MD61 -Authorization control for Version , requirements type -reg
Hi,
We have an issue in providing MD61 -Create Planned Independent Requirements to the users
By standard authorization objects available , Plant level authorization control only is there
if we have to give authorization for many users in the same plant based on teh VERSION , REQUIREMENTS TYPE etc... is it not possible ?
can the authorizations objects be created manually for these and assign to teh concerned user's roles ?
please provide your thoughts
regards,
madhukiran.
Dear Madhu,
Authorization objects can be added for an individual T Code also in SU24.
Check with your Basis consultant,Also i think its possible to give the authorization for versions as well
as requirement type also.
Regards
Mangalraj.S
Similar Messages
-
Authorization control for actual price calculation
Dear all,
I found that there is no authorization control for actual price calculation(KSII), this means user can calculate actual price for all cost centers, even this cost center belongs to other company. Is there a way to control this?
Thanks,
BenHi Ben,
By SAP standard we do not have the control. we also have the same situation. We are venturing in to Realisation phase and we decided to have some kind of program (development) to control this.
Please let me know if you find some better solution
Best Regards
Surya -
Authorization object for manual condition type in sale order
Hi experts
I want ask them, If exist an authorization object for manual Condition type (KOMV-KSCHL) in the sales order (VA01/VA02), that the user don' t can create neither modify the sale orden with a specific manual condition type (payment term) by stardard way.
Best regards
John AnguloHI John,
I would be surprised to know that someone uses the Payment terms as a condition in the Pricing procedure for sales orders. The payment terms define when the customer agrees to pay, (15, 20, 45 ,....days or 5 years or 10 years....whatever it be)
this detail for what i know is in the sales order header,and ideally has nothing to do with the Item level material price conditions.
its ok, If you mean something else by payment terms.....in principle you can have a conditon type restrcited such that manual entries on the condition are not possible. this cane be done in SPRO customizing, i am sure your functional consultants would know what to do (SPRO->Sales and Distribution->Basic Function->Condition Types), in the tab "Changes that can be made" have a value that says manual Processing is not allwowed
The ABAP route mentioned above is for a different scenarion and i dont think it is necessary for your requirement -
Authorization control for "Revoke Status Closed"
Dear Experts,
We are trying to restrict the authorization of business transaction u201CClosedu201D & u201CRevoke status closedu201D through authorization control for transaction COR2.
For that I have included authorization objects- K_ORDER, K_VRGNG, I_VORG_ORD in the user profile.
I have also added these objects in SU24 with check indicator u201CChecku201D & proposal u201CYESu201D
Through authorization object- K_ORDER I succeeded to restrict business transaction u201CCloseu201D.
But I am unable to restrict u201CRevoke Status Closedu201D.
I have also tried for this with user status but through user status also I am unable to restrict u201CRevoke Status Closedu201D.
Can anybody help me for this.
Regards
VivekDear ,
You can do it through two option :
1.Apply Screen variant -SHD0 at user level in which you can switch off menu path of TECO/REVOKE etc.
Refer : http://wiki.sdn.sap.com/wiki/display/Snippets/TransactionVariant-AStepbyStepGuidefor+Creation
2.You can try User Status at Production Order level .Refer : authorization for TECO
You can also check by User Exit : PPCO0007 (Exit when saving Production Order)
Regards
JH -
Authorization Control for MIGO
Dear All,
We are in process of controlling authorization of some users, so that they will be able to access transaction MIGO, only for posting material documents of Goods Receipt, Cancelling GRN & Posting RRD. The users should not be able to post material issue, material transfer through the transaction MIGO.
When we changed the role assigned to the user by giving authority only for the specific trancaction code MIGO, it also allowed the users to post Goods Issue, Transfer posting through transaction MIGO, along with transaction of Goods Receipt, which is unwanted.
We also can not control the authorization of users based on Movement Type, because, if we do it, the user will not be able to view the material documents other that Goods Issue & it will also restrict the report viewing for other movement types.
Can anyone provide any valuable suggestions on this?
Regards,
Prashant KolhatkarDear All,
Thank you very much for your instant replies.
But, still, as I mentioned, I do not want to control authorization based on Movement Type. This would prohibit the user from displaying reports.
Any other suggestions Pl.
Regards,
Prashant Kolhatkar -
Authorization control for batch master
Hello Experts,
I have a special requirement from client on authorization control on batch master. The requirement is user should not be allowed to change the batch header details but allow to change selected characteristic values. For e.g If I have a batch A, the header values such as prod date, country of orgin etc should not be allowed to change. In classification view few characteristics only should be editable, rest all should only be displayed.
Is there any option to do this. Either through authorization control or exits. We dont want to create a custom transaction to achieve this.
Thanks in advance
PrathibHello
The following document explains how to check which authorization objects are called on each transaction:
How to analyze authorization issues in debug
BR
Caetano -
Authorization control for ordering specific materials
Hi Experts
Is it possible to set up control on specific materials, so that those materials can not be allowed for procurement unless the authorization is provided.
In this context, can we use DG profile and assign certain authorizations?
The specific requirement is intended for identifying such material as well as for providing authorization for ordering.
warm regards
mariasHi,
If you want to control on ordering material, you can set up Release Procedure, so that without approval ,purchase order can not be processed.
If you want to block the material for procurement, you can use Source list ( ME11), block the material , when ever required, you can remove the block and procure it and again block it.
Regards,
Biju K -
Field control for Travel expense type
Hi,
How can we control "travel expense type"/"Trip type company code specific" field in PR05/employee portal?
I want to make this as mandatory.
This field you can see in "PD/FR reimbursement" header PR05 entry screen.
I have checked in below configuration, but there is no effect if I make it as required input in below configuration.
Define Schema and Individual Field Control
Schema and Single Field Control for Web Dynpro
Any solution will be highly appreciated.
Regards
SMHi,
This field control is not working in ESS portal. Working in PR05 (Travel expense manager).
Could you please advice the configuration for making the field u201CTrip type, Co. specificu201D(PTP02-BEREI) as mandatory in
ESS portal?
If we have not entered any value in this field it is throwing below error.
"Entry EN NZ does not exist, check your entry"
Also please let me why this is mandatory to enter and why this is not a mandatory field in standard configuration?
Note: NZ is Trip provision variant.
Regards
SM
Edited by: shanumonu on Jan 27, 2012 5:37 AM -
Plant level authorization control for Internal Order
Dear Sir,
We create Internal Order using tcode KO01 and being a multi plant scenario , we want to have an authorization control on Internal Order creation/change so that plant or profit-center level authorization rights can be given to the users .
We request you to Kindly guide us about the steps to be followed for addressing such requirement .
With thanks and Regards
Sonia AgarwalaSonia-
It can be done. You have two options.
1. SAP security - when your security person can limit a user by plant, profit center etc using authorization objects.
2. Validations - Here you can create a validation where you define you logic. In your logic you can restrict set of users who can access a set of fields (profit center, plant etc). If he deviates, the system can issue error messages which is maintained in validations. Use transaction GGB0 to create validations.
Hope this helps.
Shail -
Authorization control for document status
Dear All,
I want to control the status change of Documets created,
How can i achieve this, so that a perticular user /ID can change the perticular status,
I have ,
01
02,
03,
04, Rel.
05,
Do i need to put some trace anf find Objects to control...
or there is any standard method to do this..
Please guide me..
Regards
RaghuHi Raghu,
Here are DMS authorizatoins objects. For handle status it should be C_DRAW_STA
C_DRAD_OBJ Create/Change/Display/Delete Object Link
C_DRAW_BGR Authorization for authorization groups
C_DRAW_DOK Authorization for document access
C_DRAW_MUP Authorization for Markups
C_DRAW_STA Authorization for document status
C_DRAW_TCD Authorization for document activities
C_DRAW_TCS Status-Dependent Authorizations for Documents
C_DRZA_TCD Document Distribution: Authorization for Recipient Lists
C_DRZI_TCD Document Distribution: Authorization for Distribution Order
S_ECL_CAT ECL Viewer: Authorization Object for Stamp Categories
S_ECL_STP ECL Viewer: Authorization Object for Printing with Meta Data
S_ECL_STP2 ECL Viewer: Authorization Object for Printing with Meta Data
Hope that it will help you
//Håkan -
Authorization control for Z fields
Hi all,
We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
Regards,
Krishna.
SAP SD Techno Functional.Hi all,
We have appended a structure to VBAP; our requirement is to update these Z fields based on authorization control.
Other than creating Z auth objects and checking them in our exit before updating Z fields, is there any other standard option to control updating of these Z fields.
Regards,
Krishna.
SAP SD Techno Functional. -
Authorization control for cost analysis/itemization view
Hi Experts,
Can we control the access to cost analysis/itemization report in CO03 by authorization control ?
ThanksHi,
Most probably it may not be possible.
moreover, Why do you want this? Cost analysis will be in display mode only. Infact it benefits the user. They can analyse and correct the master if required.
Think once again before making control. Because, everytime people has to come to authorised person to see the cost difference, which will disturb the authorised person.
This is my personal opinion.
Madhava -
Authorization Control For characteristics Maint.
Dear All,
My requirement is that,during material master creation/change,my user can change only certain characteristics in a class.What is the purpose of Authorization group field available in CT04.This what comes with F1 help,but I am not able to relate to it.I have assigned this authorization object in user role with relevant value,but nothing is happening.I am able to maintin all charac.
Authorization Group for Characteristics Maintenance
This key defines whether a user is allowed to maintain this characteristic.
This authorization must be defined in the user master record.
The authorization object is C_CABN_GRP.Dear,
The object and values what you are taking about is to restrict the charectristucs change,,,This will not restrict value assignment in material master classification view.
This is required for not to allow chages to that chateristics in CT04.
If you want the material master chareostics value assignment restoction then you need to restict material master claasification maintaince view through the auth object - M_MATE_STA
the values are as below
A Work scheduling
B Accounting
C Classification
D MRP
E Purchasing
F Production resources/tools
G Costing
K Basic data
L Storage
P Forecasting
Q Quality management
S Warehouse management
V Sales
X Plant stocks
Z Storage location stocks
remove C from the value and assignthe role to user by whom you donot want the value not to be assigned
come back if required -
Links to Web Service Data Control for complex data types
Hello Forum members,
Could anyone please post good reference links to docs/blogs illustrating how to create and use a Data Control for a Web Serice Proxy Client providing interfcae for a complex xml schema ?
Any help highly appreciated :)http://blogs.oracle.com/shay/2010/05/updateinsert_with_adf_web_serv.html
-
Authorization control for 2, T-codes at a same role
Hi all I need your professional support
When we execute the PV00 t-code and try to Create Attendance and it will allow the user to create it by going to PA40 which should not allowed and this has to be blocked.
But in the same user under a different role, PA40 is also attached and we have to keep it available to the user.
If I specify more about this issue, under HR role we have assigned PA40, for 5 personal areas and for another role we have assigned 20 personal areas for PV00, so if the same user try to click on the Create Attendance it will give 20 personal areas access through PA40 , which we have to block it some how. Through PV00, should not allow the user to access PA40 transaction. I tried through authorization which I couldnt control.
We are using role based authorization. Please advice me how to resolve this issue.Hi there.
what about restric access to one of the transactions at the role level. If you are using the role based approach for authorizations it should be based on the derived role concept.
Basically you'll have a master role with as many derivations as the organization requires. The menu structure and transaction assignment willl be maintained at the Master role level which does not have any authorization profile. The authorizations are maintained at the derived role level.
In other words your security concept will be based on transaction+Object access control following the derived approach.
Consider running Virsa reports to identify security overlaps, and SOD breaches.
Cheers,
Damien
Maybe you are looking for
-
Error reading TDMS file with inconsistend dt
Hello all, I would like to ask your help to understand how to read a TDMS file which I am opening and closing based on a user input. As a result the data in the TDMS file does not have a consistent time step, which may be causing my problem, but I r
-
Dear Gurus, I am having the 2 Company Code 1000 & 2000. And a Purg Org 1000 assigned to both Company Code. Now i have to upload the Vendor Master (nearly 7000 nos) which is applicable for both Company Code So what should be my strategy? Whether i upl
-
Thunderbolt Display Fan Noise Yes or NO?
I have a TBD connected to my 17" late 2011 MBP. MY TBD does get warm. Typically if I am facing the display the left side at the underside bottom portion of the bezel gets warm, not overly hot but warm. The right underside bottom portion stays very
-
I'm looking to teach myself PL/SQL with SQL Plus, it's a works pc so I can not use any other software than SQL plus. When starting SQL plus I'm asked for a username, password and host string. I'm taking it the host string is the db I want to connect
-
hi i have a bach file run .bat this is in network \\dc\data but wen run this file of this way , not run i must map this way and run it to correct now i create setup.bat and it whole ====== net use t: \\ dc\data t: call run .bat ==== when run setup.