Maintain Authorization Field in SAP ECC6.0

Similar Messages

• Publishing a WebService in SAP ECC6.0

  Hello Everyone,
  I published a WebService in SAP ECC6.0 using a Remote enabled function module which has one input field and one output field. After publishing that in WSADMIN transaction when i give the URL in the browser the XML format has the Root node as function module name,internal table name as child node and the 2 fields of the function module as child node to internal table name. The issue is PeopleSoft team are not able to ping the 2 fields as they are in the 3rd level in XML file.
  Could you please let me know if there any solution to have those 2 fields under the Function Module name so that they can directly ping the root node to interact with the fields.Thanks in advance.
  Goutham

  Hello,
  Does anyone know how to maintain Authorization Field in SAP ECC6.0?
  Many thanks
  Sunny

• How to maintain the fields mandatory in Opportunity and quotation SAP CRM?

  Hello All,
  I have the following two requirements :
  1.Need to mark the fields as mandatory in SAP CRM Opportunity (description,sales prospect,phase,status,opportunity group,origin
  ,product(description,quantity,expected total value) ,Milestones(Start date and end date),Organization.
  2.Also the fields in SAP CRM Quotation ( Prodcut,Usage,Project Manager ITS (an Employee) and Capitalization ( our Z-customer field)
  How to achieve this ? Is this can be done through pure customization in SAP CRM or any developers work involves? We are using SAP CRM 4.0 .
  Pls  provide the solution at the earliest .
  Cheers
  Sreedhar

  Some can be done thru customazing in spro>crm>basic settings>incompleteness>Define Incompleteness Procedures. For more enhanced functionality you can use also badi under spro>crm>basic settings>incompleteness>Business Add-In for Incompleteness Check in Business Transac.
  To define incompleteness for exampla for SAP CRM Opportunity - description, do the following in spro>crm>basic settings>incompleteness>Define Incompleteness Procedures:
  - create new incompletenes group: e.g. ZOPP
  - assign this group to your opportunity transaction type
  - define incompleteness procedure:
       - object type: ORDERADM_H
       - field name: DESCRIPTION
       - relavance: HEADER
       - message: ERROR
  - define determination
  Regards.

• How  to  create an infotype in sap ecc6.0 ?

  Hi all,
  I know i how to create an infotype   in   sap 4.7, but i am facing the problem while
  creating an infotype in sap ecc6.0 version. could u plz provide me  the info with screen shots how to create an infotype and how to enhace that infotype ?
  Waiting for u r response.
  Regards,
  Ravi

  Hi ,
  To create OM infotype:
  1. Go to SE11 and create a structure HRI9XXX (9XXX --> name of the infotype). Add the required fields to this structure and save and activate. then come out of it.
  2. Go to PPCI and enter Infotype number (9XXX) and description.
  3. Click create.
  4. In the infotype category select details for the infotype.
  5. Click create button. It should create the infotype.
  6. Click on Check. A window with menu will open.
  7. In that window navigate to Table Entries.
  8. Under table Entries, select T777I and click on change.
  9. It opens SM30. Click on Maintain.
  10. Select the infotype and add information for "Time Constraint" and "Infotype Per Object Type".
  11. Save.
  12. Go back to check menu, see if all entries exist. Do not worry last 5 table entries. And you are done

• How to add authorization field to a standard authorization object

  Hi All,
  I'm trying to limit user to can only create & change X type of order type in PM module. This can be fullfill by creating suer with assigned role with only allow X type of order type.
  But when I assigned a display role which has authorization to display all order type (maintained as authorization object), now my user can create and change all order type.
  How to limit user to can only create & change X order type and only display the rest of order type?
  I assume by adding authorization field: AUFART(order type) in authorization object: I_TCODE will solve the problem, is it right? and is it possible to do that?
  regards,
  Andre

  Hi,
  your assumption is incorrect. First of all, adding a new field to standard authorization object is a bad idea. You would have to modify all checks for that object. For standard SAP object it means that you would have to modify many SAP programs.
  The authorization object I_TCODE is checked in PM transactions. It gives you authorization to run that transactions. That object can't be used to limit what you do in that transaction or what order type you can process. You are looking for some other authorization object(s). You need to go to SU24 which gives you what authorization objects are checked in particular transaction. It does not have to cover all objects but it's a good starting point.
  Cheers

• Additional field in SAP Query

  This problem is about sap query. I have created an additional field in an infoset. The initial header text of this additional field is english. Then I created a query which use the additional field as an output field. If I use this query in other language, however the additional field header remains english. How can I maintain addtional field header to support mutil-language?
  Thanks in advance!
  --Alex Miao

  Hi Alex
  Please see if below example helps you to understand:
  Supposing, we are displaying material description within our query.
  1. So we define the join with MARA & MAKT while creating infoset in transaction SQ02.
  2. We create feild groups to identify the fiels we use for selection and display.
  3. Here after selecting language key from MAKT, by default this will take SY-LANGU always for the case.
  4. To make it applicable for different languages we can code in INITIALIZATION Event.
  5. To do so we can do it by two options: Use menupath: Goto->Code->Initialization
  i) First option using variable: <b>MAKT-SPRAS = SY-LANGU.</b>.
  ii) Second option using Parameter-Id: <b>SET PARAMETER ID 'SPR' FIELD SY-LANGU</b>.
  6. Save & Generate.
  Now when we execute the query, we are defaulting the language as System Language.
  Hope the above info helps you for better understanding.
  Kind Regards
  Eswar

• SAP PI7.11 adapter RFC sender issue after migrating to SAP ECC6

  Hi,
  After the migration of our backend from SAP 4.700 x 200 to SAP ECC6 unicode (kernel 7.20)), we have a issue of connexion to our SAP PI 7.11.
  A part of the field in ECC6 are not well mapped by the abapter sender RFC to the xml in PI.
  I join a screen shot what I have in SAP ECC6 (inquiryECC6.jpg) and the result in SAP PI 7.11in xml format ofcourse (Inquiryxml.jpg).
  Is there someone who can help me?
  Regards.
  Eric Koralewski

  In SM59, there is a new tab <unicode>.
  In that tab, I checked the unicode checkbox  and that's ok.
  Regards

• Add new fields in SAP transaction IW22

  Hello,
  I want to add 2 new fields in SAP standard transaction IW22. I checked the package for this transaction and it is IWOC. I searched the exits for package IWOC but was not able to find any screen exits for it.
  Kindly help me on how I should proceed with it.
  Regards,
  Parag

  Please check these
  User exit/ Business Add-in              Description
  User exit
  IWO10026                                User check on setting status 'Do not perform'
  IWO10027                                User exit: Generate user-defined settlement rule
  IWOC0001                                Create PM/SM notification: Determine reference object
  IWOC0002                                PM/SM notification: Check whether status change is allowed
  IWOC0003                                PM/SM authorization check of ref. object and planner group
  IWOC0004                                Change single-level list editing PM/QM/SM ALV settings
  Business Add-in
  IQS_MASS_CHANGE                         BadI for Mass Changes to Notifications
  IQS0_STATUS_MAINTAIN                    Control of Changeability of User Status
  NOTIF_AUTHORITY_01                      Additional Authorization Checks for the Notification
  WOC_FL_DETERMINE                        Determine Date for Determining Installation Loc. Equi.
  IWOC_OBJECTINFO_CHNG                    Changes to Data of Object Info Screen
  IWOC_LIST_TUNING                        Performance Tuning for Lists in PM/CS
  IWO1_SUBSCREEN_0170                     Display Additional Data on Object Screen 0170 PhysicalSample

• Saving customer fields to SAP table (EXIT_SAPMM06E_012)

  Hi All,
  I would like to ask you guys a bit of a help with a user exit that I am working on as of the moment.
  I am coding a user exit for a service purchase order (ekpo-knttp = 'K' and ekpo-pstyp = 'D') this is a service purchase order of cost centre category.
  Since SAP does not allow the goods recipient (ekkn-wempf) to be modified for reasons specified in SAP Note 118008. I have used user exit MM06E005 FMs EXIT_SAPMM06E_017, EXIT_SAPMM06E_016 to the data in PBO and PAI for the transaction.
  Now I tried using the two FMs EXIT_SAPMM06E_018 and EXIT_SAPMM06E_012 to pass this value to the table but it does not seem to get saved in table EKKN.
  Using FM EXIT_SAPMM06E_018  the I have maintained the structure CI_EKPODB to include WEMPF and after debugging passing that user exit area the wempf is being tranfered to global data but this does not get saved in EKKN table (EKKN-WEMPF).
  Although this is outside of the standard best practice of SAP since the account assingment belongs to the limits or the service line for service order but maintaining this recipient field for the PO item does not impact our system processes as the business acknolwedges goods recipient for service PO.
  BADI ME_PROCESS_PO_CUST has also been implemented under method PROCESS_ACCOUNT invoking the interface IF_PURCHASE_ORDER_ACCOUNT_MM but unsucessful in the operation.
  If anyone of you guys has encoutered same scenario or implementation requirement please do give information on this or work-arounds are well appreciated as well.
  Cheers,
  Erwin

  Hi,
  We have worked on a similar requirement ,just check if its useful to you.
  Requirement:
                       You have to add the custom field in SAP standard table EKKO. Then we have to place the field in ME21N screen. When user enters any input into the field it should get updated in the database.
  Note:
                       EKKO table is meant for Purchasing document header, you should add the field in the header level for ME21n screen. There you are provided with customer sub screens where you can add the field in the screen.
  Procedure:
  1You have to create a field in the Custom Include of standard table, after creating activate it.
  2.Double click on the include then you can add your custom field here.
  Find out the Required Enhancements:
  1.Go to SMOD. Press F4 in the Enhancement field. In the next popup window, click pushbutton u2018Information systemu2019.
  2.Then mention the particular package name of the transaction you need to      enhance. Then you will be shown the list of Enhancement components for that particular package.
  3.Note down the enhancements. Then, come to the initial screen of SMOD and view the documentation of each enhancement to find out which one is required for your development.
  MM06E005 is the Enhancement component we are using here.
  Development
  Creating a Project to include the enhancement:
  1.Go to transaction CMOD and create a project.
  2.Enter a description for the project.
  3.Then, click on the pushbutton u2018Enhancement Assignmentsu2019 in the Application Toolbar.
  4.Click on the components in Application Toolbar.
  5.Here you will be shown the function module exits, screen exits and Include tables.
  6.Click on the custom screen SAPLXMO6 u2013 0101 in which it suits the requirement of adding the custom field to the layout
  7.Click on layout and go to get from dictionary and select the field you need to add and click ok.
  8.Place the field in the layout and activate it.
  9.After that you come back and check the respective function module in which you need to implement the code. So, we need to import the data from sub screen for purchasing document header. Therefore we have chosen  the  EXIT_SAPMM06E_008.
  10. Write code in the Function Exits to synchronize the programs:
                     Now, code has to be written in the function modules EXIT_SAPMM06E_008 so that data flows to and fro between the main SAP program and custom sub screen program. Double clicking on the exit we get the following screen.
  11. Double click on the include and write the required code inside it. Then activate it.
  TABLES:EKKOIF NOT EKKO_ZADD IS INITIAL.
  MOVE EKKO-ZADD  to e_ci_ekko-zadd.
  move corresponding  e_ci_ekko to ekko.
  modiky ekko  from ekko.
  12. Now come back and activate the entire project.
  13. Now go to ME21n transaction and create a purchase order by giving all the mandatory fields including custom field we have created. Here Test is the custom field we have created. After entering the data then press SAVE button, your data will be populated to the respective table.
  14. Go to SE11 or SE16n, check whether the field got updated in the database or  not in EKKO table.
  Thanks,Surya Pydikondala.
        Finally it gets updated in the database.

• Mapping HTML fields to SAP Fields in OCI

  Hi Gurus,
  I am currently working on the Punchout Catalog Functionality. For mapping the HTML fields to SAP Fields, i am not getting the main node "Interface for Procurement using Catalogs".
  Is there any settings to be made or any report/program needs to be run to enable this main node?. please advice regarding this.Thanks.
  With Regards,
  Saakithyan

  Hello,
  You will need to maintain a field link to transfer the imported fields to SAP internal fields. This can be done in customizing as following IMG point (under Plant Maintenance and Customer Service - Maintenance Plans, Work Centers, Task Lists and PRTs - Task Lists) :                                                            
                > Interface for Procurement Using Catalogs (OCI)        
                  (/) Convert HTML fields to SAP fields                                                                               
  Please review this again.  
  Regards Gabor

• How to check and maintain authorization objects

  Hi  Alll            
  Let me knowhow to check and maintain authorization objects  in SU24 ECC 6.0.
  Thanks
  sathies

  Hi Sathies,
  the old check flags
  U
  Unmaintained
  No indicator set. The check for corresponding authorization object is always executed. Field values are not displayed in the Profile Generator.
  N
  No check
  Check disabled. Field values are not displayed in the Profile Generator. This indicator cannot be set for HR and Basis authorization objects.
  C
  Check
  Check always executed. Field values are not displayed in the Profile Generator. For example: Printer authorizations.
  CM
  Check/maintain
  Check always executed. Field values are displayed for changing in the Profile Generator (yellow light).
  Have been divided now in
  Checkindicator : Check/NoCheck
  and
  Proposal: Yes/No.
  If defaults=yes, then you can modify them after clicking on the apropriate button.
  Please refer to the online help for SU24 too.
  Although the look of su24 has been changed significantly, the technique behind it is still the same.
  Once you have pressed the 'edit'-button on the top left corner, additional editing options will appear in the right-top-frame.
  b.rgds,
  Bernhard

• Authorization object with no authorization field

  Hi Experts,
  I have created authorization object with no field checking.
  This is possible? Because i want to create this auth object for conversion only, and its not needed field checking.
  Please advice.

  Hi
  See this and do accordingly
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
  If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
  This means you have to allocate an authorization object in the definition of the transaction.
  For example:
  program an AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT <authorization object>
  ID <authority field 1> FIELD <field value 1>.
  ID <authority field 2> FIELD <field value 2>.
  ID <authority-field n> FIELD <field value n>.
  The OBJECT parameter specifies the authorization object.
  The ID parameter specifies an authorization field (in the authorization object).
  The FIELD parameter specifies a value for the authorization field.
  The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
  You program the authorization check using the ABAP statement AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
  ID 'ACTVT' FIELD '02'
  ID 'CUSTTYPE' FIELD 'B'.
  IF SY-SUBRC <> 0.
  MESSAGE E...
  ENDIF.
  'S_TRVL_BKS' is a auth. object
  ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
  The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
  This Authorization concept is somewhat linked with BASIS people.
  As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a  profile and that profile in turn attached to a particular user.
  Take the help of the basis Guy and create and use.
  Regards
  Anji

• Significance of "Change"- "unchanged" and "New" - "Old" statuses during maintain authorization?

  Hi all, I am new in SAP Security/GRC and I need help: What does it mean to see the statuses "changed" and "New" on the 'maintain Authorization' page ? I learnt there are actions one must perform to change the 'Change' status into "unchanged' and also integrate the "New" transactions with the "old". Could anyone explain please?
  Thanks

  Hi Divyanshu  the reference was helpful in explaining what will happen if new transactions are added or old ones removed without following appropriate maintenance procedures.
  What I learnt from the discussions in that reference is that if for example, we delete a transaction and fail to carryout the maintenance tasks as required, the transaction really doesn't get deleted as it still shows up the next time we log in. Or that the new transactions added may not pass the authority checks of S_T CODE, This is because any changes made to the menu transactions takes off the S_T CODE object from its 'standard' and 'unchanged' statuses to the 'changed' status. 
  Once the S_T CODE object gets into CHANGED status, transaction deletions made in the menu path DO NOT overwrite the transaction values in S_T CODE.  The transaction doesn't exist in the menu, but can be called because it still exists in S_T CODE (a possible risk source!!).
  So to fix the problem, always check to see that S_T CODE is in STANDARD status when deleting existing or adding new transactions by performing the actions I listed in my second comment.
   Once again, Thanks for your time. 

• MAximum number of authorization fields in an authority object

  What is the maximum number of authorization object in an authority object ?

  An authorization object comprises up to 10 authorization fields.
  Read [AUTHORITY-CHECK|http://help.sap.com/abapdocu_70/en/ABAPAUTHORITY-CHECK.htm], look also at [SU21|http://help.sap.com/abapdocu_70/en/ABENBC_AUTHORITY_CHECK.htm] transaction screen.
  Regards,
  Raymond

• Authorization Field

  Hi All,
  I have a problem regarding Authorization Field in Role assignment.I need to know whether if we add a Authorization Field to a Authorization Object will affect the standard customization of the object.Next one is that how can we add a authorization field? i am not able to add the field to a Profit center accounting object K_KA_RPT.I want to make a authorization check with the controlling area for these reports so tried to add controlling area(KOKRS) to this object.i have a manual version for this object created and trying to add it in that.will it affect the standard customization of that object K_KA_RPT??
  very urgent.
  Regards
  Andrew

  Hi Andrew,
  Using transaction SU21 (List of authorization fields) you can display the details for AUTH field PPFCODE. If you push the button Input Help (Shift+F4) you will get all 33 possible values (Note: my system is ECC 5.0).
  A very handy function module for your purpose is SUSR_AUTF_GET_F4_HELP. Simply call the function module with your AUTH field and it displays all search help values. There you should find a programmatic way to determine AUTH field values.
  Go through this to understand the authorization concept completely
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
  If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
  This means you have to allocate an authorization object in the definition of the transaction.
  For example:
  program an AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT <authorization object>
  ID <authority field 1> FIELD <field value 1>.
  ID <authority field 2> FIELD <field value 2>.
  ID <authority-field n> FIELD <field value n>.
  The OBJECT parameter specifies the authorization object.
  The ID parameter specifies an authorization field (in the authorization object).
  The FIELD parameter specifies a value for the authorization field.
  The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
  You program the authorization check using the ABAP statement AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
  ID 'ACTVT' FIELD '02'
  ID 'CUSTTYPE' FIELD 'B'.
  IF SY-SUBRC <> 0.
  MESSAGE E...
  ENDIF.
  'S_TRVL_BKS' is a auth. object
  ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
  The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
  This Authorization concept is somewhat linked with BASIS people.
  As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
  Reward if helpful.
  Regards,
  Harini.S