK_CHG. Like this u can provide Specific function authorizations in QA11. Take the help of Basis Consultant for more Guidance on authorizations
  Regards
  Brahmaji