Need authorization object to update my authorization

Dear SDN's,
When i am double click to view the data sourse it is giving message
"You have no authorization for data source "
"You require authorization for the authorization object for the data source DW workbench - data source (Release>BW 3.X) wih the filed values stated above and activity 4 "
For the above authorization issue
which authorization object is required for updating my authorization ?
Thanks and Kind Regards,
Lakshman Kumar G

Dear Gaurav,
Thanks for the solution.
Is there any authorization object for replicate the data source ?
Thanks and Kind Regards
Lakshman Kumar G

Similar Messages

  • Authorization Object for Update Function Module

    Hi
    I have a Update Function Module and that FM should be executed based on the Authorization Object .
    I had created a Auth Object with Proper roled assigned to user and i also  did the following
    AUTHORITY-CHECK OBJECT <Obj Name>
               ID 'ACTVT' FIELD '38'.
    If Sy-subrc EQ 0.
    <Process the following>
    End IF.
    But the Auth Object is not working correctly like in the ebugging eventhough my role is not assigned to this Auth Object
    it is giving me sy-subrc as 0 (but in my case it must be not be zero.)
    Is it anything like Auth Object wont work on Update function Module or else is there any different approach we need to follow
    to acheive the functionality .
    Kindly share the inputs
    K.Nadesh Kumar

    Hi
    The issue is resolved
    K.Nadesh Kumar

  • How to get all authorization objects for a certain authorization profile

    Hi ABAP experts,
    I have the following problem: for a certain authorization profile of a role (created with transaction PFCG) I would like to get all contained authorization objects: e.g. for the contained object PLOG I would like to know/read all corresponding parameter values.
    So:
    - where are these values stored (dictionary table)?
    - is there already a FM or a report to read all authoriation values for a certain authorization profile?
    Thanks in advance.
    Best regards,
    Oliver

    Hi,
    check the following it might useful for you:
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a92195a9-0b01-0010-909c-f330ea4a585c
    if helpful reward points are appreciated

  • Authorization object to restrict a particular customer code in a sales org

    Hi,
    I have a requirement whereby a sap user who is assigned to Sales organization A needs to access a particular customer from sales organization B. However the sap user has no access to sales organization B. However the requirement is such that the sap user cannot be given access to all the customers in Sales organization B. He must only access one particular customer from Sales organization B and not all the customers in Sales organization B.
    The problem here is if we give the sap user access to Sales organization B, then the sap user can access all the customers in Sales organization B. So how can we give access only to a particular customer in the Sales organization B?
    Is there any authorization object which can accomplish this?

    Hi.
    You can use The Authorization object
    <b>V_KNA1_VKO</b>
    Tcode for Authorization objects: SU21
    Tcode for Authorization FIELDS: SU20
    Statement to perform Auth. Check  AUTHORITY-CHECK(See F1 HELP)
    <b>Reward if Helpful</b>

  • Association of authorization group with authorization object

    Dear Colleagues,
    We are using ECC 6.0 system. There is a transaction EMMAC2 where in the user would pick the case categories & view/make changes as required in the cases.
    However, we would like to have a user to pick only those case categories for which he/she is authorized & view/change the data.
    This EMMAC2 is controlled by authorization object B_EMMA_CAS & this authorization object has field BRGRU (Authorization Group) along with ACTVT (activity).
    We would like to control this via authorization groups
    We would like to create authorizations groups based on case categories & those authorization groups would be assigned in this BRGRU field.
    Meaning, the end result should be such that, when that new authorization group is added in BRGRU field & that role is assigned to an end user, the user should be able to see data only for those case categories for which the new authorization group has been created
    If I use SE54 to create authorization group, it automatically associates itself with authorization object S_TABU_DIS & this does not solve my purpose.
    But we would like to create a new authorization group & associate it with authorization object B_EMMA_CAS.
    Can someone please let me know the steps on how to achieve it or any other method to achieve it(for above underlined text)?
    Does a developer or functional consultant also need to be involved in this?
    PS: I tried to search in Google & our forums but could not get any answers

    Dear Aninda,
    Thanks for the help.
    I created an auth group via SE16 in table TBRG & associated to B_EMMA_CAS
    A case category was then assigned to this auth group
    We tested it - below are the results:-
    1. The user is allowed to 'change' and 'display' the case for the case category for which the user is authorized: this works as per requirement.
    2. The user is not allowed to 'change' case for the case category for which the user is not authorized: this works as per requirement.
    3. However, he is able to 'display' cases for the case category for which the user is not authorized: this we do not want.
    If I remove activty 03 (display), then the user is unable to display the case for the case category for which the user is  authorized.
    How to resolve this?

  • PR05 authorization object

    Hi,
    Please tell me how can we find the authorization object for an tcode PR05.
    Problem is users are able to approve their own trips in PR05 T-code. for that i want necessary authorization objects and values.
    I need now for PR05 the authorization object.
    Thanks
    zeni

    Hi,
    Its no like finding the authorization object for an tcode PR05.
    You have to create an authorization for tcode PR05 and for creating this authorizations please follow the below steps
    Tcode for Authorization Objects are,
    su20----> for defineing authorization field ,
    su21-----> for authorization class,
    su22------> for assignement authorization object
    To create an authorization object:
    1) Execute transaction SU21
    2) Double-click an Object Class to select a class that should contain
    your new auth object
    3) Click on CREATE (F5)
    4) (If creating custom field) - Click the 'Field Maintenance' button -->
    Click on CREATE (Shift+F1)
    5) Enter the Name for the New Authorization field and the corresponding
    Data Element and SAVE
    6) Confirm the Change Request data for the new Authorization Field
    7) Go back two screens (F3-->F3)
    8) Enter the Authorization field name and document the object:
    9) SAVE and ACTIVATE the documentation
    10) Save the new Authorization Object
    11) Confirm the change request data for the Authorization Object and
    EXIT SU21
    12) Finally, the SAP_ALL profile must be re-generated
    Please reward points if it helps
    Thanks
    Vikranth

  • Error while generation of the Authorization object (

    Hi Gurus,
    I have created a Authorization object Z_CCTR3 for 0costcenter authorization.
    but getting following error while generation of the Authorization object (type is Flat authorization)
    "Error occurred when reading the data from DataStore object Z_CCTR3"
    Any inputs will helpful...
    Sonal.....

    Hello everybody,
                             my problem is solved.For the UDConnect, whatever DATA SOURCES you create gets registered in a FUNCTION MODULE which has a capacity of only 99 enties, so to increase it implement the SAP NOTE 876340 - UDC Error available on SERVICE MARKET PLACE.
    This problem occurs with BW version 3.5 level 17 or below.
    Regards,
    Priyanka
    Edited by: Priyanka Joshi on Jun 10, 2008 11:03 AM

  • Role creation and authorization objects in sap

    Hi
    i want to know the full relationship between  creation of roles , authorization objects ,authorizations in web as abap
    Please explain the process in detail the use of PFCG and all its options and how to create Z roles

    Although, It would be a very long document to explain the query, I have briefed you on the concept. I hope it leads you well.
    - Roles are nothing but a container for authorizations. A role represents a specific part of an employeeu2019s job.
    - The R/3 authorization concept permits the assignment of either general and/or finely detailed user authorizations. These assignments can reach down to transactions, field and field value level.
    For e.g. If a user wants to create a PO we can restrict him on:
    u2022     Activity : Create/Change/Display
    u2022     Org elements like Company Code, Plant, Purchase Organization etc
    u2022     Document type etc.
    - Authorization objects are grouped in an object class such as Materials Management: Master Data (MM_G). Each Object Class may have several authorization objects and within each object we can have several authorizations (max. up to 99).
    - Fields :The permissible values for the fields constitute the authorization. For e.g. ACTVT (Activity) is a field with permissible values of 01 (Create), 02 (Change) & (03 Display) for the object M_MATE_CHG (Material Master: Batches/Trading Units). Value * for field BEGRU signifies all possible values.
    - An authorization allows you to carry out an R/3 task based on a set of field values in an authorization object. By themselves authorizations do not exist and they only have a meaning inside a profile
    - Authorizations are contained within profiles and these profiles are assigned to users manually or automatically via role assignment. When you assign the field values for all the authorization objects and save system will auto generate a profile name.
    - Authorization check are included in the transactions source code in standard SAP R/3.A user may carry out an action if the authorization check is successful for each field in the object.
    Edited by: Subramaniam Iyer on Nov 27, 2008 12:08 PM

  • Authorization object M_MATE_MAR "Material Master - Material Types" in MM01

    Hi,
    We in CPS Energy are implementing VIrsa SOD conflicts on the roles that are in place in current SAP 4.6C version. The authorization object M_MATE_MAR is used by MM01(Creation of Material Master) transaction code & used at mutiple roles. We have restricted this authorization object by Material Type Authorization Group (BEGRU)as WMS1 & given activity a 01, 02 & 03 in a role. The same authorization object is used in Common roles also for displaying that is using transaction code MM03 (Display Material) but the activity & authorization group are ''. This '' is taking precedence over the the authorization object given in the other role.
    Please let us know how to put a control on this authorization object which is used widely by large number of users.
    Maintained Material Master: Material Types                              T-D119010802
    Activity                       01, 02, 03                                             ACTVT
    Authorization group          WMS1                                              BEGRU
    Any help is really appreciated
    Thanks
    Sree

    Hi Sree, your role with MM03 in it should not have * for actvt if it is only a display role.
    As it is a display role actvt 03 would be more suitable.  That way you could have display for all auth groups, but create and change/MM01&2 would be restricted to WMS1 (and any other materials with a blank auth group)

  • Authorization object for Command Button

    Hi all,
    How can I create the Authorization object for command button which is on application server.
    if you do not have auth when you click on that command button, it should be say 'you dont have auth'.
    please help me in this.
    regards,
    Ajay reddy

    Hi,
    Tcode for Authorization Objects are,
    su20----> for defineing authorization field ,
    su21-----> for authorization class,
    su22------> for assignement authorization object
    To create an authorization object:
    1) Execute transaction SU21
    2) Double-click an Object Class to select a class that should contain
    your new auth object
    3) Click on CREATE (F5)
    4) (If creating custom field) - Click the 'Field Maintenance' button -->
    Click on CREATE (Shift+F1)
    5) Enter the Name for the New Authorization field and the corresponding
    Data Element and SAVE
    6) Confirm the Change Request data for the new Authorization Field
    7) Go back two screens (F3-->F3)
    8) Enter the Authorization field name and document the object:
    9) SAVE and ACTIVATE the documentation
    10) Save the new Authorization Object
    11) Confirm the change request data for the Authorization Object and
    EXIT SU21
    12) Finally, the SAP_ALL profile must be re-generated
    Regards,
    hema.

  • Obsolete authorization objects in APO

    Hi Experts,
    I have to create one role in APO in which I have to manually insert authorization objects.When I try to do so, for some authorization objects I get error message "Authorization object is obsolete" and the authorization object does not get inserted.This might have happened because of upgrade.
    Is there anyway to determine how to find authorization object corresponding to obsolete authorization objects in upgraded system?
    Edited by: AnikaGupta on Dec 20, 2011 1:41 PM

    Hi
    I don't have much experience with APO security specifically or with regards to do what do with obsolete objects; but in general - I would say that obsolete auth object's description/documentation would provide hints to the object which should replace the object in context (for example object S_XMB_DSP). I would like to ask as to why are you trying to add this object manually - accepting if its an exception/necessary but see if you can resolve it by t-code addition in menu and checking what all auth objects are pulled - and building a solution based on SU24 proposals (depends if the obsolete object is called for this transaction in SU24 - maybe it does not)  -  if its an obsolete object you might want to edit its status in SU24 as do not check (apart from basis/hr objects)
    Best Regards
    Prashant

  • Assigning of authorization object to authorization group

    I have created an authorization object and I have assigned this to already exsiting authorization group.I would like to assign the authorization object to a new  authorization group.Please confirm how to create an authorizaton group and assigning a authorization object to this new authorization group.

    hi,
    I have got a pdf related to this.
    I shall send that to you if i can get ur mail id.
    I too havent tried this. I dont have any authorizations to do with my server.
    Plz follow the following steps:
    1. Create a user (for example for SAP DEV, TEST, or PRD systems).
    2. Open the SAP Profile Generator (transaction PFCG) available in SAP R/3 versions 4.6 and above.
    3. Create an Activity group (Role since SAP 4.6C), for example ZBODI_ROLE.
    4. Enter a description for the role.
    5. Go to the Authorizations tab and click Change authorization data.
    6. On the Change Role: Authorizations screen, click the Manually,toolbar icon.
    7. The Manual Selection of Authorizations window opens.
    8. Type in the following authorization objects.
    S_ADMI_FCD*
    S_BTCH_JOB
    S_DEVELOP*
    S_DATASET
    S_PATH
    S_RFC
    S_TABU_DIS
    S_TCODE
    S_RS_ADMWB — for SAP BW
    9. Click OK
    10. Return to the Change Role: Authorizations screen.
    11. Manually configure components by entering the values  that support Data Integrator operations include:
    • Administration
    • Batch
    • BW loading
    • Development
    • File access
    • File system access
    • RFC calls
    • RFC calls in BW
    • Table source access
    • Transactions
    12. To complete the security profile, click the Back icon (or press F3), select
    the User tab, enter your SAP user ID for Data Integrator and click the Save icon.
    Regards,
    Sailaja.

  • CJ20N Authorization Object for Project Status Changes

    Hi Gurus,
      Can any one knows the Authorization Object responsible to control the change of status for a project in the CJ20N?
      We want to control who can and who can't change the STATUS of a project independent from other changes.
    Regards
    Gustavo Balboa

    User authorization object B_USERSTAT. Before that u should define authorization key in Tcode:BS52 and assign it to User status in Tcode:OK02.
    In authorization object B_USERSTAT set ERSL=Authorization Key, so that the user can change the status of that perticular status only.
    Venkat

  • Authorization Object for using Object Services

    Can you tell me how to limit a users authorization to create or delete attachements using the object services functionality?  We'd like to control the addition and deletion of the attachments.  Is there a specific authorization object for this functionality?
    Thank you, Julie

    Hi julie;
    I hope that following are the solution for you problem. Check wheather this is helpful to you or not.
    Authorization Object C_DRAW_BGR (Authorization Group)
    The following table shows authorization object C_DRAW_BGR. This authorization object allows you to limit access to individual documents.
    Fields      Possible Values      Description
    BEGRU (Authorization group)      0000 - ZZZZ      Used to restrict the authorizations for document maintenance further.
    Authorization object C_DRAW_BGR can be used to restrict access to individual documents. It works like a simple on/off switch. If the check of object C_DRAW_BGR is fine, the user's authorization can be further restricted by checking C_DRAW_TCD (check only based on the document type) or C_DRAW_TCS (check of the
    combination of document type and status). At the fifth level there is a BADI called DOCUMENT_AUTH01, which you can use to design your own authority check.
    Authorization Object C_DRAW_DOK (Document Access)
    The following table shows authorization object C_DRAW_DOK. This authorization object controls which original data of a specific document type there are access authorizations for.
    Fields      Possible Values      Description
    ACTVT (Activity)      52 53 54 55 56 57      Change application start Display application start Display archive application Change archive application Display archive Store archive
    DOKAR (Document type)            Here you enter the document type that access to original data is allowed for.
    Authorization Object C_DRAD_OBJ (Object Link)
    The following table shows authorization object C_DRAD_OBJ. This object controls which users can process which document info records, based on a combination of activity, object, and status.
    Fields      Possible Values      Description
    ACTVT (Activity)      01 02 03 06      Create Change Display Delete
    DOKOB (Object)            You must enter the data base table for the objects here (for example, MARA for material record).
    STATUS (Document status)
    if useful rewards points.           
    Regards,
    nitin
    Edited by: nitin bhagat on Feb 18, 2008 6:23 AM

  • Authorization Object and Authorization...!!!

    Hi BW Experts,
    Could anyone plz tell me what is the difference between Authorization Object and Authorization..!!!
    Thanks in Advance.
    Regards,
    Giftedbrain.

    Giftedbrain,
    Authorization Object:
    An authorization object groups up to ten fields that are related by AND.
    An authorization object allows complex tests of an authorization for multiple conditions. Authorizations allow users to execute actions within the system. For an authorization check to be successful, all field values of the authorization object must be appropriately maintained in the user master.
    Authorization objects are divided into classes for comprehensibility. An object class is a logical combination of authorization objects and corresponds, for example, to an application (financial accounting, human resources, and so on). The line of the authorization object class is colored orange in the profile generator.
    For information about maintaining the authorization values, double click an authorization object.
    The line of the authorization object is colored green in the profile generator.
    Authorization:
    Definition of an authorization object, that is, a combination of permissible values in each authorization field of an authorization object.
    An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
    Authorizations allow you to specify any number of single values or value ranges for a field of an authorization object. You can also allow all values, or allow an empty field as a permissible value.
    If you change authorizations, all users whose authorization profile contains these authorizations are affected.
    As a system administrator, you can change authorizations in the following ways:
    ·        You can extend and change the SAP defaults with role maintenance.
    ·        You can change authorizations manually. These changes take effect for the relevant users as soon as you activate the authorization.
    The programmer of a function decides whether, where and how authorizations are to be checked. The program determines whether the user has sufficient authorization for a particular activity. To do this, it compares the field values specified in the program with the values contained in the authorizations of the user master record.
    The line of the authorization is colored yellow in the profile generator.
    -Doodle

Maybe you are looking for