SMD link authorization

Similar Messages

• Link authorization object to transaction code

  Hi to all
  how to link authorization object to transaction code?
  i think we can do by using SU24, i am not getting how to do ?
  can any one help me on this Immediately
  Regards
  raadha

  In SU24
  In the Application tab
  Type of Application: 'Transaction'
  Transaction Code:  'Tcode'
  In the Authorization Object tab
  Authorization Object: 'Authorisation object name'
  Type of Application: 'Transaction'
  Then Execute or Press F8...

• SMD link not working

  Hello,
  I have installed SMD Agent and its running fine.
  But when i try to access SMD link it gives me an error :
  404 error
  Resource not found.
  Kindly help.
  Thanks & Regards,
  Arpita Saini

  << Do not post the same question across a number of forums >>

• Report Link + Authorization Scheme

  I have an authorization scheme that checks whether a certain person has privileges to edit a record on Page 2 by referring to the :P2_ID in the authorization scheme. Page 1 has a report with a report link, but the user can see both items they are able to edit and items they are not. I know I can make the link dynamically in the sql but wanted to see if there was an easy way to use an authorization scheme, but pass the #REPORT_COL# value in the report over to an authorization scheme to show or hide the icon for me so I can get the link out of the sql.

  Great example Scott! However, I'd would caution the other Sc0tt that calling functions in a SQL statement is fine for a small number of rows, but can CRUSH performance for medium to large result sets. Even if the function is fast, you're still context-switching between SQL and PL/SQL for every row. Make sure you test this with the volume of data you expect your users to encounter. If it's a problem, you might force the user to apply some filters before running the query.
  If you're running 11g you can at least minimize the hit of the function with "Function Result Cache". Even if you're not on 11g yet, you can use the following code in 10g and it will switch-on result cache when you compile it in 11g:
  create or replace function auth_user(p_key in number)
       return varchar2
       $IF not dbms_db_version.ver_le_10_2 $THEN
            result_cache
       $END
  as
  begin
      pkg.g_value := p_key;
      if apex_application.public_security_check (p_security_scheme => 'AUTH_USER_COLUMN') then
          return '1';
      else
          return '0';
      end if;
  end;
  / If it is a reasonable result set, Scott's solution is perfect.
  Thanks,
  Tyler

• Archive Link Authorization problem for Business Partner.

  Hi Experts,
  Currently we are attaching documents to respective objects through Tr. OAWD & these documents are available in service for object as attachment, until this it is working fine.
  But we are facing problem of authorization for archive link of ISU- Business Partner. Letu2019s say we had two users USER-A & USER-B responsible to upload documents of Business partners started with 1 & 2 respectively.
  We needed authorization control for USER A&B so that,
  USER-A should upload documents for Business Partner 1001 to 1999
  & USER-B should upload documents for Business Partner 2001 to 2999
  we need to know can we restrict USER A&B so that they can not upload documents for Business Partner for which they are not responsible. we allready checked the roles "SAP_BC_SRV_ARL_*  " but not found useful to restrict USER A&B.
  Thanks in advance....

  Hi Sam,
  as this sounds like you search for suitable authorization objects I think that the authorization trace in transaction ST01 could be useful for you. For further information please see the following link: http://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationTraceintransactionST01
  Best regards,
  Christoph

• Authorization Object for Webclient UI BI-Links

  Hello,
  i created my first two BI-Reports for CRM Service and added them over navigationbar-profile to my businessrole.
  No i have the issue that i can see and process this new to BI-Links (authorization SAP_ALL and SAP_NEW).
  But i have an testuser which has the same authorization as our service users. With this testuser i can´t see the links.
  Does anybody know which authorization object i need to add to PFCG-role to see the links?
  Thank you
  Best regards
  Manfred

  Hello Robert,
  it must have to do with authorization.
  The buisnessrole is the same for both users "ZSRVHELPDESK".
  Authorization in BW is done for both users.
  But the user without CRM authorization SAP_ALL and SAP_NEW can´t see the two links to custom BW-Reports.
  Another idea?
  Thank you.
  Best regards
  Manfred

• Defining Authorizations for User to restrict the data in report.

  Hi Gurus,
  I have no idea on authorization concept in BI. Please give me anyone steps to creating authorization objects, roles and profiles to restrict the data for users.
  Ex.
  i have functinal location info object checked as authorization relavent with below data.
  FL001
  FL002
  FL003
  FL004
  FL005
  FL006
  FL007
  FL008
  FL009
  We have users like below.
  User1
  User2
  User3
  Now, if User1 is analysing a report he can see only FL001, FL005, FL009 only, remaining have to be omited.
  If User2 is analysing that report he can see only FL002, FL003, FL009. And like wise.
  So, Please help me providing the completed steps. I have done somting but failed.
  Thanks in advance
  Peter.

  Hello Peter,
  Please go through the following links
  Authorization :
  http://help.sap.com/saphelp_nw70/helpdata/en/59/fd8b41b5b3b45fe10000000a1550b0/frameset.htm
  SAP Authorization Concept :
  http://help.sap.com/saphelp_nw70/helpdata/en/52/671285439b11d1896f0000e8322d00/frameset.htm
  Thanks.
  With regrads,
  Anand Kumar

• Authorization by GL Account Group

  Hi,
  Is it possible to restrict authorizations by GL account Group (KTOKS)?
  Regards,
  Raj.

  Hi
  Please go through the below mentioned links
  Authorization Check on GL Account Group (KTOKS)
  how to creat authorisation group for gl posting
  Authorization Group for G/L Account
  Config - Authorization Group in G/L code
  Regards
  Praveen P C
  Edited by: Praveen Chirakkel on May 18, 2011 6:17 AM

• Sales Order Field Authorization

  We want to give user to have access in VA02, change the Sales order, but the only field she can change is the Terms of Payment (header or item level).. Is this possible?

  Hi,
  You may create authorization profile link in the link [Authorization at field level|Re: Sales Order Authorization] or
  alternatively you can use user exit in the sales order.
  Regards,

• Authorization Group restrictions

  Hi Experts,
  I want to restrict user to access documents with help of Authorization Group field in DIR.
  But, problem is client required this Auth. Group field as selection field and not as an entry field available in standard DMS.
  How to provide selection list to user for Auth. Group field. With BADI & SAP Access Key possible but not useful in my case because of some client side restrictions.
  Can SAP Moderator guide me, why SAP chose not to offer a drop down on Authorization Group field with a user selectable list option? Also not even gave chance to consultant to do configuration for such a critical field.
  Thx in advance..

  Hi
  Check my Wiki on the same.
  If you need any more info, get back
  Link: [Authorization group|https://wiki.sdn.sap.com/wiki/display/PLM/UsingAuthorizationGroupfieldin+DMS]
  And if you want to activate dropdown F4 then check this wiki:
  Link: [F4 for auth group|https://wiki.sdn.sap.com/wiki/display/PLM/F4forAuthorization+group]
  Niranjan
  points welcome for useful info
  Edited by: Niranjan Dandekar on Dec 12, 2008 2:08 PM

• Hey, I'm trying to authorize my new laptop with my iTunes account. How would I go about doing this?

  Hey, I'm trying to authorize my new laptop with my iTunes account. How would I go about doing this?

  Hi Michael1296,
  Thanks for visiting Apple Support Communities.
  Here are the steps to authorize a computer in iTunes:
  How do I authorize a computer?
  Open iTunes on the computer you want to authorize.
  Choose Store > Authorize This Computer from the menu bar.
  You might need to show the menu barto see this option in Windows. In earlier versions of iTunes, you can access this option from the Advanced menu.
  Enter your Apple ID and click Authorize.
  If your Apple ID uses an expired MobileMe account, you can still use it to authorize your computer.
  If iTunes asks you to authorize your computer again, it won't use a new authorization. iTunes uses the same authorization for the same computer.
  You can find these steps and more information at this link:
  Authorize your computer using iTunes
  All the best,
  Jeremy

• What is authorization object and how to create it for a table

  Hi All,
  What is authorization object and how to create it for a table?
  Thanks

  Hi
  Authorization
  For authorization checks, there are many ways of linking authorization objects with user actions in an SAP system. The following discusses three possibilities in the context of ABAP programming.
  Authorization Check for Transactions
  You can directly link authorization objects with transaction codes. You can enter values for the fields of an authorization object in the transaction maintenance. Before the transaction is executed, the system compares these values with the values in the user master record and only starts the transaction if the appropriate authorization exists.
  Authorization Check for ABAP Programs
  For ABAP programs, the two objects S_DEVELOP (program development and program execution) and S_PROGRAM (program maintenance) exist. They contains a field P_GROUP that is connected with the program attribute authorization group. Thus, you can assign users program-specific authorizations for individual ABAP programs.
  Authorization Check in ABAP Programs
  A more sophisticated, user-programmed authorization check is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.
  AUTHORITY-CHECK OBJECT object
                          ID name1 FIELD f1
                          ID name2 FIELD f2
                          ID namen FIELD fn.
  object is the name of an authorization object. With name1, name2 ... , and so on, you must list all fields of the authorization object object. With  f1, f2 ... , and so on, you must specify the values that the system is to check against the entries in the relevant authorization of the user master record. The AUTHORITY-CHECK statement searches for the specified object in the user profile and checks the useru2019s authorizations for all values of f1, f2 ... . You can avoid checking a field name1, name2 ... by replacing FIELD f1  FIELD f2 with DUMMY.
  After the FIELD addition, you can only specify an elementary field, not a selection table. However, there are function modules available that execute the AUTHORITY-CHECK statement for all values of selection tables. The AUTHORITY-CHECK statement is supported by a statement pattern.
  Only if the user has all authorizations, is the return value sy-subrc of the AUTHORITY-CHECK statement set to 0. The most important return values are:
  ·        0: The user has an authorization for all specified values.
  ·        4: The user does not have the authorization.
  ·        8: The number of specified fields is incorrect.
  ·        12: The specified authorization object does not exist.
  A list of all possible return values is available in the ABAP keyword documentation. The content of sy-subrc has to be closely examined to ascertain the result of the authorization check and react accordingly.
  REPORT demo_authorithy_check.
  PARAMETERS pa_carr LIKE sflight-carrid.
  DATA wa_flights LIKE demo_focc.
  AT SELECTION-SCREEN.
    AUTHORITY-CHECK OBJECT 'S_CARRID'
                    ID 'CARRID' FIELD pa_carr
                    ID 'ACTVT' FIELD '03'.
    IF sy-subrc = 4.
      MESSAGE e045(sabapdocu) WITH pa_carr.
    ELSEIF sy-subrc <> 0.
      MESSAGE e184(sabapdocu) WITH text-010.
    ENDIF.
  START-OF-SELECTION.
    SELECT  carrid connid fldate seatsmax seatsocc
      FROM  sflight
      INTO  CORRESPONDING FIELDS OF wa_flights
      WHERE carrid = pa_carr.
      WRITE: / wa_flights-carrid,
               wa_flights-connid,
               wa_flights-fldate,
               wa_flights-seatsmax,
               wa_flights-seatsocc.
    ENDSELECT.
  Regards
  Hitesh

• Authorization error in BI 7.0

  We have upgraded recently security model from 3.5 to 7.0.After  upgrading the
  Profit center authorizations are working fine but the costcenter authorizations are not working .any help is really appreciated.iam getting the error mentioned below.
  we are on Support Package Stack 11.
    Subselection (Technical SUBNR) 2  
  Supplementation of Selection for Aggregated Characteristics
    No Check for Aggregation Authorization Required  
  The following characteristics will be converted to SIDs and compared:
  0COSTCENTER
  Following Set Is Checked     Comparison with Following Authorized Set     Result     Remaining Set
  Characteristic     Contents
  0COSTELMNT     Node 8 5 0 473 R
  0COSTCENTER      Node 0 2 97 707 4
  0TCAACTVT
       SQL Format:
  TCAACTVT = '03'
       Characteristic     Contents
  0COSTELMNT     I EQ #
  I EQ :
  0COSTCENTER     Node 1
  0TCAACTVT     I EQ 03
       Not Authorized
  All Authorizations Tested
    Message EYE007: You do not have sufficient authorization  
    No Sufficient Authorization for This Subselection (SUBNR)  
  Following CHANMIDs Are Affected:
  92 ( 0COSTCENTER )
  294 ( 0COSTELMNT )
  Thanks,
  Raj

  Check following links.
  authorization information
  /thread/1232913 [original link is broken]
  Authorizations missing for aggregation (":")

• User has no ICF authorization ALC_ADMN

  Hi,
  I am new to BSP. I am trying to test a BSP application, but the IE shows a dump with below message
  "User has no ICF authorization ALC_ADMN for executing /sap/bc/bsp/sap/zio_for_cst_alc"
  Please advise on the same.
  Thanks in advance.

  Hi,
  Check with the following links
  [Authorization Object|http://help.sap.com/saphelp_nw04s/helpdata/EN/83/9b4941abbb4c0de10000000a1550b0/content.htm]
  [Administration of Business Server Pages|http://help.sap.com/saphelp_nw70/helpdata/EN/20/a43042366c0521e10000000a155106/content.htm]
  [Activatng ICF service|http://help.sap.com/saphelp_nw04/helpdata/EN/f3/f8193c99f5a765e10000000a11402f/content.htm]
  Hope this helps you.
  Regards,
  Rajani

• Cross linking PDs

  Hi, Is it possible to cross link Authorization Rules, Actions, Expressions, etc, across various Policy Domains statically created through the OAM console?
  Say I have 2 policy domains created through OAM console (PD1 and PD2), and an Authorization Action (Action1) for my first domain PD1, is there a way of invoking that Action ("PD1.Action1") from my policy definitions of PD2, without having to create Action1 again in PD2..?

  To edit a member document inside a Portfolio you have to open it (using the Open File link on the toolbar) - when it's previewing on a card you are just looking at a JPEG image.
  It's all rather messy but Adobe don't allow access to the regular tools if the Portfolio mode is active, so..
  Open your Portfolio
  Open the file in which the link is to be created (right-click the card or use the toolbar button)
  Use the Link tool to draw the active area
  Select "go to a Page View" and click OK.
  While the mini-dialog is active, switch back to the window with the Portfolio in it.
  Open the destination file (again with the right-click or toolbar button).
  Choose the page and click to fire the Link tool's mini-dialog.
  Close the target file.
  Save and close the source file.
  Save the Portfolio.
  If you're doing hundreds of links, set aside a week.