Is it possible to restrict user based on personal information workset ?
Hi Experts,
I have a requirement in which I need to allow other worksets in ESS to be accessed only if one workset "Personal Information" is completed.
In this workset "Personal Information", there is an iView "Certify Own Data". In this ivew there are couple of checkboxes which need to be ticked and saved. this checkboxes will automatically be checked when the user enters required data in other related ivews such as "Address", "Family Details", "communications" etc.
All I want to achieve is to allow the user only if he fills all his personal information and certify's his own data. After clicking on SAVE button only he would be able to access other worksets such as "Attendence".
Please someone suggest me how to achive this functionality. Do i need to develop new application or i can achieve this functionality by just maintaining some kind of iview validation.
Earlier response would be much appreciated.
Thanks
Uday
you can do a badi validation
BADI HRPAD00INFTYBL and HRPAD00INFTYDB for new framework of infotype.
Please refer the SAP Note 864910 BADI HRPAD00INFTYBL and HRPAD00INFTYDB
But to control the workset would be difficult in standard, probably you can do a modification
you can control services using proxy classes though
Similar Messages
-
Restrict users based on Customers
Hi ,
In ECC system, we have general requirements to restrict users based on customer account group where customer account group is represented as Site/Store.
Possible values for Customer Account group -
- Reference Store
- Head Store
- Wholly Owner Store etc.
Till this point everything is fine. However, Client has few additional External Stores which are represented as one Dummy Site and Customers belonging to that store are actual external Stores.
Example, we have additional Value for Customer Account Group -
- Dummy Site
And now all the Customers part of dummy site is actual stores and we are needed to drill down our restriction to this Customer (So called Stores).
To restrict used based on customer account group/Stores, we can utilize F_KNA1_GRP with filed KTOKD (Customer Account Group). However, is it possible to create roles based on individual customers of these Stores?
If yes, how can we do that?
P.S. I had a look at authorization object F_KNA1_BED with filed BRGRU. Can this object help us in fulfilling our requirement? Or there is any other SAP provided authorization object which can help us to restrict on Customer values?
Thanks,
SheenamYou could use F_KNA1_BED, I guess - but that would mean excessive maintenance of both: BEGRU and customers, if I understood your scenario correctly and you really, really want to break that down to single customers.
It would be even more excessive to utilize F_KNA1_GRP. Can be done, though.
Both solutions are completely un-elegant and I am not happy proposing them. But I am curious as a cat: what exactly is the business process expecting you to restrict access to customer data down to a single customer?
Edited by: Mylène Dorias on Mar 24, 2010 8:39 AM -
In BD87 T /c is it possible to control user based in Comp code...?
In BD87 T /c is it possible to control user based in Comp code...?
Thanks
MahiBD87 is a transaction to work with IDOCs.
one IDOC e.g. for vendor master can have several segments with different company codes.
But you cannot post an IDOC only partially, that is technically not possible and does not make much sense.
Further the IDOC segment in the table is just one huge field, It does not have single fields like company code.It is a generic field that can keep the segments of any IDOC.
In my opinion there is no way to control it at company code level.
In any case you posted it in the wrong forum. BD87 is not a MM transaction.
Hence, moving it to the Abap Connectivity forum -
FD32 restrict users based on a schedule of authority
All,
I have a requirement within FD32 to restrict users based on a schedule of authority. For example, only allowing credit limits to be changed in a user's authorized dollar range. I was able to restrict the Credit Limit field (change/display) by using field groups, but I have an extension of the requirement for a schedule of authority. Can someone please help?You could use F_KNA1_BED, I guess - but that would mean excessive maintenance of both: BEGRU and customers, if I understood your scenario correctly and you really, really want to break that down to single customers.
It would be even more excessive to utilize F_KNA1_GRP. Can be done, though.
Both solutions are completely un-elegant and I am not happy proposing them. But I am curious as a cat: what exactly is the business process expecting you to restrict access to customer data down to a single customer?
Edited by: Mylène Dorias on Mar 24, 2010 8:39 AM -
Restricting Users based on GL Authorization Group
Gurus,
I have got requiremnt from our finance consultant/team for restricting users from accesing particular GL accounts in a company code. There are some GL which users are not supposed to view.
We have created authorization group in FS00 -Control data , but we cannot see that group in object F_BKPF_BES(Account authorization for GL accounts).
Please help.
RegardsHi,
Step1: Create Tolerance Groups
Step2: Assign Users to Tolerance Groups
Step3: Remove/Add T Codes in Users Master Data (T Code: SU01)
Thanks
Chandra -
Is it possible to restrict user to send mail outside the company?
Hi,
When deploy beehive locally for my company, I would like to know is it able to restrict user from sending mail outside the company?
Please give some infomation about that
Thankshlthanh,
would you like to restrict particular users or all users as a whole?
["Managing Oracle Beehive E-mail Components"|http://download.oracle.com/docs/cd/E16671_01/bh.200/e16648/email.htm#BABBIFII] has details on configuration options.
Most installations will consider fronting a postfix or sendmail MTA, adding further control options.
HTH, Tom -
Need to clear my user id and personal information to give my computer to a friend?
I need to clear my computer of all personal information and user id etc. so i can give to someone else?
All explained here
https://discussions.apple.com/docs/DOC-3191 -
Is it possible to restrict user access to files that need read/write permissions?
I am in the process of implementing electronic payments for a company's AP department. Dynamics GP (Great Plains) needs to create an EFT file that will get sent to the bank. After it is created, a script is run that sends the TXT file to the
bank and then renames the file extension to SNT. Users are logged on to the Great Plains server and have their own permission group.
Because the file is sending payment instructions, it is essential that users cannot modify or create a file with fraudulent payment instructions to the bank (incorrect bank account info).
With testing, I was able to save the file from GP to a folder where users cannot read it's contents, however the script cannot send the file to the bank without "read access" (it says not files available).
Any ideas for solutions? For instance, is it possible to make Great Plains and/or the script file "system" so that it can override the user profile's permissions?
I was also looking into the ability to hide the folder/files, but it appears users can choose to view hidden files and folders.I dont think so you can do it that way..
-
Restricting user based on Delivery Block in VA02
Hi ,
As per my bussiness team I am suppose to restrict the user depening on delivery block in transaction VA02 .There are no SAP pre-defined feilds to restrict at delivery block level from PFCG .Please kindly help .Thanks in advance .Hi,
Can you please assist, with the Issue below?
1) Tcode : VA02
2) I have created authorization Object for field level authorizations for
Delivery Block --- LIFSK
Billing Block -
 FAKSK
Maintained Field Level SD Authorizations ZV_FIELD
Maintained Field Level SD Authorizations T-ED49128000
Activity 02, 03 ACTVT
Billing block in SD document Z3 FAKSK
Delivery block ( document heade ZH LIFSK
3) Now I want to restrict to a particular Delivery Block and a Billing Block, but I am able to change to other Delivery Block and Billing Blocks even though I have restricted to Z3 and ZH ( this case) -
How to Restrict users to change password
Hi All,
I would like to restrict user to change password only defined number of times in a day, Is it possible to do it through group policies.
Please note i am already aware of "Minimum Password age" feature, however i do not want to use it as the minimum value that i can set here is 1 day. I would like to restrict users based on password reset threshold e.g. User can reset his password
in a day only twice or thrice.
Thanx & Regards,
Wasim ParkarIf you want to limit the user to have his/her password changed for a specific number of time every day, I have to say
NO thats not possible. PSO's as other mentioned,can be used to have different password policies. Maybe you can set the msDS-MinimumPasswordAge
to 00:04:00:00 which is equal to 4 hours. It means every 4 hours a user will be able to change his/her password. So in each day a user can change the password 6 times, since a day is 24 hours.
Do not forget a day start from 00:00 AM up to 11:59 PM. So in a 9 to 5 job, a user may change the password 2-3 times.
Hope it helps.
Mahdi Tehrani Loves Powershell
Please kindly click on Propose As Answer or to mark this post as
and helpfull to other poeple. -
How can we restrict users from marking service orders as deleted
Hi,
Please guide me :
Is it possible to restrict users (who are having authorization of marking service orders as deleted) from marking some service orders as deleted, if they have not created these service orders?
In other words, requirement is : only the person creating the Service Order should be authorized to delete.
Please guide.
Thanks and RegardsThere are many BADI and EXITS available, you have find the appropriate place to put your code.
USER - EXITS
CNEX0013 Order: Cust. enhancement: Default item category comp. assgmt
CNEX0026 Customer enhancement for general inspection of material
CNEX0027 Customer enhancement: Plant, storage loc. finding for comp.
IWO10004 Maintenance order: Customer check for order completion
IWO10005 Maintenance order: Cust.-specif. determination of profit ctr
IWO10006 Maint. order: Fcode exclusion through cust. enhancement
IWO10007 Maint.order: Customer enhancement - permits in the order
IWO10008 Cust. enhancement: Determination of tax jurisdiction code
IWO10009 PM Order: Customer Check for 'Save' Event
IWO10010 Maint. order: Cust. enhancement for determining WBS element
IWO10011 Maint. order: Customer enhancement for component selection
IWO10015 Maintenance order: F4 Help for user fields on operation
IWO10016 PM Order: Cust. enhancement to check operation user fields
IWO10017 Determine external order number by customer logic
IWO10018 Maintenance order: User fields on order header
IWO10020 Maintenance order: Automatically include task list
IWO10021 Automatic task list transfer when creating order from notif.
IWO10022 Determine calendar from user exit
IWO10023 Service order: Change header data for advance shipment doc.
IWO10024 Service order: Changes to items for advance shipment
IWO10025 PM/SM order: Finding responsible cost center
IWO10029 Inclusion of bill of material in PM/SM order
IWO10030 Preset Fields for Event Object
IWO10031 Hide personnel number in PM/SM order
BADI
Name of a BAdI Definition
ARC_PM_ORDER_CHECK
ARC_PM_ORDER_DELETE
ARC_PM_ORDER_PREPROCESSING
ARC_PM_ORDER_WRITE
ARC_PM_QMEL_CHECK
ARC_PM_QMEL_DELETE
ARC_PM_QMEL_PREPROCESS
ARC_PM_QMEL_WRITE
IWO1_ORDER_BADI
IWO1_PREQ_BADI
IWO1_SCREEN_MODIFY
IWO1_TL_INTEGRATION
IWO1_TL_INTEGRATION2
Edited by: Manish Bisht on Jul 11, 2009 9:27 AM
Edited by: Manish Bisht on Jul 11, 2009 9:28 AM -
Seeburger Workbench access - restrict users to Message Monitor only
Hi All
Does anyone know if it's possible to restrict users to Message Monitor only access in the Seeburger Workbench?Hi Andy,
if by "restrict" you mean if you can change the links available in the workbench, then sadly no - this is currently not possible. If you're ok with getting a HTTP Forbidden when clicking on other links than the Message Monitor, then yes - this can be configured within the SAP NetWeaver Administrator -> Identity Management. Check for example to documentation of the Message Monitor
Extracted from there:
Log on to the NetWeaver Administrator (NWA).
Open Operation Management | Users and Access | Identity Managemet (UME).
Create a role and assign the manage action for com.seeburger.xi.frontend.messageidmonitor to that role.
Now you can assign the newly created role to any user you want to grant access to the SEEBURGER Message ID Monitor.
This is for explicitly granting some user the access to the Message Monitor. The manage action is per default set to "Everyone". You need to remove Everyone on the corresponding frontends (search for actions with name com.seeburger.xi.frontend*)
Hope that helps
Greetings
-Sascha- -
Restricting users from Creating Request in OBIEE
Hi,
I want to restrict users fron creating request, in the Manage Priviledge section i was not able to find the where i could restrict the user from *"Creating Request"*, so is it possible to restrict users fron creating request if yes from where.
Regards,
Amitlook for "Access to Answers" under Access in Manage Privileges. That is where you restrict access to creating requests.
- Mahesh -
Restrict Dashboard based on Role
Hi
Is it possible to Restrict Dashboards based on Role. I want hide out-of-the-box dashboards and display custom dashboards based on Role.
Regards
SundarHi,
but note that the Look In function is not available in the custome web tab. this is really a shame because the lookin allows managers to see the data in different ways. If any of you found a way to get the look in functionaliyt into the web tab, I would love to find out.
Regards,
Gonzalo -
Is possible to restrict MB1B -541 for certain materials
HI MM experts,
kindly let me know is there any possibility of restricting users to perform 541 mov thru MB1B/MIGO for certain material codes?
pl help
thanx in advance
SrihariHi,
It is not popssible to resctrict any movement type for specific material codes through configuration. For restricting certain material codes for movement type 541 through tcode MB1B, ABAP coding is required in user exit.
Maybe you are looking for
-
Website works in Firefox, but does not load in IE, Safari, Chrome.
site: www.lightspinnersweb.com Page is a html wrapper around a .swf. The Flash includes .xml pages. Shows no errors and works fine in Dreamweaver when 'test page in IE'. The Wc3 only shows errors in the <noscript....embed... section. Have tried
-
Transit Sale in SAP (SD part)
hi, what is the system of Transit Sale in SAP ? regards PK
-
How to make connection between ASP and Oracle 8i
Dear Helper, I have a problem about how to make the connection between ASP and Oracle 8i. If you have this idea, please help me to solve this problem. Thank You!!! null
-
TouchUp Reading Order Tool - invisible Text
Last time I used the TouchUp Reading Order tool (in order to mark out columns of text to copy into a spreadsheet) in November, it worked with no problems. However, when I do this using Acrobat 9.3.0 the text below the first line disappears once I sel
-
BBP_PO_INBOUND_BADI
Hi all. SRM 4.0, extended classic scenario. I have tried modifying this BAdI in R/3 in an attempt to overwrite the TAXJURCODE in the Invoice tab of the PO with the value from the address details of the TAXJURCODE - but without any luck so far. Here i