Role authorization for product selection

Similar Messages

• Multiple schedule line and reschedule for product selection

  Hi,
  Is it possible to mainatine multiple sechedule line for sales order where product selection is active
  Let me explain the problem in detail.
  We are using product selection functionality while creating sales order. Say for example in VB11 transaction I have maintained A= A1, A2 and A3. Where A1 has stock 50, A2 has stock 30, A3 has stock 20. Suppose my sales order is 150 for material A. The reason used is 0004 'automatic'. So while creating the sales order, confirmed qty for A1=50, A2 =30 and A3
  = 20. I have unconfirmed qty. 50. for this scenario, I need to enable a
  partial delivery, 1st I need to let the customer know when my 100 pcs going to be delivered and 2nd when my balance 50 pcs going to be delivered. So in the sales order I need to maintain two schedule line , one for
  confirmed 100 and another for unconfirmed 50. I am not able to do this.
  I can maintain only one schedule line per main item and at the sub item
  level not possible to maintain.
  The second problem is that, when I get stock for unconfirmed 50, I can
  not reschedule. can anyone please help to solve this issue?
  Regards,
  Beena

  goto item and doublle click on item and goto schedule lines and chenage the shedule lines..
  wat i know is by avaiblity check it propose the delievry dates of items...
  goto MM02 and mrp 1.. you can give there days to producee..
  OR doc type propose delivery dates.. lead days...
  hope it helps
  you
  ramki

• Roles & Authorizations for Web Reports...

  Hello Experts,
  We are newly implementing Web Reports in our organization. I need your great thoughts regarding implementing Authorizations for users to access the reports.
  We are using a report menu page that contain links to all the reports. The page opens by clicking on a link on the portal. The individual reports are basically accessed from this page by clicking on the corresponding button (links a URL ).
  I wonder if there is any way to look into the menu page (XHTML code of that web page/application) when ever the users click on the reports link and disable those buttons that the users are not allowed to access depending on the roles users are assigned to. Otherwise is there any better way to do it.
  And also how to call a function from web applications.
  This is a kind of urgent issue any quick ideas would be greatly appreciated.

  I apologize for the difficulty in reading this  I will repost.
  We have had no training or received any documenation on WAD.  The below was created from internet research.  Hence there may be WAD functionality that would allow easier maintenance, however; this is what we use.
  With our dashboard, I have a web template that contains hyperlinks for our reports.  I will call this HeaderTemplate1.  For each web page I have report templates.  These report templates have the HeaderTemplate1 mentioned above as well as the report tables, charts, text elements, tabs, etc.
  The JavaScript logic for accessing the urls of the specific report templates is contained within our HeaderTemplate1.
  Below is how our setup was tested.  Keep in mind, this was only for testing basic functionality.  If this is something we use I will most likely create a master data table that houses the user ID and an attribute for the header type.  Thus, any report menu changes can be altered quickly without changing the javascript of each report template.  Also this will accomodate the few thousand users we have.
  To add the functionality of different 'menus', I created another header template with the same hyperlinks of HeadertTemplate1 with the exception of one or two hyperlinks.  This, HeaderTemplate2, was added to each report template just below HeaderTemplate1.  Note that both HeaderTemplate1 and HeaderTemplate2 were set as visible on each report template.
  Also, on each report template I added a text element.  The 'List of Text Elements'property was set as such; Element Type = General Text Sympol,  Element ID = SYUSER.  This Text Element was linked to a query  or view from BEx via the dataprovider.  On the HTML side, I surrounded this Text Element with
  <Font ID="UserID",,,textelement....</Font>
  Each Report template has this javascript function, fnRepOnLoad, which is triggered at the OnLoad event.
  [<SCRIPT language = "JAVASCRIPT">                       
    function fnRepOnLoad()
      var user_ID=document.getElementById("UserID").innerHTML;
      if (user_ID=='USER123')
        document.all["HEADTMPLT1"].style.visibility = 'hidden';
        document.all["HEADTMPLT1"].style.position = 'absolute';
      else         
        document.all["HEADTMPLT2"].style.visibility = 'hidden';
        document.all["HEADTMPLT2"].style.position = 'absolute';
  </script>
  The function results as this.  If the user is USER123, HeaderTemplate1 is hidden, leaving only HeaderTemplate2 visible.  Otherwise HeaderTemplate2 is invisible leaving on HeaderTemplate1 visible.
  We do not use buttons as our global leaders prefer hyperlinks but buttons can be enabled or disabled similarly.
  As mentioned before, if this method is implemented, I will create a reportable master data table.  Create a customer exit variable to retrieve the header template required for the user.  This header template variable value will then be pulled by a text element on each report template.  The script function will act as follows.  If many report headers are necessary I may use a case statement.
  Var User_template=document.getElementById("UserTmplt").innerHTML;
  If UserTmplt = HeaderTemplate1
  -->  make all header templates other than HeaderTemplate1 invisible
  else
  -->  make all header templates other than HeaderTemplate2 invisible
  etc...
  I hope this helps.  Please keep me posted with your solution.  I am very interested to learn what others are doing.
  Best Regards,
  Larry

• Role authorization for CJ88 T Code

  SAP Gurus
  can any one tell me control the CJ88 T code, my client is having 4 business areas but, so in one business area employee will not access the other business area WBS element, can any one tell me how can i control
  thanks in adv
  venkat

  You could get with your Basis group to add the authorization object: F_BKPF_GSB - Accounting Document: Authorization for Business Areas to the CJ88 transaction and set it to be checked at execution.  Then you could create different roles for each business area and set them to the different values for BA.  You can use TCode SU24 to see that there are no authorization objects in CJ88 for checking BA in SAP standard.
  Alternately, you could find another role that already has this object and limit it by each area, but this would take multiple, nearly identical roles.
  Regards

• Authorization for production

  Hi all!
  We are creating Add on for SAP Business One.
  We want to authorize for user who create Production order. They only review themself documents that they created. Another user can not.
  Can you  help me .
  Thanks!

  Hi,
  Why don't you give modification changes to the user who creates the documents itself.
  That is nothing but pls check the user name from the document and allow to change the doccument if the current user is ths owner of the document itself. other wise generate the message says that he/she is not the person to change the production order.
  Regards
  Chidambaram

• Roles/Authorization to read / select  SAP/BW Tables

  Hi,
  i 'm trying to figure out:
  What authorizations/roles are necessary from which schema User
  to have
  read / select  access to the SAP/BW Tables in native  SAP/HANA (SAP/HANA Developer Studio) ?
  ThanXs
  Best Martin

  Hi Martin,
  Once you pull the table into HANA(from any source),its like more or less a normal table sits in HANA, so there is no special authorization needed for the tables which comes from BW.
  You can refer the Security guide of HANA which will give more insights about the required privileges and roles to read the tables
  http://help.sap.com/hana/hana1_sec_en.pdf
  Hope this helps you.
  Rgds,
  Murali

• Roles/authorizations for user to Solman Diagnostics.

  We have a need to have non-administrator persons access our Sol Man
  Diags environment. We do not want them to access with j2ee_admin
  account.
  How / what roles or authorizations do I assign to restricted users so
  users cannot see the administration and setup tabs and not be able to
  turn traces on?

  The roles for the end users are mentioned in the standard SMD guide  pleas go thuroug it

• Role & Authorization for HR Administrator?

  How to define role for
  1) PA Administrator
  2) Time Administrator
  3) Payroll Administrator
  What kind of authorization should be given for
  1) PA Administrator
  2) Time Administrator
  3) Payroll Administrator
  What kind of authorization should be given to the HR Manager?

  You Normally Create ROle and Assign these users.
  1) PA Administrator
  All PA infotypes Reports etc
  2) Time Administrator
  ALl time Infotypes and reports
  3) Payroll Administrator
  All payroll Infotypes (8,9,14,15,0267) for international and reports and forms and programs if required.
  Afrasyab

• Role authorization for FAGLB03

  I am trying to create a role the only contains FAGLB03 and I would like to be able to restrict which accounts and comany(s) the user can see.  When I create the role there are no authorization objects associated with FAGLB03 so I cannot restrict it.  Is it possible to do this, and if so how?

  Hi John,
  Go to SU24 and type in transaction FS10N and activate the ones you need. inorder to know what needs to be activated run the transaction and see what object it is checking and activate those in SU24.
  Thanks,
  SS

• Product selection with outcome B

  Hi all,
  I would like to know which item category  and schedule line category to be used if I am using outcome B in material determination functionality.
  Can anyone help me with this configuration.
  Regards,
  Beena

  Hi,
  For product selection with outcome B, The higher level item category is TAX(Non stock item) with schedule line category CX(No inventory mgmt.).
  Item category of product selection is TAPS (Std.Item PS) it comes with Schedule line category of PN( Selection without MRP) and PP (Selection with MRP).
  These are all standards. If you would like to configure new item & schedule line category that is also possible for particular order type.
  Hope, it is useful to you.
  Regards,
  S.Balaji

• SAP BI : Roles & Authorizations

  Hi,
  I am working on roles & authorizations for SAP BI 7.0 How can I create authorization for a scenario mentioned below:
  One user (userid ALAN) has two vendors under him viz V001 & V001A.
  V001 has access to plant A001, A002 and
  V001A has access to plant A002, A003, F002.
  The data is created in SAP R3 and brought into SRM using criteria based on document type say ELEM. Even though V001 does not have access to plant A003, it can create documents of type ELEM. The business does not want this document to appear for V001.
  The business needs documents to be displayed as follows, irrespective of documents existing in SAP R3:
  Plants A001, A002 for V001 and
  Plants A002, A003, F002 for V001A.
  Please confirm if the following approach will work:
  Create vendor - plant role
  Role 1
  Vendor = V001
  Plants = A001, A002
  Role 2
  Vendor = V001A
  Plants = A002, A003, F002
  Assign User ALAN both roles Role 1 and Role 2.
  Please suggest a solution as I have to deliver about 2000+ roles by end of week.
  Thanks in advance.

  Hi,
  Seems that you are looking for a merge of the authorization. Please take a look in the note 1000004 where you are going to see the explanation about the merging.
  1000004 - Merging and optimizing analysis authorizations
  This documentation should help you.
  Regards,
  Rafael

• Demand Planning - No authorization for all characteristic values selected

  Hello All,
  I am trying to load the data and it is giving error "You do not have authorization for all the characteristic
  values selected".  I can access the data in sandbox but not in Development. SU53 of both are same.
  Also the roles are same in both the system.  /sapapo/mc77 - maintain selection assignments is also same in both the systems.
  Thank you for the help.
  Regards
  Pratap

  Hi,
  This is a case of inadequate authorization for display or execution of demand planning.
  I don't understand what you exactly mean by
  "su53 of both are same".
  SU53 gives you a list of the authorization check that the system last executed on the ID.
  Here r some suggestions. do an su53 immediately after the authorization error message is flashed.
  It shall give you the authorization object which is required for that activity that you were attempting.
  Also it suggested the name of role/s which have the required authorization object already present.
  It is possible that you might have ALL authorizations in dev system, but the quality and production systems are usually the area where selective authorizations are to be used.
  Hence the basis team might not have given you all the authorizations in the higher system where you are facing the above issue.
  Hope this helps
  Regards

• Authorization S_RS_AUTH in role PFCG for Analyzer

  Hi folks,
  I have a doubt in PFCG role for BEx Analyzer workbooks.
  For restricting roles and authorizations, we are working with PFCG roles, and RSECADMIN authorizations, as we have many different users who have different authorizations.
  In that way, we have created a role in PFCG, it doesn't contain S_RS_AUTH in Production as authorizations are managed in RSECADMIN as I explained (lots of different users). When a user executes the workbook (RRMX), everything works fine.  However, if we execute those workbooks in Development system, without S_RS_AUTH in PFCG role, workbook doesn't show the selection screen, so it doesn't work.  If I add S_RS_AUTH in Development, workbooks (RRMX) works well, but we cannot restrict with different authorizations as we have so many that we do it through RSECADMIN.
  I was following this article: AUTHORIZATION FOR BI REPORTING - Business Intelligence (BusinessObjects) - SCN Wiki
  Does anyone know why it works in Production and no in Development? How can I do for making it work in Development without restricting S_RS_AUTH in the role?
  Thanks!

  Yes, it's the same patch level (recently upgraded indeed).
  Moreover, I've discover than even putting S_RS_AUTH, it doesn't work well. I mean, if I put * or 0BI_ALL, it works, if I put any other authorization for restricting, workbook doesn't work well (it doesn't show the selection screen pop-up)
  It's being a nasty problema as we cannot do tests.

• Restricting the ATP user for GATP - corrrect roles/authorizations

  Hi:
  If the dialog user that is used for the ATP check (from ECC to GATP) has more authorizations than needed and this is going to be a problem in production. The user can run SCM transactions from the results screen of ECC and this is not desirable.
  Therefore, the ATP user should be a restricted user that has only authorizations for this specific task. If you know what are the exact roles/authorizations to give to the ATP user, could you share them?
  Thanks in advance.
  Satish

  For R/3 please check OSS  Note 447543 - APO: Authorizations too comprehensive/not user-specific.
  "If it is necessary to have different authorization profiles in APO for different R/3 users when calling in APO, the following solution applies:
  Activate the setting in SM59 that is used for the RFC connection CURRENT USER.
  In the APO system, create the respective users and assign authorization profiles. This is necessary in order to achieve the necessary flexibility concerning authorizations in the APO system."
  For APO :
  AuthorizationsObject   C_APO_ATP in APO .
  please chose activity as per  user role.
  01       Create or generate
  02       Change
  03       Display
  04       Print, edit message
  06       Delete
  16       Execute
  39       Check
  Manish
  Edited by: Manish Kumar Rathi on Oct 21, 2008 1:24 PM

• Table for Role & Authorization group

  Hi Gurus,
  I am looking for a table or FM to get all roles for Authorization group.
  I tried in SUIM tcode but could not able to find exact DB table for these.
  Giri
  P.S.: To Moderator:
         My earlier thread was locked for the same question, I was searching in SDN and google from last 3 days and could not able to find enough information on it. AGR_USERS, TBRG, TACT are the tables i found. But still there is a link missed between Role & Authorization Group.

  Thomas,
  My report have selection screen with Auth group and user.
  If user provides Auth. Group then need to find all roles linked to auth group and users assigned to that role.
  In my investigation, there is link between Auth. Group <--> Auth. object.
  Also Auth. Object <--> Role.
  but still there is a fine link missing between Auth Group <--> Role.
  For Eg: Auth Object S_TABU_DIS will be associated to all Auth. Groups but assigned to only limited roles.
  I tried to debug the SUIM transaction multiple times but couldn't find the tables to find the link and not able to find the FM's.
  if anybody have any idea to find that link between Auth. Group & Role then it will be helpful....
  Giri