How to deliver MM02 to user with only Bin Location editable.

Similar Messages

• How can i create a new user with only read rights ?

  How can i create a new user with only read rights ?

  You are asking about a Database User I hope.
  You can look into the Oracle 8i Documentation and find various privillages listed.
  In particular, you may find:
  Chapter 27 Privileges, Roles, and Security Policies
  an intresting chapter.
  You may want to do this with the various tools included with 8i - including the
  Oracle DBA Studio - expand the Security node and you can create USERS and ROLES.
  Or use SQL*Plus. To create a
  user / password named John / Smith, you would login to SQL*Plus as System/manager (or other) and type in:
  Create user John identified by Smith;
  Grant CONNECT to John;
  Grant SELECT ANY TABLE to John;
  commit;
  There is much more you can do
  depending on your needs.
  Please read the documentation.
  -John
  null

• How to check if the user has only the display authority of a message

  hi,
  How to check if the user has only the display authority of a message but does not have the change authority for a certain message?
  Best regards,

  hi blake
  though i am an application consultant and for authorisation u need to have help of BASIS person if u r not the one but still i can guide u regarding the same,
  Basically Authorization Management 
  Use
  You can use the following authorization objects to control the authorizations for maintaining business partner data:
  •        Authorization objects for the Business Partner:
  •             B_BUPA_GRP
  •             B_BUPA_ATT
  •             B_BUPA_FDG
  •             B_BUPA_RLT•       
  Authorization objects for relationships:
  •             B_BUPR_BZT
  •             B_BUPR_FDG
  In addition, you can assign an authorization group to a business partner in the dialog. The authorization group controls which users may maintain data for this business partner.
  You can also define authorizations for fields and field groups using the Business Data Toolset (BDT). Depending on the settings you have made, the system carries out the relevant authorization checks.
  In the dialog in the SAP GUI, you can display an overview of the authorizations assigned to you by pressing the button Settings.
  For more information on authorization management, see the Implementation Guide (IMG) of the Business Partner, as well as in the Developer’s Handbook for the BDT under  Authorizations.
  IntegrationAuthorization management for the Business Partner forms part of the  SAP authorization concept.
  Prerequisites
  You have made the necessary settings in Customizing of the Business Partner under Basic Settings--> -Address Management.
  Moving over
  AS ABAP Authorization Concept 
  The ABAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP system, after he or she has logged on to the system and authenticated himself or herself.
  To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.
  Authorization Checks 
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
  •        Starting SAP transactions (authorization object S_TCODE)
  •        Starting reports (authorization object S_PROGRAM)
  •        Calling RFC function modules (authorization object S_RFC)
  •        Table maintenance with generic tools (S_TABU_DIS)
  Checking at Program Level with AUTHORITY-CHECK
  Applications use the ABAP statement AUTHORITY-CHECK, which is inserted in the source code of the program, to check whether users have the appropriate authorization and whether these authorizations are suitably defined; that is, whether the user administrator has assigned the values required for the fields by the programmer. In this way, you can also protect transactions that are called indirectly by other programs.
  AUTHORITY-CHECK searches profiles specified in the user master record to see whether the user has authorization for the authorization object specified in the AUTHORITY-CHECK. If one of the authorizations found matches the required values, the check is successful.
  Starting SAP Transactions
  When a user starts a transaction, the system performs the following checks:
  •        The system checks in table TSTC whether the transaction code is valid and whether the system administrator has locked the transaction.
  •        The system then checks whether the user has authorization to start the transaction.
  The SAP system performs the authorization checks every time a user starts a transaction from the menu or by entering a command. Indirectly called transactions are not included in this authorization check. For more complex transactions, which call other transactions, there are additional authorization checks.
  •             The authorization object S_TCODE (transaction start) contains the field TCD (transaction code). The user must have an authorization with a value for the selected transaction code.
  •             If an additional authorization is entered using transaction SE93 for the transaction to be started, the user also requires the suitable defined authorization object (TSTA, table TSTCA).
  If you create a transaction in transaction SE93, you can assign an additional authorization to this transaction. This is useful, if you want to be able to protect a transaction with a separate authorization. If this is not the case, you should consider using other methods to protect the transaction (such as AUTHORITY-CHECK at program level).
  •        The system checks whether the transaction code is assigned an authorization object. If so, a check is made that the user has authorization for this authorization object.
  The check is not performed in the following cases:
  You have deactivated the check of the authorization objects for the transaction (with transaction SU24) using check indicators, that is, you have removed an authorization object entered using transaction SE93. You cannot deactivate the check for objects from the SAP NetWeaver and HR areas.
  This can be useful, as a large number of authorization objects are often checked when transactions are executed, since the transaction calls other work areas in the background. In order for these checks to be executed successfully, the user in question must have the appropriate authorizations. This results in some users having more authorization than they strictly need. It also leads to an increased maintenance workload. You can therefore deactivate authorization checks of this type in a targeted manner using transaction SU24.
  •             You have globally deactivated authorization objects for all transactions with transaction SU24 or transaction SU25.
  •             So that the entries that you have made with transactions SU24 and SU25 become effective, you must set the profile parameter AUTH/NO_CHECK_IN_SOME_CASES to “Y” (using transaction RZ10).
  All of the above checks must be successful so that the user can start the transaction. Otherwise, the transaction is not called and the system displays an appropriate message.
  Starting Report Classes
  You can perform additional authorization checks by assigning reports to authorization classes (using report RSCSAUTH). You can, for example, assign all PA* reports to an authorization class for PA (such as PAxxx). If a user wants to start a PA report, he or she requires the appropriate authorization to execute reports in this class.
  We do not deliver any predefined report classes. You must decide yourself which reports you want to protect in this way. You can also enter the authorization classes for reports with the maintenance functions for report trees. This method provides a hierarchical approach for assigning authorizations for reports. You can, for example, assign an authorization class to a report node, meaning that all reports at this node automatically belong to this class. This means that you have a more transparent overview of the authorization classes to which the various reports are transported.
  You must consider the following:
  •     •         After you have assigned reports to authorization classes or have changed assignments, you may have to adjust objects in your authorization concept (such as roles (activity groups), profiles, or user master records).
  •     •         There are certain system reports that you cannot assign to any authorization class. These include:
  •     •         RSRZLLG0
  •     •         STARTMEN (as of SAP R/3 4.0)
  •     •         Reports that are called using SUBMIT in a customer exit at logon (such as SUSR0001, ZXUSRU01).
  •     •         Authorization assignments for reports are overwritten during an upgrade. After an upgrade, you must therefore restore your customer-specific report authorizations.
  Calling RFC Function Modules
  When RFC function modules are called by an RFC client program or another system, an authorization check is performed for the authorization object S_RFC in the called system. This check uses the name of the function group to which the function module belongs. You can deactivate this check with parameter auth/rfc_authority_check.
  Checking Assignment of Authorization Groups to Tables
  You can also assign authorization groups to tables to avoid users accessing tables using general access tools (such as transaction SE16). A user requires not only authorization to execute the tool, but must also have authorization to be permitted to access tables with the relevant group assignments. For this case, we deliver tables with predefined assignments to authorization groups. The assignments are defined in table TDDAT; the checked authorization object is S_TABU_DIS.
  You can assign a table to authorization group Z000. (Use transaction SM30 for table TDDAT) A user that wants to access this table must have authorization object S_TABU_DIS in his or her profile with the value Z000 in the field DICBERCLS (authorization group for ABAP Dictionary objects).
  please See also:
  •        SAP Notes 7642, 20534, 23342, 33154, and 67766
  guess this info will help you,there is one graphic which actually explain the hierarchy of authorisation,i will find some time out to let u know more info about the authorisation
  but if u sit with ur BASIS guy then u can learn lot of things in PFCG
  i guess u r a basis guy,then its not a problem
  best regards
  ashish

• How to map the bulk users with the required  roles in portal at one time

  Hi,
  Would anyone tell me how to map the bulk users with the required roles in portal at one time?

  Thanks for all the reply.
  <b>I need to assign 1 or 2 group to n((eg) 1000)number of users</b>
  I tried the first option like
  [group]
  gid=
  gdesc=
  user=
  Thr problem with this is I could n't put more no of users in the notepad.
  I would be able to put only 150 users in the single line of notepad. If it goes to next line it is not working.
  I tried creating seperate notepad but in Import it says "exists"
  I'm not sure about LDAP. Would anyone explain me the best approach to do this.

• Acmcneill1ug 14, 2014 7:16 AM I have IMac OSX 10.9.4, 4GB,Processor 3.06 with Intell2Duo. I would like to check for Malware. I run a TechTool Pro 6 every month and that comes up great. When check how much memory I am using, with only Safar

  Acmcneill1ug 14, 2014 7:16 AM
  I have IMac OSX 10.9.4, 4GB,Processor 3.06 with Intell2Duo. I would like to check for Malware. I run a TechTool Pro 6 every month and that comes up great.
  When check how much memory I am using, with only Safari open I am using 3.9 and more of her 4.0 memory. She is very. very slow in processing. I had 4000
  trash to clean out and it took her over an hour to expel. Also for some reason Safari will not allow me to click on a link, in my G-mail, and let it go to the page.
  It has a sign saying a pop-up blocker is on and will not let me do it. I must open the stamp to look at my e-mails and if I have redirected link now I can do it.
  I have not changed my preferences so where is this pop-up blocker?
  I have looked at preferences on Safari and Google, which I do not understand Google, and do not see where this blocker could be.
  Malware is something I want to make sure is not on my computer. Tech Tool Pro 6 is all I know of and it does not detect Malware.
  Help.
  Ceil

  Try Thomas Reed's Adware removal tool. He posts extensively in the communities.
  Malware Guide - Adware
  Malware Discussion

• How to create full new user with all privileges

  how to create full new user with all privileges?
  and how to delete existing users?
  Thanks in advance..

  Common solution is probably to use sudo for privilege elevation, wiki should help

• HT3529 can my daughter send text messages to non iphone users with only an apple id?

  Can you send a text message from ipod touch to non iphone users with only an apple id and no phone number?

  The Apple Messages app will only send Messages to another uses who has the Messages app on their iPod touch, iPad or iPhone. For Messsging an iPod touch or iPad you use the E-mail address they have in Settings>Messages>Send and Receive.  An Phone number will also be listed if they also have an iPhone with iOS 6 using the same Apple ID and yo can use the number.
  You can Message an iPhone by its phone number of the Apple ID email address listed in Settings>Messages>Send and Receive.

• HT1349 how can you track you ipod with only serial number ]

  2nd Generation ipod Touch

  Hello, Tommyty,
  I am sorry you have lost your iPod.  You don't yet seem to understand that its serial number is not tracked electronically.  Here is my attempt at explaining the same thing that Limnos and stevejobsfan0123 have already told you. 
  Tommytj wrote: ... HT1349 how can you track you ipod with only serial number ] ...
  Only by physically looking at the iPod's serial number.
  Tommytj wrote: i need to find my ipod can anyone help me find a way to track my ipd touch with only a serial number using icloud.
  No.
  Nobody can help you with that request because iCloud and  "Find My iPod touch" do not work that way.
  If you cannot see the iPod, you cannot track its serial number.  Unless someone sees the serial number, nobody can track it.
  Regardless of whether you have properly installed and enabled "Find My iPod touch", iCloud does not track your iPod's serial number.  This is true even when you or someone else can see your iPod's serial number.
  Regardless of how much you wish iCloud could track your iPod's serial number, it cannot.
  "Find My iPod touch" can sometimes track an iPod's location but only under the specific circumstances Limnos has already explained to you. 
  If "Find My iPod touch" cannot locate your iPod by its location, there is no iCloud way to find it.  In that case, the only way to identify your missing iPod is for you or someone else to physically look at it.
  Perhaps you will be successful with one of these alternative possibilities for recovering your iPod:
    • you can physically search and find your misplaced iPod
    • someone may it returned in response to a reward that you offer
    • the police may find it after you have reported it stolen
  Message was edited by: EZ Jim
  Mac OSX 10.7.4

• How to Control authorization for users with certain status for level 2 WBS Element

  Dear All,
  Is there any standard way or enhancement available to control authorization for users with certain status for WBS Element i.e. for example
  Pre-requisite:
  There is only 2 level of project i.e.
  Lev_ WBSE_______Description
  1___ 7-14.E_______summay outage controller
  2___ 7-14.E.2310__ Plant/unit # 2310
  2___ 7-14.E.2310__ Plant/unit # 2220
  Project Controller  (authorization role assigned "Z_PS_OP7_OTGCON_C") have all project level authorization
  Plant/Unit Controller (authorization role assigned "Z_PS_OP7_PLNTOTG_C_2310") have only level 2 authorization with enhancement that we did in system by Z table.
  User ID_ Plant #
  123345_ 2310
  122455_ 2220
  Issue:
  After System Status released and User Status approved the WBS basic date for Plant/Units should be restricted from updating/changing by Plant/Unit Controller level and only project controller should have this authority.
  Solution required: 
  Can any one tell how to control this scenario either by standard or enhancement available to control authorization
  BR
  Saqib Usman   

  Hi,
  Did you explore SAP Enhancement CNEX0002 Using Transaction CMOD?
  Thank you and regards,
  Varshal Kachole
  The SCN Rules of Engagement

• How to run application on comp. with only jre installed?

  Hi guys! I've written an application and somebody wants to use it. I have an applet too but it does not have full functionality and slower.
  I am running applications from my desktop using shortcut on javaw.exe file located in jdk/bin folder. No problem with it.
  But if person does not want to instsall jdk? I know that jre has javaw.exe in its bin but it does not work that way.
  My question is: how to run application for domestic use without all this web start hassle and with only jre installed? Is it possible? If yes, how to do this?
  Regards

  Download the JRE redistributable from Sun. It is self installing and will allow the user to run your app using a regular shortcut to javaw.exe.

• How add Authorization check for user with assigened role for t.code-MIR4

  Hi All,
  Regarding authorization how to check authorizations check for user whith assigned roles for the t.code MIR4  using ABAP.
  In Detail:2)     All users are allowed to go to MIR4(invoice number), But ONLY for users with role: MM_RELEASE_INVOICE can proceed to do the posting.
  suggest me...
  Thanks,
  srii..

  Hi Sri ,
  first u need to find out  in which user rules u are using this object , after that if u want to restrict users then remove create/change values from that object values .
  make use of Tcode SUIM to find out all roles which are using this Object.
  or
  ask ur basis guy to remove authorizations to create/change....
  regards
  Prabhu

• How does one create a user with a null password in iManager?

  I'm setting up LDAP authentication and need to create a user with a null password.
  If you do not put a password in the password field when creating the user in iManager, a message pops up stating, No password has been defined for this user.
  You are given a choice of:
  Allow user to log in without a password
  - or -
  Do not allow user to log in without a password
  If you choose Do not allow user to log in without a password, there are no complaints.
  When I look at the properties of the newly-created user, however, I note that the "Require a password" checkbox is not filled in.
  That would imply that the answer to the question posed during the user's creation is moot; either answer produces a user that can log in without a password.
  I can then assign the Common Proxy password policy to the user, which does not dictate a minimum length for a password.
  From that point forward, any attempts to leave the password field blank in iManager results in another pop-up message stating:
  "Failure to enter a password will allow the user to login without a password."
  That implies that no password exists for the user, as opposed to a null password.
  Is that correct or are the public and private key for the user object still generated?

  If you do not specify a password, which is what happens when you select
  the 'Do not allow user to log in without a password' option initially, the
  user cannot login. A user with no password (meaning no password exists at
  all, similar to a 'null' in programming) cannot login with a password
  because, of course, they do not have a password.
  If you specify a zero-length string as the password you are effectively
  (and usually) creating a proxy user, for example to be used for the LDAP
  service in eDirectory, and this user can login typing in a password (since
  typing would imply one or more characters) but nevertheless there IS a
  password, but it happens that it is zero-length, so typing nothing for the
  password IS submitting the correct password. This is the option carried
  out by eDirectory when you choose, 'Allow user to log in without a
  password' (the prompt is a little misleading with its "without a password"
  phrase).
  Once you assign a UP policy you are telling the system that there SHOULD
  be a password on the user (and with common proxy there definitely should
  be, probably a strong one at that) so the only option now is whether or
  not the password is zero-length or longer. Obviously longer is the
  correct option for security reasons.
  Good luck.
  If you find this post helpful and are logged into the web interface,
  show your appreciation and click on the star below...

• How to make 1D Array but with only one element filled in Real Time

  Hi folks,
  here I am with another question. I want to implement an prediction discrete state space observer which is going to run on a CRIO real time target. I am going to do it just like in the example which comes with LV.
  I have some questions regarding the input and outputs which in the example those are "dummy".
  My model is a SISO model, but the function "Construct SS model" returns parameters (A,B,C,D Matrices) as 2D arrays, so once you connect the cluster model into the Discrete Observer model, it takes y and u as 1D arrays despite of the fact that there is a SISO model.
  I realized that the function I am using in the simulations, uses 1D arrays but with only one element filled:
  Does anyone knows how to implement such 1D arrays in Real Time? I guess the way to do it is preallocating one array of zeros of size 1, and then recirculating it through some SR, and replacing the element with my real input and output, but at the dummy.vi, they are using a simple "build array"
  function.

  Ok, I did it that way. But I am facing another problem right now...
  At some point the Discrete Observer return a NAN array, you will see the code in the code snippet?
  I get rid of that component by component, but the observer gets "stuck" in it. So my Control law is zero... but the state stimate is NAN.
  Also I am attaching the VI.
  I do not know why, since in the simulation program all runs well. any thoughts? Maybe the internal numeric precision of the State Space Model?
  Attachments:
  RT - Pole Placement + Complete Observer.vi ‏40 KB

• HT5625 How can i find my id with only email?

  I've got the old id but cannot remember any thing except email address, how can i find the apple id with only email?

  CCC

• How to get list of users with access of MM01 (create & change)

  Hi all,
  i have to take out list of user having access for MM01 (create material), when i use SUIM to get the list it shows all the list of users including the users with DISPLAY & CHANGE, but i want only those users who had the access of CREATE & CHANGE.
  please help out me, its very urgent.
  Thanks & Regards
  Syed..

  Hi Syed,
  You can try to get it from S_BCE_68001398. Key in the required transaction code.
  Thanks and Regards
  Points reward is much appreciated