SMD link authorization
Hi,
I need to provide authorization to access smd link in solution manager EHP1 host:port/smd and Agent administration link. I would like to know what auth shall i provide. Because right now its giving message.unauthorized.
WEBADMIN RFC is working fine.
Thanks,
Rohan
Hello,
Check the corresponding security guide:
http://service.sap.com/~sapidb/011000358700000370562009E.PDF
and also this specific thread: Problem in Solution Manager Diagniostic in Solution Manager 7.0 ehp1
Cheers,
Diego.
Similar Messages
-
Link authorization object to transaction code
Hi to all
how to link authorization object to transaction code?
i think we can do by using SU24, i am not getting how to do ?
can any one help me on this Immediately
Regards
raadhaIn SU24
In the Application tab
Type of Application: 'Transaction'
Transaction Code: 'Tcode'
In the Authorization Object tab
Authorization Object: 'Authorisation object name'
Type of Application: 'Transaction'
Then Execute or Press F8... -
Hello,
I have installed SMD Agent and its running fine.
But when i try to access SMD link it gives me an error :
404 error
Resource not found.
Kindly help.
Thanks & Regards,
Arpita Saini<< Do not post the same question across a number of forums >>
-
Report Link + Authorization Scheme
I have an authorization scheme that checks whether a certain person has privileges to edit a record on Page 2 by referring to the :P2_ID in the authorization scheme. Page 1 has a report with a report link, but the user can see both items they are able to edit and items they are not. I know I can make the link dynamically in the sql but wanted to see if there was an easy way to use an authorization scheme, but pass the #REPORT_COL# value in the report over to an authorization scheme to show or hide the icon for me so I can get the link out of the sql.
Great example Scott! However, I'd would caution the other Sc0tt that calling functions in a SQL statement is fine for a small number of rows, but can CRUSH performance for medium to large result sets. Even if the function is fast, you're still context-switching between SQL and PL/SQL for every row. Make sure you test this with the volume of data you expect your users to encounter. If it's a problem, you might force the user to apply some filters before running the query.
If you're running 11g you can at least minimize the hit of the function with "Function Result Cache". Even if you're not on 11g yet, you can use the following code in 10g and it will switch-on result cache when you compile it in 11g:
create or replace function auth_user(p_key in number)
return varchar2
$IF not dbms_db_version.ver_le_10_2 $THEN
result_cache
$END
as
begin
pkg.g_value := p_key;
if apex_application.public_security_check (p_security_scheme => 'AUTH_USER_COLUMN') then
return '1';
else
return '0';
end if;
end;
/ If it is a reasonable result set, Scott's solution is perfect.
Thanks,
Tyler -
Archive Link Authorization problem for Business Partner.
Hi Experts,
Currently we are attaching documents to respective objects through Tr. OAWD & these documents are available in service for object as attachment, until this it is working fine.
But we are facing problem of authorization for archive link of ISU- Business Partner. Letu2019s say we had two users USER-A & USER-B responsible to upload documents of Business partners started with 1 & 2 respectively.
We needed authorization control for USER A&B so that,
USER-A should upload documents for Business Partner 1001 to 1999
& USER-B should upload documents for Business Partner 2001 to 2999
we need to know can we restrict USER A&B so that they can not upload documents for Business Partner for which they are not responsible. we allready checked the roles "SAP_BC_SRV_ARL_* " but not found useful to restrict USER A&B.
Thanks in advance....Hi Sam,
as this sounds like you search for suitable authorization objects I think that the authorization trace in transaction ST01 could be useful for you. For further information please see the following link: http://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationTraceintransactionST01
Best regards,
Christoph -
Authorization Object for Webclient UI BI-Links
Hello,
i created my first two BI-Reports for CRM Service and added them over navigationbar-profile to my businessrole.
No i have the issue that i can see and process this new to BI-Links (authorization SAP_ALL and SAP_NEW).
But i have an testuser which has the same authorization as our service users. With this testuser i can´t see the links.
Does anybody know which authorization object i need to add to PFCG-role to see the links?
Thank you
Best regards
ManfredHello Robert,
it must have to do with authorization.
The buisnessrole is the same for both users "ZSRVHELPDESK".
Authorization in BW is done for both users.
But the user without CRM authorization SAP_ALL and SAP_NEW can´t see the two links to custom BW-Reports.
Another idea?
Thank you.
Best regards
Manfred -
Defining Authorizations for User to restrict the data in report.
Hi Gurus,
I have no idea on authorization concept in BI. Please give me anyone steps to creating authorization objects, roles and profiles to restrict the data for users.
Ex.
i have functinal location info object checked as authorization relavent with below data.
FL001
FL002
FL003
FL004
FL005
FL006
FL007
FL008
FL009
We have users like below.
User1
User2
User3
Now, if User1 is analysing a report he can see only FL001, FL005, FL009 only, remaining have to be omited.
If User2 is analysing that report he can see only FL002, FL003, FL009. And like wise.
So, Please help me providing the completed steps. I have done somting but failed.
Thanks in advance
Peter.Hello Peter,
Please go through the following links
Authorization :
http://help.sap.com/saphelp_nw70/helpdata/en/59/fd8b41b5b3b45fe10000000a1550b0/frameset.htm
SAP Authorization Concept :
http://help.sap.com/saphelp_nw70/helpdata/en/52/671285439b11d1896f0000e8322d00/frameset.htm
Thanks.
With regrads,
Anand Kumar -
Authorization by GL Account Group
Hi,
Is it possible to restrict authorizations by GL account Group (KTOKS)?
Regards,
Raj.Hi
Please go through the below mentioned links
Authorization Check on GL Account Group (KTOKS)
how to creat authorisation group for gl posting
Authorization Group for G/L Account
Config - Authorization Group in G/L code
Regards
Praveen P C
Edited by: Praveen Chirakkel on May 18, 2011 6:17 AM -
Sales Order Field Authorization
We want to give user to have access in VA02, change the Sales order, but the only field she can change is the Terms of Payment (header or item level).. Is this possible?
Hi,
You may create authorization profile link in the link [Authorization at field level|Re: Sales Order Authorization] or
alternatively you can use user exit in the sales order.
Regards, -
Authorization Group restrictions
Hi Experts,
I want to restrict user to access documents with help of Authorization Group field in DIR.
But, problem is client required this Auth. Group field as selection field and not as an entry field available in standard DMS.
How to provide selection list to user for Auth. Group field. With BADI & SAP Access Key possible but not useful in my case because of some client side restrictions.
Can SAP Moderator guide me, why SAP chose not to offer a drop down on Authorization Group field with a user selectable list option? Also not even gave chance to consultant to do configuration for such a critical field.
Thx in advance..Hi
Check my Wiki on the same.
If you need any more info, get back
Link: [Authorization group|https://wiki.sdn.sap.com/wiki/display/PLM/UsingAuthorizationGroupfieldin+DMS]
And if you want to activate dropdown F4 then check this wiki:
Link: [F4 for auth group|https://wiki.sdn.sap.com/wiki/display/PLM/F4forAuthorization+group]
Niranjan
points welcome for useful info
Edited by: Niranjan Dandekar on Dec 12, 2008 2:08 PM -
Hey, I'm trying to authorize my new laptop with my iTunes account. How would I go about doing this?
Hi Michael1296,
Thanks for visiting Apple Support Communities.
Here are the steps to authorize a computer in iTunes:
How do I authorize a computer?
Open iTunes on the computer you want to authorize.
Choose Store > Authorize This Computer from the menu bar.
You might need to show the menu barto see this option in Windows. In earlier versions of iTunes, you can access this option from the Advanced menu.
Enter your Apple ID and click Authorize.
If your Apple ID uses an expired MobileMe account, you can still use it to authorize your computer.
If iTunes asks you to authorize your computer again, it won't use a new authorization. iTunes uses the same authorization for the same computer.
You can find these steps and more information at this link:
Authorize your computer using iTunes
All the best,
Jeremy -
What is authorization object and how to create it for a table
Hi All,
What is authorization object and how to create it for a table?
ThanksHi
Authorization
For authorization checks, there are many ways of linking authorization objects with user actions in an SAP system. The following discusses three possibilities in the context of ABAP programming.
Authorization Check for Transactions
You can directly link authorization objects with transaction codes. You can enter values for the fields of an authorization object in the transaction maintenance. Before the transaction is executed, the system compares these values with the values in the user master record and only starts the transaction if the appropriate authorization exists.
Authorization Check for ABAP Programs
For ABAP programs, the two objects S_DEVELOP (program development and program execution) and S_PROGRAM (program maintenance) exist. They contains a field P_GROUP that is connected with the program attribute authorization group. Thus, you can assign users program-specific authorizations for individual ABAP programs.
Authorization Check in ABAP Programs
A more sophisticated, user-programmed authorization check is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.
AUTHORITY-CHECK OBJECT object
ID name1 FIELD f1
ID name2 FIELD f2
ID namen FIELD fn.
object is the name of an authorization object. With name1, name2 ... , and so on, you must list all fields of the authorization object object. With f1, f2 ... , and so on, you must specify the values that the system is to check against the entries in the relevant authorization of the user master record. The AUTHORITY-CHECK statement searches for the specified object in the user profile and checks the useru2019s authorizations for all values of f1, f2 ... . You can avoid checking a field name1, name2 ... by replacing FIELD f1 FIELD f2 with DUMMY.
After the FIELD addition, you can only specify an elementary field, not a selection table. However, there are function modules available that execute the AUTHORITY-CHECK statement for all values of selection tables. The AUTHORITY-CHECK statement is supported by a statement pattern.
Only if the user has all authorizations, is the return value sy-subrc of the AUTHORITY-CHECK statement set to 0. The most important return values are:
· 0: The user has an authorization for all specified values.
· 4: The user does not have the authorization.
· 8: The number of specified fields is incorrect.
· 12: The specified authorization object does not exist.
A list of all possible return values is available in the ABAP keyword documentation. The content of sy-subrc has to be closely examined to ascertain the result of the authorization check and react accordingly.
REPORT demo_authorithy_check.
PARAMETERS pa_carr LIKE sflight-carrid.
DATA wa_flights LIKE demo_focc.
AT SELECTION-SCREEN.
AUTHORITY-CHECK OBJECT 'S_CARRID'
ID 'CARRID' FIELD pa_carr
ID 'ACTVT' FIELD '03'.
IF sy-subrc = 4.
MESSAGE e045(sabapdocu) WITH pa_carr.
ELSEIF sy-subrc <> 0.
MESSAGE e184(sabapdocu) WITH text-010.
ENDIF.
START-OF-SELECTION.
SELECT carrid connid fldate seatsmax seatsocc
FROM sflight
INTO CORRESPONDING FIELDS OF wa_flights
WHERE carrid = pa_carr.
WRITE: / wa_flights-carrid,
wa_flights-connid,
wa_flights-fldate,
wa_flights-seatsmax,
wa_flights-seatsocc.
ENDSELECT.
Regards
Hitesh -
Authorization error in BI 7.0
We have upgraded recently security model from 3.5 to 7.0.After upgrading the
Profit center authorizations are working fine but the costcenter authorizations are not working .any help is really appreciated.iam getting the error mentioned below.
we are on Support Package Stack 11.
Subselection (Technical SUBNR) 2
Supplementation of Selection for Aggregated Characteristics
No Check for Aggregation Authorization Required
The following characteristics will be converted to SIDs and compared:
0COSTCENTER
Following Set Is Checked Comparison with Following Authorized Set Result Remaining Set
Characteristic Contents
0COSTELMNT Node 8 5 0 473 R
0COSTCENTER Node 0 2 97 707 4
0TCAACTVT
SQL Format:
TCAACTVT = '03'
Characteristic Contents
0COSTELMNT I EQ #
I EQ :
0COSTCENTER Node 1
0TCAACTVT I EQ 03
Not Authorized
All Authorizations Tested
Message EYE007: You do not have sufficient authorization
No Sufficient Authorization for This Subselection (SUBNR)
Following CHANMIDs Are Affected:
92 ( 0COSTCENTER )
294 ( 0COSTELMNT )
Thanks,
RajCheck following links.
authorization information
/thread/1232913 [original link is broken]
Authorizations missing for aggregation (":") -
User has no ICF authorization ALC_ADMN
Hi,
I am new to BSP. I am trying to test a BSP application, but the IE shows a dump with below message
"User has no ICF authorization ALC_ADMN for executing /sap/bc/bsp/sap/zio_for_cst_alc"
Please advise on the same.
Thanks in advance.Hi,
Check with the following links
[Authorization Object|http://help.sap.com/saphelp_nw04s/helpdata/EN/83/9b4941abbb4c0de10000000a1550b0/content.htm]
[Administration of Business Server Pages|http://help.sap.com/saphelp_nw70/helpdata/EN/20/a43042366c0521e10000000a155106/content.htm]
[Activatng ICF service|http://help.sap.com/saphelp_nw04/helpdata/EN/f3/f8193c99f5a765e10000000a11402f/content.htm]
Hope this helps you.
Regards,
Rajani -
Hi, Is it possible to cross link Authorization Rules, Actions, Expressions, etc, across various Policy Domains statically created through the OAM console?
Say I have 2 policy domains created through OAM console (PD1 and PD2), and an Authorization Action (Action1) for my first domain PD1, is there a way of invoking that Action ("PD1.Action1") from my policy definitions of PD2, without having to create Action1 again in PD2..?To edit a member document inside a Portfolio you have to open it (using the Open File link on the toolbar) - when it's previewing on a card you are just looking at a JPEG image.
It's all rather messy but Adobe don't allow access to the regular tools if the Portfolio mode is active, so..
Open your Portfolio
Open the file in which the link is to be created (right-click the card or use the toolbar button)
Use the Link tool to draw the active area
Select "go to a Page View" and click OK.
While the mini-dialog is active, switch back to the window with the Portfolio in it.
Open the destination file (again with the right-click or toolbar button).
Choose the page and click to fire the Link tool's mini-dialog.
Close the target file.
Save and close the source file.
Save the Portfolio.
If you're doing hundreds of links, set aside a week.
Maybe you are looking for
-
How to Remove duplicate entries in address book
After syncing with iCloud (three computers and a phone) suddenly I am seeing multiple entries for the same contact in the address book and multiple entries in the calendars for the same event. Can anyone suggest how to stop this and how to delete th
-
Which are the standard classes for events in ALV and explain each class pls
which are the standard classes for events in ALV and explain each class pls POINTS WILL BE AWARDED, REGARDS, jagrut bharatkumar Shukla
-
How to reorder the rows in a UITableView
Hello, I have a UITableView in my application. I want to reorder the rows of my table view on a multiple touch event. Is there any way around to do this? I have seen the touch event in the UIViewController class, but if i touches on my table view it
-
Customized Error Message for User
What's your recommendation re displaying Customized User Error msg as opposed to the generic, techy #SQLERRM# ? How can one implement this ? How can one capture #SQLERRM# (or whatever), evaluate the ORA number and display a message grandmom can under
-
Hey guys! We got damaged Prime 1.2 and i want to reimage it, but can't undesrtand how to do it. I got NCS-APL-1.3.0.20-1-K9.iso, i know that is for 1.3 but i hope its not a problem. so idlike to perform full remage from this iso but when i burn thist