Mandatory Authorization object for the BO user
Dear All
I am facing some problem for the BO user.
can you let me know what are mandatory Authorization object for BO user to run the dashboard without error.
Fast reply appreciate.
Thanks
Haji
Dear All
i am working for Analysis Authorization.
i included Analysis Authorisation object to the user.
S_RS_AUTH BI Analysis Authorizations in Role.
when i checked in the BW side its working fine.
when i checked the user in the BO side.
filter values are coming correct, but the values in the column are not showing.
its throwing an error.
kindly help me to solve this issue.
Thanks
Haji
Similar Messages
-
Authorization object for the "global settings" of a workbook of BW 7.0
Hi colleagues,
I search for a authorization object for the "global settings" of a workbook in the analyzer of BW 7.0.
The normal user should not have the authorization to change the "default workbook" .Hello Hans-Dieter,
have you solved the issue? I think it is not clearly defined and needs to be enhanced even Note 332738 has been applied. S_RS_TOOLS is not working, that's my opinion.
I opened a customer message in Marketplace to become a solution.
May be you have a solution already done?
I would appreciate this very much.
Best regards
André
Edited by: Andre Brachert on Apr 14, 2009 1:42 PM -
Authorization object for PLANNING PLANT
Hi all,
My client has different Planning plant & Production plant.
If I need to give access to GR for order (MB31), how do I know the authorization object for the Planning plant.
User should be given access to MB31 to the Planning plant & NOT to the Production plannt.
Any idea where we could find the authoriz. objects for a particular field?
Pls advise.Goods Receipt for Production Order: Movement Type M_MSEG_BWF
Goods Receipt for Production Order: Plant M_MSEG_WWF
these are the authorisation objects with activities as ACTVT and WERKS
Maintaine the values for ACTVT as
01 Create or generate,
02 Change
03 Display
04 Print, edit messages
and maintaine the values WERKS (ur plants 4 which u want to give authorisations)
and BWAR ( movement types 4 which u want to give authorisations) -
Authorization Object for Material Type
Hi All,
Is it possible to restrict the user from creating the material master based on Material Type. If yes then what is the authorization object for the same.
Regards
MahendraDear Mahendra,
You can definitely restrict a end-user to only particular Material Type thru Authorizations.
Authorization Object: M_MATE_MAR
This can be done thru authorization management. Consult your Basis person or follow this:
SU01 - Enter the user Id & select display button. Now click on the Roles Tab & note down the role assigned to this user Id.
Go to T-Code - PFCG - enter the Role name & select the change icon.
Click on the Authorizations tab page. & then Click on Change Authorization Data.
Now expand the menu tree of Materials Management: Master Data & further expand the menu tree of Material Master: Material Types. Now click on the change icon next to Authorization Group & select the required Material Type that you want to authorize the end-user.
This is how you can give authorizations only for a particular Material Type.
Hope this helps.. .
Give point if useful...
Thanks,
Jignesh Mehta
Mumbai -
Authorization Object For Activate Reservation/Purchase Req - IW31
Hi,
I want to authorize only certain users to use button "Activate Reservation/Purchase Req" IW31 transaction. What is the Authorization Object for the above mentioned button, if any. Is there any other way that i can do this activity in customizing? I am using ECC 6.0
We find that activating the objects below (suggests- SU24)
M_BANF_BSA
M_BANF_EKG
M_BANF_EKO
M_BANF_WRK
allowed in IW31, that 'not-authorized-users' would not be able to create purchase requistions. therefore: no material procurement.
But for reservations, we didn´t find the object in IW31.
Thanks and regards
Gabriel.
Edited by: Gabriel_Fornazier on Dec 31, 2010 12:16 PMOlá Michely
Segundo a SAP não existe objeto de autorização em BASIS para restringir por usuário o botão da transação IW31 que eu precisava(Ativar Reserv./Req. de Compra). Portanto segundo a SAP, poderia usar a ampliação IWO10006 para resolver isso.
E foi o que fiz. Primeiramente criei manualmente um objeto de autorização 'Z' dummy, para atribuir a um usuário que não quero que enxergue o botão. 'DISP' o nome do botão(dar F1 no mesmo) que desejo esconder.
Posteriormete na EXIT desenvolvi o seguinte código para esconder o botão:
AUTHORITY-CHECK OBJECT 'Z_VORG_ORD'
ID 'ZBETRVORG' DUMMY.
IF SY-SUBRC EQ 0.
FCODE_EXC_CUST-FCODE = 'DISP'.
APPEND FCODE_EXC_CUST.
ENDIF.
Portanto, todo usuario que tiver aquele objeto de autorização ''Z'' no seu perfil não vai exergar o botão Reserv./Req. de Compra.
Essa é a melhor solução do que usar objetos de autorização de outras transações.
Espero ter ajudado
abraços,
Gabriel M. Fornazier
SAP FI Certified Professional
Minas Gerais - Brasil -
Authorization object for vL02N
Hi,
I need the Authorization object for the VL02N.
My requirement is i need to give authorization for doing PGI in VL02N screen,but the user can only generate the VL02N(no change or modification). How can i control this?
pls adviceHi,
The authorisation object is:V_LIKP_VST
First Goto T.Code:SUIM
Check the role used for this T.Code:VL02N.I identified the role as "SAP_LE_GOODS_ISSUE_DELIVERY".
Next goto T.Code:PFCG.
Enter this role here.Click on Display.
Goto Authorisations tab.
Click on Display Authorisation data.
Goto Utilities-->Technical names on(if it is available else leave it).
Regrads,
Krishna. -
Authorization object for ML81N
Hi
I am trying to know what is the authorization object that controls :
when going to transaction ML81N and you click on the colorful icon on the right (configuration) it opens the table settings window
what is the authorization object for the administrator button
regardswell.......to be honest, i did my research based on some intuition and some research
I know that the settings could be changed not only for the transaction you mentioned, but i remember that i was taught that this could be changed for Sales order transactions too, which suggests that this is not bound to a specific transaction but more on a "generic plane"
whenver it is system wide settings, the first think i check for (just a habit) is on S_ADMI_FCD, earlier experiences taught me a lot on the importance of this object, make sure that you never have a * for this object (at least that is my personal learning and opinion)
Good luck for the future -
Hi,
I am looking for the concrete BW's dictionary-/ metadatatable(s)
which contain/describe the
Mapping of the (old,3.5.) Authorization Object to the (Auth.relevant) InfoObject
of the transaction "RSSM-Authorization for Reporting"
For example:
I got 3.5 Auth.Object ZCOMP_CODE and want to know to which (Auth.relevant) InfoObject
this is mapped, basically what's in the usage of this Authorization Object.
ThanXs
MartinHi,
As of now, your authorizations still in 3.x. so please check the below tables.
RSSBAUTHGEN - it holds info provider and authorization object
RSSBAUTHGENERATD - it have user name and info provider
RSSBAUTHTRACE
RSSBAUTHTRUSER
RSSBAUTVAL
RSSAUTHHIER
RSSAUTHHIERNODE
Coming to 7.x , Above mentioned T code kumar is enough to handle authorization concepts.
There is best document about 3.x and 7.x comparison on Google.
please search for it by using search term "An Expert Guide to new SAP BW Security Features"
Written by Marc Bernard
Thanks -
Authorization key for the user profile
In SAP, there is a provision where we can create the authorization key and assign this key to the various user statuses in the user status profile.
The application is that when the user status is changed from one to other and if to the user status, the authorisation key is assigned then the authorised person should be only able to change the status.
But my query is that i have not come across any customization where a SAP user can be assigned to the auth. key so that he can only change the user status.
Can anybody let me know that whatever i understood, is it correct? And if yes, let me know where to assign the user to the authorisation key?
ThanksHi Iyer ,
Please see the below,if it solves your requirement
M/CS Autorisation Objects
SAP Standard Authorisation Objects:
I_ALM_ME: Mobile Asset Management (ACTVT)
I_AUART: Order Type (IWERK, AUFART)
I_BEGRP: Authorization Group (TCD, BEGRP)
I_BETRVORG: Business Operation (BETRVORG)
I_CCM_ACT: Configuration Control authorization object (CCACT, ACTVT)
I_CCM_STRC: Structure gap maintenance authority (ACTVT)
I_ILOA: Change location and accounting data in order (IWERK, AUFART)
I_INGRP: Maintenance Planner Group (TCD, IWERK, INGRP)
I_IWERK: Maintenance Planning Plant (TCD, IWERK)
I_KOSTL: Cost Centres (TCD, KOKRS, KOSTL)
I_QMEL: Notification Types (TCD, QMART)
I_ROUT: Task List (ACTVT)
I_ROUT1: Task Lists by PM Planning Plant, Work Sched., Status (TCD, IWERK, VAGRP, STATU)
I_SOGEN: Permit (SWERK, PMSOG)
I_SWERK: Maintenance Plant (TCD, SWERK)
I_TCODE: Transaction Code (TCD)
I_VORG_MEL: Business Operation for Notifications (QMART, BETRVORG)
I_VORG_MP: Business Operation for Maintenance Planning (MPTYP, BETRVORG)
I_VORG_ORD: Business Operation for Orders (AUFART, BETRVORG)
I_WPS_MEB: Maintenance Event Builder (DIWPSMEBAR)
I_WPS_REV: Revision authorization object (REVTY, ARBPL, WERKS, WPS_REV_AC)
S_NUMBER: Number Range Maintenance (NROBJ, ACTVT)
C_TCLA_BKA: Authorization for Class Types (KLART)
*Authorisation Tables:*
TOBJ: Authorisation objects
TOBJT: Authorisation object texts
AGR_1250: Authorisation object assigned to role
AGR_USERS: Users assigned to a role
AGR_TCODES: Assignment of roles to Tcodes
Authorisation Objects for System-Statuses:
Order: I_VORG_ORD (AUFART, BETRVORG)
(REL = BFRE, TECO = BTAB, delete component = RMKL)
Notification: I_VORG_MEL (QMART, BETRVORG (NOPR = PMM2, NOCO = PMM4))
Maint. plan: I_VORG_MP (MPTYP, BETRVORG)
User-Exits:
CPAU0001: Enhancement for Authorization Check in Task Lists
IMRC0005: Measure point: Exit in AUTHORITY_CHECK_IMPT
IWOC0003: PM/SM authorization check of ref. object and planner group
QQMA0026: PM/SM: Auth. check when accessing notification transaction
QQMA0030: Check validity of status change
BADIs:
DIP_SET_USERSETTINGS: Initial Object Check in DP Processor
INST_AUTHORITY_CHECK: PM/CS Enhanced Authorization Checks
IWO1_ORDER_BADI: Maintenance, Service, and Refurbishment Order
NOTIF_AUTHORITY_01: Additional Authorization Checks for the Notification
WORKORDER_GOODSMVT: PM/PP/PS/PI orders: auto. goods movement
Authorisation Groups:
These can be created via TCode SM30 and table T370B. They can then be assigned to the following objects:
a. Equipment (IE02)
b. Functional Locations (IL02)
c. Maintenance plans (IP02)
d. Entry List for Measurement Documents (IK32)
e. Object links (IN05, IN08)
f. User-statuses
Authorisation Debugging:
TCode SU53: Evaluate Authorization Check -
Authorization Object for "Install" button in the Business Content
Hi..
Is there an Authorization Object which controls the "Install" button in the
RSA1 -> Business Content tab
I want to restrict developers to Install business content in BW Quality client and BW Production client.
If a developer clicks the "Install" button, in the Business Content, it should say, "You do not have authorization for the Administrator Workbench Object".
Is there any Authorization Object for this?
Thanks,
Sai.Its better you go for SE16 and type table name TOBJT, and try to serach for required auth object.
-
Authorization object for Object services
Hello together,
I want to know if there is an authorization object for Generic object services functionilty especially the WF options like WF overview, start WF, Archieve WF..............................
My understanding is any user who has access to a particular Business object, can user GOS to view WF stuff..................Is my understanding correct or should we have extra functions.....................
RegardsCheck authorization objects S_OC_ROLE and, for recent releases, S_GOS_ATT.
Regards,
Raymond -
Authorization object for plant on selection-screen
Hi All,
I need to cehck the authorization object for plant on sleection screen..the palnt is select-options.
I have written the code
Declaration of local constants.
CONSTANTS : lc_i(1) TYPE c VALUE 'I',
lc_eq(2) TYPE c VALUE 'EQ'.
REFRESH : r_werks.
LOOP AT s_werks.
IF s_werks-low IS NOT INITIAL.
AUTHORITY-CHECK OBJECT 'M_MATE_WRK' "Check if the user has autorization for the plant.
ID 'ACTVT' FIELD '03'
ID 'WERKS' FIELD s_werks-low.
IF sy-subrc NE 0.
r_werks-sign = lc_i.
r_werks-option = lc_eq.
r_werks-low = s_werks-low.
APPEND r_werks.
ENDIF.
ENDIF.
ENDLOOP.
LOOP AT s_werks.
IF s_werks-high IS NOT INITIAL.
AUTHORITY-CHECK OBJECT 'M_MATE_WRK' "Check if the user has autorization for the plant.
ID 'ACTVT' FIELD '03'
ID 'WERKS' FIELD s_werks-high.
IF sy-subrc NE 0.
r_werks-sign = lc_i.
r_werks-option = lc_eq.
r_werks-low = s_werks-high.
APPEND r_werks.
ENDIF.
ENDIF.
ENDLOOP.
My doubt is will the authorization will check the plants in between 1001 and 2001..suppose i have pplants 1001,1002,1003,1004,2001..Now will the above code will check for all the plants or only 1001 and 2001 if i specify in the select-options.
Regards,
rajHi Raj
First no need to LOOP AT s_werks and check s_werks-high as it will always be present only once in the table s_werks.
Do this
SELECT werks FROM t001w INTO li_werks
WHERE werks IN s_werks.
LOOP AT li_werks.
*check your authority thing here and fill the range
ENDLOOP.
Pushpraj -
Authorization Object for Marketing Attributes
Hi Experts,
We are working with CRM 2007 and use in BP Marketing Attributes. Does someone know if there are any authorization objects for Marketing Attributes? We would like to restrict some of users to see some Attribute sets!
Thank you in advance,
RoulaHi Roula,
Thank you so much for awarding points.
Please note that in Transaction PFCG you have to assign the appropriate three digit attribute set key under the authorization group BGKRL to the authorization object C_KLAH_BKL for assigning attribute sets and to the authorization object C_KLAH_BKP for editing attribute sets.
Please have a look at the Note in the bottom of the page at the following link for further information.
http://help.sap.com/saphelp_crm60/helpdata/en/46/3517cc86e01421e10000000a1553f6/frameset.htm
Regards,
Deepak -
Authorization Object for Storage Type
Hi Experts,
We want to restrict the goods movement based on storage type. Does anybody know what authorization object we can use to implement that?
Any help is greatly appreciated.
Thanks,
KhanHi,
At PFCG, go to authorization profile you want to restrict, look for M_MSEG_LGO Authorization Object, at the storage location field assign it. If you only want to restrict it for few user use, remove those from unauthorized user profile.
Hope it might help. -
Authorization objects for transaction, one to view, and one to maintain
Hi all,
My requrement is to create two authorization objects for transaction, one to view, and one to maintain.
I know how to create objetcs vai sm21, but i donot know how to crate objects with activity codes.
Please suggest how to create object where i can asign activity codes.
regards
manishThe Authorization Concept
R/3 uses authorization objects to assign authorizations to users. An authorization object is a template for an authorization. For example, authorization object F_SKA1_BUK - G/L Account: Authorization for company codes requires the specification of two field values: Company Code and Activity. To allow a General Ledger supervisor to create a general ledger master record, he/she must be assigned an authorization to create (Activity 1) accounts for a specific company code (eg. Company Code 2000). Such an authorization is created using the object F_SKA1_BUK by assigning these field values and naming the authorization following an appropriate convention (eg. Z_SCC20001).
Authorizations may be classified as general authorizations, organizational authorizations or functional authorizations. General authorizations specify the functions a user may perform. Authorization object F_SKA1_BUK has been assigned to the function for creating general ledger master records. The system checks for the useru2019s authorization to create general ledger accounts (Activity 1) in at least one company code. The system then checks whether the user is permitted to create accounts for the specified organizational unit (company code) and has the required functional authorizations. Authorizations in this case may restrict the user to certain Charts of Accounts. In addition, an authorization group may be defined in certain authorization objects to protect individual master records.
Profiles relating to an organizational role (eg. General Ledger Supervisor) are defined consisting of a list of authorizations and other profiles. Such profiles are then assigned to users with that role and stored in their user master record along with other data (eg. password).
Do check this link as well.
http://articles.techrepublic.com.com/5100-10878_11-5110893.html
Maybe you are looking for
-
How to build a BIG TREE with Tree-Form layout
Hi, I do have a self-referenced table with our org structure - 15 000 positions. I do want to create a tree with this structure. Requirements : a, to have a tree-form layout b, to have search capabilities I have tried to use several combinations (may
-
Have my MacBook Pro plugged into a monitor and also using a wireless keyboard. I want to close the MacBook but every time I do the monitor turns off - is there a way to avoid this?
-
I'm trying to get Extensions Panel for CC but I only find for CS5. I want to get the Russel Brown Paper Texture plug-in. I am subscribed to CC for Lightroom and Photoshop.
-
I cannot even scale a basic logo forms without the shape widths changing all different. Yes, I restarted the program and restarted my computer. what is going on? something that should take me 2 seconds Ive been spending an hour trying to resolve the
-
JDeveloper 10.1.3. java.security.PrivilegedActionException calling OC4J WS
I'm using JDeveloper 10.1.3 I've created a Web Service from a PL/SQL function using JDeveloper. The Web Service is running within the embedded OC4J app server. I can (using provided URL) open a browser and invoke the WS correctly. I've built a Web Se