RFC-enabled authorization checks for specific tables?

Similar Messages

• Authorization checks for bank account number in vendor master

  I am trying to find a way to set up authorization checks for specific fields in the vendor master: LFBK-BANKL, LFBK-BANKN, LFBK-EBPP_ACCNAME and LFBK-EBPP_ACCNAME. I am tring to set ip up so that if you have access to transactions FK03 or XK03, you can view vendor master data except for the above fields.
  Does anyone know of a way to accomplish this? Your help will be greatly appreciated.
  Thanks
  -Peru

  HI Peru,
  To supress a field in FK03 u will have to check
  Financial Accounting (New)>Accounts Receivable and Accounts Payable>Vendor Accounts>Master Data>Preparations for Creating Vendor Master Data-->Define Screen Layout per Activity (Vendors)
  in that Display Vendor (Accounting) for FK03 and Display vendor (centrally) for Xk03
  But there bank account no is not there.
  Moreover there r no authorization objects for all the fields that u gave.
  So try creating screen variant/ transaction variant in SHD0.
  Regards,
  Kiran

• Authorization check for a program/table

  Hi ,
  Can anyone help me out in
     How to do authorization check for an abap program and also a table.
     I have no idea about the authorizations.
  My requirement is that I need to do the authorization check in such a manner that only users having a certain profile
  1. should be able to execute the program
  2. View of the entries of the table.
  Thanks & Regards,
  Keerthi

  Hello Keerhi ,
  I got you wrong at first!
  If you want to have only certain users to be able to do certain operations, then you need to assign the appropriate roles to those users!
  First find the role
  second add the user in the role ( PFCG T code---> USers tab)
  Raj

• Rfc enabled function module for the updating the database table

  Hi,
          I need one rfc enabled function module for the updating the database table from the legacy system.currently i am using the rfc_read_table to read the database table.similarly i need for the update.

  Hi
  I believe you need to create one by yourself
  Max

• Authorization checks for PNP LDB

  question    : how to validate authorization checks for pnp logical database?
  2 nd question: hr report
  this report is basically for salary survey. in this i had so many fields can any body let me know how
  can i form the internal tables. and i have to display overall 150 fields in csv file for that
  how can i take in to the final internal table.
  what is the logic behind this:
  T71JPR09-JOBCODE
  PA0000-PERNR
  HRP1000-STEXT
  P0006-PSTLZ
  PA0008-ANSAL * 100 / PA0008-BSGRD
  PA0015-BETRG
  PA0761-LTEXT  WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
  PA0761-GRADT  WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
  PA0761-ZZGRANT WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
  PA0761-LTEXT WHERE PA0761-CPLAN = LTI PLAN esu YEAR 1
  like that i had.
  please give me the steps how can i proceed.

  Hi,
  The PNP database will take care of authorization check. It will not execute if used does not have authorizations.
  Hope this helps.

• Authorization Check for Special Stock Indicator in IE02

  Dear Gurus,
  Would like to check with you if there is an authorization check for change in Special Stock Indicator in IE02-SerData Tab?
  For example, the User will only be allowed to change the Special Stock Indicator only to "E" - Sales Order.
  Would appreciate your help.
  Thanks.

  Hi,
  This cannot be done by using standard auth object. Standard SAP doesnt support control via this field.
  Take help of your ABAP team and create an customized authorization object "Z_OBJECT" with field SOBKZ and which check these field value in table EQBS. Assign this auth object to role and profile you want.
  Use the user exit IEQM0003 Additional checks before equipment update. Give a logic to check auth object when while using equipment change tcode.

• Add authorization checks to the table maintenance

  i have created a table maintenance and I have authorization object and the field for it which will take some values this i got from basis people . Then how to add authorization checks to the table maintenance.

  U can try to use the event, after generating table maintenance program:
  Enviroment->Modification->Events: the events 05/18 could be good for you
  Max

• Authorization checked for infoObjects even though not relevant to report

  Hello guys,
  I am facing a problem in BI 7.0 authorization checks.
  For a given report the BI team has placed a restriction in the query only for infoObject 0Comp_code (company code) and 0SOLD_TO (sold to party). Accordingly i have created authorization in RSECADMIN and assigned to role--> user.
  But when the user runs the report, he gets as authorization error and during analysis in RSECADMIN i see that "list of Authorization relevant charecteristics(infoObjects) for info provider xxxx" contain other infoObjects as well.
  Is it a case where infoObjects can be made authorization relevant for the whole  info provider eg-ZSD_M42" (where this is a multi provider)apart from being checked for specific reports eg- ZSD_M42_Q0001?
  How do i get around this problem?
  Regards,
  Prashant

  Hi Prashanth,
  What Zaheer said was exactly correct.Make sure all the Auth relevant Chaaracteristics of an Infoprovider  are properly authorized through your Analysis Authorization.Suppose if you don't need security on other Characteristics of an InfoProvider give * in your AA which will byepass check on that particular Auth relevant Characteristics..
  More over,See to that all the key figures are properly authorized as all the keyfigures are by default auth relevant in BI.
  Cheers,,
  Ramkumar C

• Disabling authorizations checks for transactions SU53 and/or SU56.

  Greetings.
  I seem to remember reading that there was either a system profile parameter or a table entry that can be used to disable all authorizations checks for transactions SU53 and/or SU56.
  Any truth in this or is my mind playing tricks on me?

  Hi,
  I guess theres is profile param auth/tcodes_not_checked(I guess thats right), this will exclude SU53/SU56 from checks on transaction code.
  This can be done using RZ10 and need to restart the system.
  Rakesh

• Authorization check for production order settlement

  Hi All,
  Production order settlement currently can be done by any user of any company code. there is a high risk involved in the same since unauthorized postings may happen. Hence we need to add authorization check for production order settlement. Can we maintain the same at the plant or the company code level?
  Waiting for your replies. Thanks in advance!
  Regards,
  Aman Goel

  hi
  What venki has told abt the exit, its absolutely correct.Even i have used the same exit
  •     From table CAUFV pick Material(PLNBEZ),Basic Start Date(GLTRP),Plant(WERKS) .
  •     Pass parameter Material(PLNBEZ) and Plant(Werks) in table MBEW in respective fields i.e. Material(MATNR) and Plant(WERKS).
  •     Pick the latest record for the current period(LFMON) and year(LFGJA).
  •     Pick Product Cost Estimate number(KALN1) from the record and pass it to table KEKO.
  •     Check if Production Order Basic Start Date(GLTRP)<= BIDAT, if NO post Error Message.
  This is the FS for EXit PPco0007
  Reward if useful
  Amit

• Authorization check for Removing of Delivery block in Sales Order

  Hi,
  I want to have an authorization check for the person removing the delivery block in the Sales Order.
  By Default all Sales Orders will have a delivery block. I want to ensure that the user does not have the authorization to Remove the Delivery block.He should be able to choose any reason in the Delivery block if required.
  Only the user which has the authorization to remove the delivery block should be able to do so.
  I have checked that the Delivery block field does not have an Auth Object.
  I want to enable delivery block removal for some users and restrict the same for others.
  Please Advise

  Hi,
  In object V_VBAK_AAT you can find the activity 43 that is meant for authorisation, that should be removed for the users who are not supposed to release the sales order for any blocks.
  Try that it will work.
  Regards,
  Mann.

• Authorization check For T code

  Hi everyone,
  Can anybody guide to set a  authorization check  for a particular Tcode.
  I have ztable where users are assigned particular numbers.
  I want the users who are assigned some numbers should be able to use this particular t code
  Thanks in advance

  hi
  chk this out
  AUTHORITY-CHECK
  Basic form
  AUTHORITY-CHECK OBJECT object
      ID name1  FIELD f1
      ID name2  FIELD f2
      ID name10 FIELD f10.
  Effect
  Explanation of IDs:
  object
  Field which contains the name of the object for which the authorization is to be checked.
  name1 ...
  Fields which contain the names of the
  name10
  authorization fields defined in the object.
  f1 ...
  Fields which contain the values for which the
  f10
  authorization is to be checked.
  AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).
  You must specify all authorizations for an object and a also a value for each ID (or DUMMY).
  The system checks the values for the IDs by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.
  If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.
  If the return code value in SY-SUBRC is 0, the user has the required authorization and may continue.
  The return code value changes according to the different error scenarios. The return code values have the following meaning:
  4
  User has no authorization in the SAP System for such an action. If necessary, change the user master record.
  8
  Too many parameters (fields, values). Maximum allowed is 10.
  12
  Specified object not maintained in the user master record.
  16
  No profile entered in the user master record.
  24
  The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.
  28
  Incorrect structure for user master record.
  32
  Incorrect structure for user master record.
  36
  Incorrect structure for user master record.
  If the return code value is 8 or 24, inform the person responsible for the program. If the return code value is 4, 12, 16 or 24, consult your system administrator if you think you should have the relevant authorization. In the case of errors 28 to 36, contact SAP because authorizations have probably been destroyed.
  Individual authorizations are assigned to users in their respective user profiles, i.e. they are grouped together in profiles which are stored in the user master record.
  Note
  Instead of ID name FIELD f, you can also write ID name DUMMY. This means that no check is performed for the field concerned.
  The check can only be performed on CHAR fields. All other field types result in 'unauthorized'.
  Example
  Check whether the user is authorized for a particular plant. In this case, the following authorization object applies:
  Table OBJ: Definition of authorization object
  M_EINF_WRK
     ACTVT
     WERKS
  Here, M_EINF_WRK is the object name, whilst ACTVT and WERKS are authorization fields. For example, a user with the authorizations
  M_EINF_WRK_BERECH1
     ACTVT 01-03
     WERKS 0001-0003 .
  can display and change plants within the Purchasing and Materials Management areas.
  Such a user would thus pass the checks
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' FIELD '0002'
      ID 'ACTVT' FIELD '02'.
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' DUMMY
      ID 'ACTVT' FIELD '01':
  but would fail the check
  AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
      ID 'WERKS' FIELD '0005'
      ID 'ACTVT' FIELD '04'.
  To suppress unnecessary authorization checks or to carry out checks before the user has entered all the values, use DUMMY - as in this example. You can confirm the authorization later with another AUTHORITY-CHECK

• No Authorization check for MultiProvide (S_RS_MPRO)

  Hello Every body
  We have a problem regarding the authorization check for MultiProviders. We have assigned the auth. object S_RS_MPRO to a user for one specific MultiProvider. We have also turned on the settings for "MultiProvider" and "MultiPro. (Query) in IMG.
  Unfortunately the user has access to all the MultiProviders. We have traced the user and have found out, that there is no authorization check for the MultiProviders.
  We have tried to remove the settings mentioned above and use “InfoCube (Query)” setting instead in conjunction with S_RS_ICUBE. No luck here neither.
  One thing that could be important to mention is that the Settings for "MultiProvider" and "MultiPro. (Query) in IMG has been implemented before the object has been assigned to a user.
  For that We removed the settings from all Roles, and then we assigned the object to a user, and at last we activated the settings for "MultiProvider" and "MultiPro. (Query) in IMG. No luck here neither.
  Bottom line is that the system does not check for S_RS_MPRO
  Any kind of suggestion would be appreciated
  /FZA
  SAP_BW 350
  SP 12
  BI_CONT 353
  PI_BASIS 2004_1_640

  0.820 BW-BEX-OT-OLAP-AUT 619778 No check of S_RS_ICUBE for Multiprovider 16.10.2003
  2. 0.800 BW-WHM-DST-AUT 626385 Multiprovider: Authorization in query fails 07.10.2003
  3. 0.790 BW-BEX-OT-OLAP-AUT 662617 Activity is 'Change', but only 'Display' is checked 07.01.2004
  4. 0.760 BW-WHM-DST-AUT 626574 MultiProvider authorization check during query 17.10.2003
  5. 0.760 BW-WHM-DBA-MPRO 520588 New authorization object S_RS_MPRO 05.11.2003
  6. 0.750 BW-WHM-DST-AUT 736996 Authorization check performed on S_RS_MPRO 28.06.2004
  7. 0.700 BW 693363 SAPBWNews BW SP03 NW'04 Stack 03 RIN 22.04.2005
  8. 0.690 BW 692636 SAPBWNews BW SP02 NW'04 Stack 02 RIN
  hallo
  Please have allok at the mentioned OSS note
  Mike

• How can I remove this extra authorization check for dynamic parameters

  Hello expert,
         I created a new dynamic hirarchical parameters as " client-->policy" in crystal report.   these parameter value are coming from a physical table.  the other part of report extract data by a oracle procedure. when I ran this report in client, it is ok for everything. but when I schedule it or run it in infoview,  I need extra authorization for access these dynamic parameter, eventhough this is not for accessing other parameters.  How can I remove this extra authorization check for dynamic parameters?

  Hi
  Open the crystal designer  Edit the parameter In the prompt window at the existing option you can find the LOV name.
  Open the Business view manager and find that prompt name in u201CRepository Exploreru201D window and select that parameter  right click that parameter  Select edit rights  provide rights for your user name in that window.
  --Naga

• How can I enable spell checking for a text box that is just one line, e.g. subject in e-mail?

  In a prior version of Firefox I found a website somewhere that told me what to do to enable spell checking for text boxes that are just one line. I got used to being able to send an e-mail with a Subject Line that didn't have a misspelling. Now it doesn't work. Please tell me how I can enable that again. I am on a Mac using Firefox 6.0.2. Thanks!

  See:
  *http://kb.mozillazine.org/Spell_checking
  *http://kb.mozillazine.org/layout.spellcheckDefault
  You can set the pref <b>layout.spellcheckDefault</b> to <i>2</i> on the <b>about:config</b> page.
  To open the <i>about:config</i> page, type <b>about:config</b> in the location (address) bar and press the "<i>Enter</i>" key, just like you type the url of a website to open a website.<br />
  If you see a warning then you can confirm that you want to access that page.<br />
  *Use the Filter bar at to top of the about:config page to locate a preference more easily.
  *Preferences that have been modified show as bold (user set).
  *Preferences can be reset to the default or changed via the right-click context menu.