Kkbc_hoe - Authorisation check required

Similar Messages

• How to put Authorisation Check?

  Hi,
  I have built a Module Program. In this there is a Save Button where information in the screen is saved to a Z table.
  I need to put an Authorisation check to this save button. That is only users who have “Save” capability could save.
  Simply there should be an authorisation check before the Save where it will check if the User has the Save option.
  Please guide me on how to do this.
  Thanks,
  Kishan

  Hi Kishan,
  1. AUTHORITY-CHECK
     The above statement is required for authority checking.
      Just see help on it for syntax purpose.
  2. Moreover,
     u will also have to know which authorisation object
     is necessary for your purpose.
     (or else new authorisation object may need tobe created)
  Hope the above helps.
  Regards,
  Amit M.

• Authorisation check in report

  Hi ,
  we have developed a z report which is fetching grade from infotype 8 .All the users here dont have authorisation for infotype 8.Is it possible somehow that the users who don have authorisation for infotype 8 can rum that report.Right now when they are trying to run the report its showing 'No Authorisation for infotype 8'.Or is there some other place from which grade can be retrieved .
  Regards
  Saurabh

  Create an authorisation object (SU21)
  Put an authorisation check for this object in your report (AUTHORITY-CHECK)
  Create a role that contains this object (PFCG)
  Assign this role to all the users who require access to the report (SU01).
  <REMOVED BY MODERATOR>
  Edited by: Alvaro Tejada Galindo on Feb 27, 2008 2:07 PM

• Skipping Authorisation checks in LDB

  Hi All,
  I am working on HR module and I have got to work on a report which is using LDB (Logical DataBase).LDB will do authorisation checks by default.
  1) My requirement is to skip the authorisation checks  and allow all the data to be retrieved.
  Can this be done by calling any standard FM ? If yes , please name it.
  regards,
  PP

  //LDB will do authorisation checks by default.
  in my opinion you are looking for a data retrieval process from report development point of view.
  Ok say you are pulling data from infotype -08 which is sensitive information. now you need a entry for the object of this and then you are allowed to select on this table.
  keep an authority-check on this table pa0008 and if you have the access then you will proceed or else dont pull the records.
  Authority-object / Authority -check from program perspective will do .
  ex:
  AUTHORITY-CHECK OBJECT 'Z_TCODE'
  ID 'ACTVT' FIELD '03' " read access
  ID 'ZTCODE' FIELD p_tcode. " actual value
  IF sy-subrc EQ 0. " check authorization
  * fetch record
  SELECT SINGLE *
  FROM tstc
  INTO wa_tstc
  WHERE tcode EQ p_tcode.
  Br,
  Vijay.

• User authorisation check in ABAP-HR program

  Hi,
  Can anyone please help me on the following query ?
  I need to check user authorisation in an ABAP report at Object level, filter only relevant records based on the user's authorisation and display appropriate messages.
  The above mentioned report is purely developed by us and is not a copy of any standard report. Hence, kindly help me with your suggestions and opinions.
  Thanks and Regards,
  Manas Menon

  Create an authorisation object (SU21)
  Put an authorisation check for this object in your report (AUTHORITY-CHECK)
  Create a role that contains this object (PFCG)
  Assign this role to all the users who require access to the report (SU01).
  <REMOVED BY MODERATOR>
  Edited by: Alvaro Tejada Galindo on Feb 27, 2008 2:07 PM

• OSA - Authorisation Checks

  Hi all:
  In my client's appraisal form, only the employee can fill in the form. They will also have to specify their manager's name as the appraiser.
  I tried to use "Default Manager" BADI for my appraisal form. However, this is not a complete functionality because the appraisee can simply change the appraiser's name, after system defaults. There is no control on the appraiser chosen. I can even choose my subordinate as my appraiser, which is not correct.
  I know that in "Processing" tab, we can de-select "No Authorisation Check for Appraiser". This feature will check if the user (in my case, the appraisee) has authorisation for the appraiser etc. A few questions I would like to find out:
  1) Will this functionality meet my requirement?
  2) To use this functionality, do I need structural authorisation or just non-structural authorisation?
  3) Should i use BADI "Authority Check" instead, to cater to my requirement?
  Many thanks for your advice in advance.
  Thank you,
  Ash

  What is an authorisation checks?
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
  ·        Starting SAP transactions (authorization object S_TCODE)
  ·        Starting reports (authorization object S_PROGRAM)
  ·        Calling RFC function modules (authorization object S_RFC)
  ·        Table maintenance with generic tools (S_TABU_DIS)
  How do we provide a basic authorisation check read for a employee? Could anyone help me with the path?
  Go to transaction PFCG and provide the role based authorization.

• Authorisation checks while calling SAPGUI.

  Hi All,
  I am analysing the authorisations required to call SAP GUI Script.
  Autho obj S_SCR with ACTVT 16, should be present in user's profle to successfully call the SAPGUI Script.
  However auth check will only be active sapgui/user_scripting_per_user to TRUE.we have set the parameter to TRUE and were expecting for SAPGUI Script call to fail because of above missing authorisation.
  However, as the SAPGUI Script was successfully called without access to S_SCR auth obj.
  (Trace shows a check and returns a code RC=12,  for obj S_SCR).
  Can someone provide me inputs on authorisation checks while calling SAPGUI.

  Additional authorization check of S_SCR through parameter : sapgui/user_scripting_per_user is available with below software versions :
  SAP GUI for Windows
  1- 6.40: Patch 22 and following
  2- 7.10 and following
  SAP System
  1 - 6.40: Kernel 6.40 patch level 159, support package SAPKB64020
  2 - 7.00: Kernel 7.00 patch level 87, support package SAPKB70011
  3 - 7.10 and following
  Just check the version of SAP GUI and let us know.

• Update infotype without authorisation check

  Hi, I have a requirement to update an infotype without authorisation check. Please let me know if there is any function module I can use to do that.
  Regards,
  Lanwu

  Hi,
  What is the functional requirement?
  Because basically it's the same as granting users extended authorization, but without the authorization to execute transaction pa## (except for pa20).
  This way, you prevent users from changing their own data. But when they use a program with FM hr_infotype_operations, they pass the checks.
  Kind regards, Rob Dielemans

• WBS release authorisation check

  Hi All
  My requirement is that for all users , having authorisation for cj20 transcation, should not have authorisation for wbs release expect for few.
  Please suggest.
  Regards,
  Vishal

  Dear Sir,
  Thanks for the reply.
  I agree with your answer.
  I have just one doubt
  How to provide user specific authorisation check at  "X" user status level.
  As per your earlier explation for this, User status profile has to be maintained.
  That is fine.
  What do we maintain in authorisation key.
  How is this authorision key linked to user status "X".
  Further how is  authorisation key maintained in authorization object B_USERSTAT .
  Please expalin this in detail for my convenience as I have never done user specific authorisation check at wbs user status level.
  Thanks in advance .
  Regards,
  Vishal

• How do I sign my VB / VS 2010 based shared COM add-in for Excel so it loads when the user has checked "Require application add-ins to be signed by a trusted publisher"?

  My COM add-in is developed using VS 2010 and VB. It's a shared COM add-in (not VSTO) and it works with Excel 2007 - 2013. My installer is signed with a code signing certificate but it would appear that my add-in's .dll should also be signed if the user has
  checked the "Require application add-ins to be signed by a trusted publisher" option.
  The "Sign the assembly" option is checked in my add-in's VB -> My Project -> Signing. I have a .snk file selected which I seem to recall generating 6 or 7 years ago when I ported the COM add-in from VB6 to .NET. 
  I have an up-to-date Comodo code signing certificate (a pfx file called MyCompanyCodeSigningCertificatePrivateKey.pfx) which I purchased to use with the installer and was wondering if and how I could use this.
  I tried selecting my pfx file in the My Project -> Signing -> "Choose a strong name key file" dialog. It made a copy of the pfx file in my project folder but when I tried to build the project, I got the following error:
  Error 1 Cannot import the following key file: MyCompanyCodeSigningCertificatePrivateKey.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the
  following key container name: VS_KEY_C0B6F251F0FB6016
  After a little research, I found out I might be able to use signtool to sign the dll in a post-build step.
  I added the following command to the post-build event, before the command I use to regasm the assembly.
  "path to signtool\signtool" sign /f "MyCompanyCodeSigningCertificatePrivateKey.pfx" /p "xxxx" /v "$(TargetPath)"
  When I built the project, the dll appeared to get signed (the output window showed a bunch of confirming text as well as "Successfully signed: c:\MyAddIn\bin\Release\MyAddIn.dll") but the next step in the post-build (regasm myaddin.dll /codebase)
  issued a warning RA0000 (see below) but reported "Types registered successfully".
  Here's the message I get from regasm, even though the output window says the dll was sucessfully signed:
  RegAsm : warning RA0000: Registering an unsigned assembly with /codebase can cause your assembly to interfere with other applications that may be installed on the same computer. The /codebase switch is intended to be used only with signed assemblies. Please give your assembly a strong name and re-register it.
  Types registered successfully
  I'm not using a shim if that makes a difference.
  How do I sign my add-in so it loads when the user has checked "Require application add-ins to be signed by a trusted publisher"?
  Any tips would be appreciated.

  Hello,
  Why do you need to use the regasm utility from the post-build action?
  There is a difference between signing the assembly with a strong name and digital signature. The
  How to: Sign an Assembly with a Strong Name article in MSDN explains how to sign an assembly with a strong name (.snk). See
  How to digitally sign a strong named assembly for adding a digital signature.
  You may also find the
  What's the Difference, Part Five: certificate signing vs strong naming article helpful.

• Error: SNAP_ADT does not exist in the database - manual check required

  Hello Friends,
  We are  performing an upgrade+migration to HDB using the DMO option(Oracle to HANA).
  We are getting below error in the phase MAIN_SHDCRE/SUBMOD_SHDDBCLONE/DBCLONE!
  Also find the output of SE11 & SE14 attached.
  SE14->
  Please help us with the manual check.
  Regards
  Sury

  Hi Sury,
  In regards to the error below:
  1EETGCLN Error: SNAP_ADT does not exist in the database -> manual check
  required
  1EETGCLN SNAP_ADT
  1EETGCLN Table does not exist
  Could you please try to activate the following tables via SE11?
  -  SNAP_ADT
  Once they are activated, Could you please repeat the phase and update the result?
  Thanks and Regards,
  James Wong
  Follow us:
  SAP System Upgrade & Update Troubleshooting Wiki Space.
  SAP Product Support Twitter  ( Hashtag: #NWUPGRADE)

• Check Required Elements and Attributes in JAXB

  Hi
  I need check required elements and attributes in JAXB java classes , if there are any value for them place it , otherwise place default value in xml file , because of it I upgrade JAXB2.0 to JAXB 2.1 to support "required" in "XmlElement" , I read in "JavaWS(JAXB)Tutorial.pdf" that JAXB itself check required elements and attributes , if there are any value for them place it , otherwise place default value in xml file , the exact part of document is :
  << A property is said to have a set value if that value was assigned to it during unmarshalling or by invoking its mutation method. The value of a property is
  its set value, if defined; otherwise, it is the property’s schema specified default value, if any; otherwise, it is the default initial value for the property’s base type as it would be assigned for an uninitialized field within a Java class. >>
  I want to know , dose JAXB do this task ? (now I work with JAXB2.1 but it doesnt do this task.Maybe I must set some configuration)
  and if JAXB doesnt do it , how I can check required elements and attributes in JAXB ?
  Please help me.
  Shariat

  its all on Apple's Developer site
  http://developer.apple.com/DOCUMENTATION/AppleApplications/Reference/FinalCutPro _XML/index.html

• I want to know about ATP check requirement .generally we assigned yes or no while creating sales order

  I want to know about ATP check requirement .generally we assigned yes or no while creating sales order what it means when we give Yes or No. how pegging flows
  Regards
  virender

  Virender,
  Can you be a bit more specific about ".....generally we assigned yes or no while creating sales order....."   Exactly what field(s) did you 'assign'?  Screenshots would be helpful.
  With respect to pegging; in general, ATP has very little to do with pegging.  Pegging is more of a planning concept, and not an 'availability checking' concept.  There are a few exceptions in APO, but they are not commonly implemented.
  Can you elaborate about exactly what you want to know with respect to 'pegging' and ATP?
  Best Regards,
  DB49

• Authorisation check for Object F_BL_BANK using transaction F110

  Hi
  Can you help me with transaction F110. The object F_BL_BANK has been linked on SU24 to transaction F110.  It has also been set for Check/maintain.
  There is no authorisation check for this object using F110.
  How can we resolve the issue.

  Hi
  We are on 4.6
  I linked the object but the program is not doing an authority check The F_BL_BANK object has the following linked to it
  .  .     .  Check          F_BKPF_BUP Accounting Document: Authorization for Posting Periods   
  .  .  .     Check/maintain F_BL_BANK  Authorization for House Banks and Payment Methods        
  .  .     .  Check          F_KNA1_APP Customer: Application Authorization                      
  .  .     .  Check          F_KNA1_BED Customer: Account Authorization                          
  .  .     .  Check          F_KNA1_BUK Customer: Authorization for Company Codes                
  .  .     .  Check          F_KNA1_GEN Customer: Central Data                                   
  .  .     .  Check          F_KNA1_GRP Customer: Account Group Authorization                    
  .  .     .  Check          F_LFA1_APP Vendor: Application Authorization                        
  .  .     .  Check          F_LFA1_BEK Vendor: Account Authorization                            
  .  .     .  Check          F_LFA1_BUK Vendor: Authorization for Company Codes                  
  .  .     .  Check          F_LFA1_GEN Vendor: Central Data                                     
  .  .     .  Check          F_LFA1_GRP Vendor: Account Group Authorization                      
  .  .     .  Check          F_PAYR_BUK Check Management: Action Authorization for Company Codes 
  .  .  .     Check/maintain F_REGU_BUK Automatic Payment: Activity Authorization for Company Code
  .  .  .     Check/maintain F_REGU_KOA Automatic Payment: Activity Authorization for Account Type
  .  .     .  Check          PLOG       Personnel Planning                                       
  .  .     .  Check          P_ABAP     HR: Reporting                                            
  Ther are more objects but these are the key ones The object also has a custom object in that was build by SAP called ZLSCH      Payment method  We want the system to do a check on the payment method

• Mov Type - Authorisation Check

  Hi Everybody
  I want to control my mov types thru the Authorisation check ie Suppose there is a Log in "x" , and I dont want to give hime  the Atuthorisation of mov type 551/552 under mb1a Tcode but rest all Mov types can be used by him .
  Pls advice how to go ahead for the same
  Rgds
  Manoj

  Manoj,
  This can be controlled by std authorisation object check. This will be given by basis in PFCG transaction. The setting in the relevant authorisation object example M_MSEG_BWA has to be provided.
  The movement type will appear as one of the parameters while a specific authorisation for a transaction is given. The movement type could be restricted here.
  Regards
  Ram