Re setting Authorization on ADE

Similar Messages

• How to set authorization in more detail for ME11,e.g. material group, etc.?

  Hi,
  As we know, we can use plant, purchasing organization, purchasing group as authorization object to carry out authorization check when creating purchasing info record in ME11.
  But now my customer wants to set authorization in more detail, for example, use material group and some certain fields in vendor master.
  It seems standard authorization setting for ME11 cannot do this.
  Is there any method to meet the need? or some enhancements or BADi?
  Thanks
  Wesley

  Hi, Akhileshwar
  Thanks for your information. I have thought of creating authorization object values, but the problem is where to let SAP carry out the authorization check to the new object in ME11/ME12.
  So I think maybe some enhancements can let us write authority check code to do it.
  But I am not sure which enhancement or user exit can be used to write this code.
  Wesley

• Automated script for setting authorization limit in GL

  Hi,
  I am trying to create an automated script in our General Ledger application to set authorization limit. I have looked into code of form GLXSTEAL.fmb. There I found that, GL_AUTHORIZATION_LIMITS_PKG is being used for setting authorizations limit.
  Below is the code I am trying to run from PL/SQL developer using apps id:
  declare
  l_Rowid varchar2(30);
  l_Set_Of_Books_Id apps.GL_AUTHORIZATION_LIMITS.SET_OF_BOOKS_ID%TYPE;
  l_Employee_Id apps.GL_HR_EMPLOYEES_CURRENT_V.EMPLOYEE_ID%TYPE;
  l_Authorization_Limit apps.GL_AUTHORIZATION_LIMITS.AUTHORIZATION_LIMIT%TYPE;
  l_user_id number := FND_GLOBAL.USER_ID;
  l_login number :=FND_GLOBAL.login_id;
  p_Attribute1 apps.GL_AUTHORIZATION_LIMITS.Attribute1%TYPE;
  p_Attribute2 apps.GL_AUTHORIZATION_LIMITS.Attribute2%TYPE;
  p_Attribute3 apps.GL_AUTHORIZATION_LIMITS.Attribute3%TYPE;
  p_Attribute4 apps.GL_AUTHORIZATION_LIMITS.Attribute4%TYPE;
  p_Attribute5 apps.GL_AUTHORIZATION_LIMITS.Attribute5%TYPE;
  p_Attribute6 apps.GL_AUTHORIZATION_LIMITS.Attribute6%TYPE;
  p_Attribute7 apps.GL_AUTHORIZATION_LIMITS.Attribute7%TYPE;
  p_Attribute8 apps.GL_AUTHORIZATION_LIMITS.Attribute8%TYPE;
  p_Attribute9 apps.GL_AUTHORIZATION_LIMITS.Attribute9%TYPE;
  p_Attribute10 apps.GL_AUTHORIZATION_LIMITS.Attribute10%TYPE;
  p_Attribute11 apps.GL_AUTHORIZATION_LIMITS.Attribute11%TYPE;
  p_Attribute12 apps.GL_AUTHORIZATION_LIMITS.Attribute12%TYPE;
  p_Attribute13 apps.GL_AUTHORIZATION_LIMITS.Attribute13%TYPE;
  p_Attribute14 apps.GL_AUTHORIZATION_LIMITS.Attribute14%TYPE;
  p_Attribute15 apps.GL_AUTHORIZATION_LIMITS.Attribute15%TYPE;
  p_Context apps.GL_AUTHORIZATION_LIMITS.context%TYPE;
  l_date date :=sysdate;
  begin
  GL_AUTHORIZATION_LIMITS_PKG.Insert_Row(
  p_Rowid => l_Rowid,
  p_Set_Of_Books_Id => 1001,
  p_Employee_Id => 9236,
  p_Authorization_Limit => 100,
  p_Last_Update_Date => l_date,
  p_Last_Updated_By => l_user_id,
  p_Creation_Date => l_date,
  p_Created_By => l_user_id,
  p_Last_Update_Login => l_login,
  p_Attribute1 => p_Attribute1,
  p_Attribute2 => p_Attribute2,
  p_Attribute3 => p_Attribute3,
  p_Attribute4 => p_Attribute4,
  p_Attribute5 => p_Attribute5,
  p_Attribute6 => p_Attribute6,
  p_Attribute7 => p_Attribute7,
  p_Attribute8 => p_Attribute8,
  p_Attribute9 => p_Attribute9,
  p_Attribute10 => p_Attribute10,
  p_Attribute11 => p_Attribute11,
  p_Attribute12 => p_Attribute12,
  p_Attribute13 => p_Attribute13,
  p_Attribute14 => p_Attribute14,
  p_Attribute15 => p_Attribute15,
  p_Context => p_Context );
  commit;
  end;
  I am getting the error PLS-00306: wrong number or types of arguments in call to 'INSERT_ROW'.
  Please help me with this.
  Thanks

  I have found another way to achieve this. By inserting the data directly to GL_AUTHORIZATION_LIMITS table.
  INSERT INTO gl.GL_AUTHORIZATION_LIMITS
  (set_of_books_id,employee_id,authorization_limit,CREATION_DATE,CREATED_BY,LAST_UPDATE_DATE,LAST_UPDATED_BY,LAST_UPDATE_LOGIN)
  VALUES (1001,p_person_id,1.00,SYSDATE,l_user_id,SYSDATE,l_user_id,l_login);

• Re: Setting Authorization Check in Report Writer

  Hi,
  In ABAP Query or ABAP customized program, it is possible to set authorization object checking.
  In Report Writer, how can I do it?
  <REMOVED BY MODERATOR - REQUEST OR OFFER POINTS ARE FORBIDDEN>
  Thanks
  Edited by: Alvaro Tejada Galindo on Dec 26, 2008 10:59 AM

  Hi Colin,
  I would like to suggest,
  Creating an Authorization object & then using it in the report program is the preffered way.
  I would like to suggest a couple of references, quite similar to your issue,
  [SDN - Reference for using authorization checks at the report level|User authorisation check in ABAP-HR program;
  [SAP HELP - Standard Reference for Programming Autorization checks|http://help.sap.com/saphelp_nw04/helpdata/en/52/6712ac439b11d1896f0000e8322d00/frameset.htm]
  [SAP HELP - Standard Reference for Authorization checks|http://help.sap.com/saphelp_nw04s/helpdata/en/fc/eb3ba5358411d1829f0000e829fbfe/frameset.htm]
  Hope that's usefull.
  Good Luck & Regards.
  Harsh Dave

• Can't set authorizations

  Hi folks,
  We're facing serious problems when trying to set authorizations to users.
  We can't set any authorization. Everytime we open the General Authorizations form, we change all the authorizations we want.
  When we press Update, nothing happens. Then, we press update again, and the message: Operation completed sucessfully appears.
  We click on OK, expecting the authorization worked. But if we open the form again, no changes were made.
  We've tried stopping all add-ons and there's nothing in SBO_Transaction_Notification.
  Any ideas?
  Thanks in advance!

  I run this query that solved the problem:
  --Select Query with description:
  --to detect report objects are used in dynamic authorization but doesn't exist in report object master data
  select * from CDPM where ObjectType = 232 and ObjectKey not in (select doccode from rdoc) order by permid
  -- to detect permission are used in user preference but doesn' exist in dynamic authorization or user defined authorization
  Select * from USR3 where PermId
  not in (Select distinct Absid from OUPT union Select distinct cast(PermId as nvarchar(50) )from CDPM)
  ----Update Query with description:
  ----to delete report objects are used in dynamic authorization but doesn't exist in report object master data
  --delete from CDPM where ObjectType = 232 and ObjectKey not in
  --(select doccode from rdoc)
  -- -- to delete permission are used in user preference but doesn' exist in dynamic authorization or user defined authorization
  --Delete from USR3 where PermId
  --not in (Select distinct Absid from OUPT union Select distinct
  --cast(PermId as nvarchar(50) )from CDPM)

• Marketing Attribute set Authorization.

  Is there marketing attribute set Authorization, So that one set of users can see only their Attribute set..Appreciate any hellp in this regard. The CRM version is 5.0.

  Hi
  If you have found the answer to your question, as to how we can assign an attribute set by default when creating a BP, can you please share the answer with me, since I have a similar requirement.
  Thanks in advance!!!
  Lavi

• What to set authorization on characteristic value

  HI team I want to set a authorization on characteristic value, to be displayed in Bex report depending on user accessing that report
  Say : I have one report which show data about company code. I want to set authorization on characteristic value of Company code , for eg for USER 1 - he should see ony C001 and C002, and USER2 should see C003 , C004 etc.
  Please guide me in step by step approch ....
  Which authorization objetc should be used.
  Regards
  Ashutosh D

  Hi,
  First step towards authorization is to make your InfoObject (Company Code) as authorization relevant in the tab Business Explorer.
  Once this is done, create Analysis Authorizations in transaction RSECADMIN with the following variables.
  0TCAACTVT - *( or you can give the activities to be restricted)
  0TCAIPROV - *
  0TCAVALID - *
  0COMP_CODE - C001 & C002
  Now assign the analysis auth in the role under the Auth object S_RS_AUTH.
  Now assign this role for user1.
  Similarly create another Analysis auth for company code C003 & C004 and assign that role to user2
  Regards,
  Gaurav

• How de we set authorization ids

  how do we set authorization ids for a paticular object in a program...,

  Hi,
  go thru this url:
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
  AUTHORITY-CHECK
  Basic form
  AUTHORITY-CHECK OBJECT object
  ID name1 FIELD f1
  ID name2 FIELD f2
  ID name10 FIELD f10.
  Effect
  Explanation of IDs:
  object Field which contains the name of the object for which the authorization is to be checked.
  name1 ... Fields which contain the names of the name10 authorization fields defined in the object.
  f1 ... Fields which contain the values for which the f10 authorization is to be checked.
  AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).
  You must specify all authorizations for an object and a also a value for each ID (or DUMMY ).
  The system checks the values for the ID s by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.
  If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.
  If the return code SY-SUBRC = 0, the user has the required authorization and may continue.
  The return code is modified to suit the different error scenarios. The return code values have the following meaning:
  4 User has no authorization in the SAP System for such an action. If necessary, change the user master record.
  8 Too many parameters (fields, values). Maximum allowed is 10.
  12 Specified object not maintained in the user master record.
  16 No profile entered in the user master record.
  24 The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.
  28 Incorrect structure for user master record.
  32 Incorrect structure for user master record.
  36 Incorrect structure for user master record.
  If the return code value is 8 or possibly 24, inform the person responsible for the program. If the return code value is 4, 12, 15 or 24, consult your system administrator if you think you should have the relevant authorization. In the case of errors 28 to 36, contact SAP, since authorizations have probably been destroyed.
  Individual authorizations are assigned to users in their respective user profiles, i.e. they are grouped together in profiles which are stored in the user master record.
  Note
  Instead of ID name FIELD f , you can also write ID name DUMMY . This means that no check is performed for the field concerned.
  The check can only be performed on CHAR fields. All other field types result in 'unauthorized'.
  Example
  Check whether the user is authorized for a particular plant. In this case, the following authorization object applies:
  Table OBJ : Definition of authorization object
  M_EINF_WRK
  ACTVT
  WERKS
  Here, M_EINF_WRK is the object name, whilst ACTVT and WERKS are authorization fields. For example, a user with the authorizations
  M_EINF_WRK_BERECH1
  ACTVT 01-03
  WERKS 0001-0003 .
  can display and change plants within the Purchasing and Materials Management areas.
  Such a user would thus pass the checks
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' FIELD '0002'
      ID 'ACTVT' FIELD '02'.
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' DUMMY
      ID 'ACTVT' FIELD '01':
  but would fail the check
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' FIELD '0005'
      ID 'ACTVT' FIELD '04'.
  Regards
  Shiva

• How to set authorization to limint plant to craete reservation from IW32

  Please advice me how to set authorization to limit plant to create reservation from IW31 or IW32 (Maintenance Order).
  I set at M_MRES_WWA (authorization object) but it is not work.

  Hi consult.,
                    I am not very sure about the object you are using, but if it is correct(else serch for the correct object), then make a master role for the T-Codes IW31 and IW32.
  then make a drived role from the above made role, and assign the object(above searched object) in the object give the value as that of your plant, and activity as per the requirement.
  you can maintain as many derived roles as the no. of plants.
  hope it helps.
  regards,
  YK

• Problem with setting Authorization

  Hi,
  I created a sample survey using the downloadable Survey app on the hosted apex site. The Survey is meant to be public, but I want the Admin, reports pages to require login.
  At first it looked very straightforward since when I click on security for the page attributes, there already seems to be an Authorization Scheme listed in the drop down list "Must Not Be Public User" and an Authentication item "Page Requires Authentication". Looked perfect for what I needed. But when I apply the changes, the public user still can access the pages! What am I missing? Or am I too naive to think such functionality was actually built into this version of Apex and applicable to this particular application.
  PM

  PM -
  Something I've done is to create custom Authorization schemes for the types of users that access my applications through Single Sign On. I grab their ID and then do a select based on a table where I identify the level of security they have. And then I set the Authorization to "Page requires authentication".
  In my authorization scheme I use a PL/SQL function that returns a boolean to determine what the user may or may not be able to see.
  My code is something like:
  CASE
  WHEN my_pkg.authenticate_user(&APP_USER.) = 'SURVEY_ADMIN' THEN
  RETURN true;
  END CASE;
  Hope this helps.

• How to set authorization for only Create infotype record

  How can I set the authorization so that the user can only create Infotype 14,15,2010,2001,2006 but cannot change and delete the record for these infotypes.
  But user has the authorization to create,change and delete other infotypes.

  Hi irene,
  1. For this we have to use the
     authorisation object
    P_ORGIN
  2. It has got the following fields, on which authorisations can be controlled.
  AUTHC     Authorization level
  INFTY     Infotype           
  PERSA     Personnel Area     
  PERSG     Employee Group     
  PERSK     Employee Subgroup  
  SUBTY     Subtype            
  VDSK1     Organizational Key 
  regards,
  amit m.

• Setting authorization on presentation server objects

  Hi all,
  i need to set different authorization levels for a subset of columns in my model. Example: i have the presentation table "Customer", i want to show the presentation column Name, Surname, Fiscal Code, Retribution to a subset of users with high-level privileges, and all the other columns (age, sex, etc...) to all the other users.
  Anyone knows if this is possible by using the Authorization scheme on the repository, presentation server? If it's possible, can i filter on a specific role/group?
  Thanks in advance,
  Regards

  Permissions are two types; Data level and Object level
  Object level:
  Presentation column general properties-> Permissions and add group
  Data level: logical table source table properties->Content tab
  WHERE clause section
  you may go for a condition
  Rest is yours :)
  If helps mark
  Edited by: Srini VEERAVALLI on Apr 3, 2013 9:11 AM

• Setting authorization for BP access

  hi, we have few requirements related to controlling access to Business partner master data.
  1. there are sales teams for each geography and they need to see only accounts in their geography.
  2. there are account teams who get to access only few named accounts.
  any pointers on how to set these..i am aware of authorization groups but that is not solving the complete requirements
  thanks
  RH

  Hi RH,
  You can try and see information on Access Control engine and this is a functionality provided by SAP to restrict certain users to access data relevant to them and you can search forum for ACE.
  This is useful for PCUI application
  Thanks
  Srini

• Can't set Authorization header in http message

  Perhaps someone can help me with a problem I'm having. I want
  to set an Authorization header in an HTTP request. From the
  documentation, I can set the "headers" attribute in the HTTPService
  element or I can use a <mx:headers> subelement. It is looking
  for an object or array. I hoping to set the header to look like:
  Authorization: GoogleLogin auth=1234abcd....
  When I use an object, it does not show at all. When I use an
  array of a single string, it includes the zero index of the array
  in the header something like:
  0: Authorization: GoogleLogin....
  Has anybody added custom headers to Http requests before?
  What am I missing?
  --Danny

  Perform for "idUserInteractionLevels" with a Google Site search in this site: http://www15.ocn.ne.jp/~preopen/iddom/domCS-CS3.html. You will get all sorts of questions answered if you are looking for InDesign help with VBScript. One of best sites with InDesign objects clearly documented.
  Hope this helps.
  I created a whole VBScript that will import XML and generate a PDF document in a interactive mode invlking this script from a Web Service.
  PRabhu

• Installed 3M cloud library and can't remove the authorization from ADE

  I installed ADE 4.0 for Mac but also have 3M cloud library, used its ID instead of the Adobe Digital ID.  I can't seem to deauthorize it.  Has anyone got a solution for this?  Thank you.

  I still have ADE 3.0 (for Windows) installed on my PC. I was able to deauthorize using 3.0 (using ctrl-shift-D to deauthorize in 3.0 doesn't require a username and password) -- Then I could re-authorize 4.0 w/ my AdobeID. Hope this helps.
  I found another possible solution from this thread: Re: unable to erase authorization
  Mac:
  Navigate to /Users//Library/Application Support/Adobe/Digital Editions and drag the activation.dat file to the trash.
  ADE will be deauthorized now.
  Now Authorize ADE again.
  Windows:
  Choose Start > Run.
  In the Open text box, type regedit and then press Enter. The Registry Editor opens.
  In the left pane of the Registry Editor, locate the following registry key:
  HKEY_CURRENT_USER\Software\Adobe\Adept
  Right-click the Adept key and choose Delete.
  In the Confirm Key Delete dialog, click OK.
  Your authorization will be deleted.
  ADE will be deauthorized now.
  Now Authorize ADE again.