STS authorization for field comment
Somebody can help me in this issue?
We are working with BPS and STS, and the users receive an authorization error when trying to save their comments in STS pages, they only have authorization for executing with R_STS_PT. However administrators o develepopers with R_STS_SUP can save their comments. Which is the authorization object to save comments?
Thanks in advanced
Hi,
Go through this:
Authorization Objects in the STS
http://help.sap.com/saphelp_nw04/helpdata/en/26/fe7b4070ebd462e10000000a155106/content.htm
Regards-
Siddhu
Similar Messages
-
Active authorize for field in TCode MIGO
Dear All
In Display material Document (by MIGO), there are field GOITEM-DMBTR (Amt.in loc.cur.)
How to active the authorize for this field
For Example User A can display this field and user B can't display
Would you like help me please
thanks
imronhi...
this can be done by basis consultant...
if u r missing authorization then...run SU53..and note down the object which is giving the authorization issue..
and then ask ur basis consultant that..assign that object to particular user role...
Try this out..
Thanks -
Authorization object for field, EBAN-ESTKZ (creation indicator)
Dear All,
Does anyone know if there is an authorization object for field, EBAN-ESTKZ?
I need to control the PR's authorization at creation indicator level. i.e. we need to remove the ability for all users to change Purchase Requisitions created by MRP.
Thanks,
Arun.Hi Jay,
Thanks for your response.
I didnt find it there. You have any Z options?
Thanks,
Arun. -
We need to give field-level authorization for some fields
The schenario is as follows :
1. There are various storage locations within a plant.
2. There is one or more people incharge of creating PO and receiving
stocks for every storage location.
3. We dont want to authorise the person incharge of one storage
location to receive stock in another storage location or even view the
other storage locations at the time of creating the PO or any other
transaction. The user incharge of one storage location should not be
able to view any other storage location in any storage location field's
drop down.
regards
Manish
+91 9811647727Hi Umesh,
Please see the documentations for authorization profile P_ABAP in the R/3 library and the following:
SU03 -> HR Human resources -> position your cursor to P_ABAP HR: Reporting -> choose button "Docu." -> the pop-up "help - P_ABAP" appears.
There is an example, which describes a similar issue regarding RPTIME00 and the Basic pay infotype (0008).
The standard reports of personnel administration are based on logical database PNP I would recommend to set your authorization as follows:
Object HR: Master data (P_ORGIN) (two authorizations)
Infotype 0002 ' '
Subtype * ' '
Authorization level R ' '
Organizational key ' ' 0001YYYYXXX
Object HR: Reporting (P_ABAP)
Report name SAPDBPNP
Degree of simplification 1
Please note, that if a user has authorization for e.g. the birthday list , (s)he will be able to view the birth date through thisquery, although (s)he cannot access to IT0002 through PA20.
Another possibility would be using Customer-Specific Authorization Object P_NNNNN. I have attached a file with a very comprehensive documentation regarding HR authorizations. P_NNNNN is documented on pages 40 ff.
Hope this help
Sarah -
Field level Authorization for IT0002
Hi All,
We have a requirement to control the authorization for the field NI Number/Social Security number from IT0002.
This field is getting displayed in various standard reports which are in use by administrators/Managers etc....
We want to disable the access of this field to every one, even the HR administartor.
Kindly suggest if this is possible using authorizations.
I know that we can hide the field in display access for PA20 or PA30, but I am particularly serching the option for various reports.
Regards,
Umesh Chaudhari.Hi Umesh,
Please see the documentations for authorization profile P_ABAP in the R/3 library and the following:
SU03 -> HR Human resources -> position your cursor to P_ABAP HR: Reporting -> choose button "Docu." -> the pop-up "help - P_ABAP" appears.
There is an example, which describes a similar issue regarding RPTIME00 and the Basic pay infotype (0008).
The standard reports of personnel administration are based on logical database PNP I would recommend to set your authorization as follows:
Object HR: Master data (P_ORGIN) (two authorizations)
Infotype 0002 ' '
Subtype * ' '
Authorization level R ' '
Organizational key ' ' 0001YYYYXXX
Object HR: Reporting (P_ABAP)
Report name SAPDBPNP
Degree of simplification 1
Please note, that if a user has authorization for e.g. the birthday list , (s)he will be able to view the birth date through thisquery, although (s)he cannot access to IT0002 through PA20.
Another possibility would be using Customer-Specific Authorization Object P_NNNNN. I have attached a file with a very comprehensive documentation regarding HR authorizations. P_NNNNN is documented on pages 40 ff.
Hope this help
Sarah -
Authorization for PO fields of over delivery and under delivery tolerance
Hi,Any one know how to set authorization for PO fields of over delivery and under delivery tolerance?
For example to allow certain user to edit the these fields but other users will be only display mode.Better create variant for restricting fields over & under delivery tolerance for certain users than applying authorization.
-
Authorization for particular field
Dear All,
I have one issue about Authorization related..
My Os is --- IBM AIX
DB -- oracle
SAP - ERP 6.0
I want to restrict one field from all users in tcode KP26. when i execute KP26 tcode it will ask controlling area.
After putting controlling area. it will show "Change Activity Type/Price Planning: initial Screen
in that screen there is one field call "Version". we have six version in this filed. i want to give authoirzation for all users only one version from the six version.
But i could not restrict in the role...
I tried with new user and new role with zero base authorization. but i can't get the correct authorization object for restrict.
Can anybody help to resolve this issue...
Regards,
Sundar.CHi Sundar,
Did you check with the authorization objects being checked while calling KP26 . You may get the required auth. obejct there.
You may also want to run a trace to zero down on the exact authorization object.
Check if the user is getting the authorization for K_KA09_KVS from some other role?
Regards,
Manisha
Edited by: Manisha Nadir on May 26, 2010 8:50 PM -
Authorization for va01 and va02
Hi all,
I have a requirement to add an authorization for certain fields (not for editing) in va01 and va02. If i create an authorization object for the same, is it possible to integrate auth object to roles and What will be the fields of auth object ?. Anyone can put comments.
Thanks and regards
JijoHi,
This is my code in so include program...
AUTHORITY-CHECK OBJECT 'ZSO_SCHED'
ID 'ACTVT' FIELD '02'.
CASE SCREEN-NAME.
WHEN 'RV45A-ETDAT' OR 'VBEP-WMENG'.
IF SY-SUBRC EQ 0.
SCREEN-input = 1.
ELSE.
SCREEN-input = 0.
ENDIF.
ENDCASE.
Now, i have to connect role to auth. object 'ZSO_SCHED'. Any idea how to do it?
Thanks and Regards
Jijo -
BW report authorization for restrict cost center
dear all,
i have problem on BW report authorization for restrict cost center.....when i execute the query, after selection screen, appear error message 'you cannot change zv_cctr for characteristic 0COSTCENTER during query'.
note : zv_cctr is variable restriction for costcenter, type processing = customer exit.
below the customer exit :
WHEN 'ZV_CCTR'.
IF i_step = 2.
DATA : gt_mstuidvscc TYPE TABLE OF ztbw_mstuidvscc,
gs_mstuidvscc TYPE ztbw_mstuidvscc,
wa_final2(10) TYPE c.
SELECT * FROM ztbw_mstuidvscc INTO CORRESPONDING FIELDS OF TABLE gt_mstuidvscc
WHERE userid = 'sy-uname'.
LOOP AT gt_mstuidvscc INTO gs_mstuidvscc.
wa_final2 = gs_mstuidvscc-kostl.
l_s_range-opt = 'EQ'.
l_s_range-high = wa_final2.
APPEND l_s_range TO e_t_range.
ENDLOOP.
ENDIF.
Regards,
Tonyi defined variable as ready for input and mandatory.
regards,
Tony -
Problem wih analysis authorization for two scenarios on same data provider
Dear all,
I am looking for a solution on the following authorization scenario (using the new analysis authorization). Unfortunately everything that I tried did not work out as expected:
User A is allowed to manually access query 1 (based on cube A) with authorization on all sites A-Z
The same user A shall get an email distribution automatically (derivation of the filter in the query out of the authorization) for query 2, which is as well based on cube A, but this time the authorization shall be limited only to site A.
As both queries are based on the same infoobject (0PLANT) and the same infoprovider (0TCAIPROV) I always get the result for all sites A-Z. The 0TCAACTVT is in both cases 03 (display), so I have no chance to distinguish between reporting and email distribution.
Probably the only chance would be to derive the values for the email distribution scenario not from the authorization directly, but using a customer exit to fill the filter - but I would prefer a "standard" solution...
Any ideas??
Thanks,
AndreasDear Andreas,
Before give you an alternative for you problem, Iu2019d like to comment the combining authorization concept:
http://help.sap.com/saphelp_nw70/helpdata/EN/46/98cd87f37d19ace10000000a11466f/frameset.htm
For this reason I suggest you which combing restriction through authorization and query filter. For query 2 try to use in 0PLANT characteristic the single value u201Csite Au201D, this restriction give you only authorization for see this value.
Otherwise, you have to use customer exit.
I hope that alternative help you to find a solution,
Luis -
Customization of "No Authorization" for Query in BI!!!
Hi,
Have a query on when we get a no authorization for a query in BI. Can we customize the error message or create pop up in analyzer to show the user that he does not have access to a particular value like a Company Code etc.
Also is it possible to show data to the user for which he is authorized even if he has put in fields to which he has no access.
Thanks,
YogeshMay be you can try Authorization Fill variable.
To see what the user ID is Authorized to see use RSECADMIN (Only in BI7.0) and see for Error Logs under Analysis.
AB -
Error - No authorization for object while viewing transformations in BI 7.0
Folks,
In BI 7.0, In the Data flow diagram, when I had tried to click on the transformation sybmol, system is throwing an error message No authorization for object (authorization object ) Message no. RS_EXCEPTION250
Do I need to request for authorization to just view transformations or is this error something different ?
ThanksDid SU53 and below is theauthorization info. Does quality system usually not have access even to display/read transformations for func people ???
Authorization check failed
Object Class RS Business Information Warehouse
Authorization Obj. S_RS_DTP Data Warehousing Workbench - Data Transfer Process
Authorization Field ACTVT Activity
03
Authorization Field RSONDTPSRC Source
DTP_46UAQF4V7BE5JR0I3HKLLC6D2
Authorization Field RSONDTPTGT Target
ZSD_DEL
Authorization Field RSSTDTPSRC Subtype of the Source
Authorization Field RSSTDTPTGT Subtype of the Target
Authorization Field RSTLDTPSRC Type of Source
DTPA
Authorization Field RSTLDTPTGT Type of Target
ODSO
User's Authorization Data xxxx
Object Class RS Business Information Warehouse
Authorization Object S_RS_DTP Data Warehousing Workbench - Data Transfer Process
Authorizat. Z:GEFUNONC00 Data Warehousing Workbench - Data Transfer Process
Profl. Z:GEFUNONC Profile for role Z:GENAPO_FUNC_ONCALL
Role Z:GENAPO_FUNC_ONCALL Generic APO Fucntional Oncall Role
Authorization Field ACTVT Activity
03, 16, 23
Authorization Field RSONDTPSRC Source
Authorization Field RSONDTPTGT Target
Authorization Field RSSTDTPSRC Subtype of the Source
ATTR, HIER, TEXT
Authorization Field RSSTDTPTGT Subtype of the Target
ATTR, HIER, TEXT
Authorization Field RSTLDTPSRC Type of Source
CUBE, IOBJ, ISET, ODSO, RSDS, TRCS
Authorization Field RSTLDTPTGT Type of Target -
Adobe Acrobat X Version 10.1.9 - looking to find out why my form fields, comments, or type that we add to our pdf's are not appearing when we send to our clients?
George, thank you for your help. I actually figured it out!! I need to flatten my documents before I can send them to my clients for signing.
Take care, -
Authorizations for Hierarchies in BW-BEx
Hello, Experts!
I am having some problems in order to give specific access for specific nodes on the hierarchy on the profiles creation. For example, we need to give permission to the profile "Profile_one" (that can be viewed on the PFCG transaction) to access only the node "Node_one" of our hierarchy ("E_ERP01" - object 0city_code) and we need to give this authorization to a range of users.
We have studied some options like the one suggested on RSSM transaction and we have already tried creating an authorization object named "ZHIER". But the problem found on this transaction is that we have to create a profile authorization for EACH user that is mentioned on the range of authorization and then we need to link it on the transaction PFCG. But the users assigned on PFCG transaction don't receive all the same profile authorization (ZHIER), only the one that was mentioned on RSSM transaction.
Could you please help us to find a way to assign specific nodes of a hierarchy to a specific range of users? We have already searched and studied some notes without success.
Many thanks for your help.
Best regards,
Isabela.If the account type keep changing every month , you must have to maintain that field out side the cube though.
I guess you can use the hierarchies (or) add the flag as an attribute to the GL account master data,then you can filter on this field in reports.
But hierarchies gives more visibility on data/navigation.
Hope this helps.
cheers
Martin -
Restrict authorizations for payment item transaction
Hi All,
This is regarding authorizations for a banking system.
The requirement is the users need to be restricted for the following transaction based on the Bank Posting Area or the contract managing unit.
BCA_PAYMITEM_CREATE
When the user goes to create payment item the user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM. The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area
BCA_PAYMITEM_MAINTN
The user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM .The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area.
I checked the transactions in SU24 and found only authorization object S_TCODE associated with the transcations BCA_PAYMITEM_CREATE and BCA_PAYMITEM_MAINTN.
Can someone please suggest a way to acheive this.
Regards,
Thamarai.Hi Shiva,
I tried assigning the org unit using PFCG ORGFIELD CREATE.
Now the org unit in pfcg shows Org. level Contract-Managing Organizational Unit (Encrypted) but there is no coresponding field in the authorization objects in the role.
Can you please help since the project is very critical.
Regards,
Thamarai.
Maybe you are looking for
-
How to I get my CTV app to work for my ipad
I downloaded the ctv app for my iPad and can get sound but no video display
-
Up-to-date page not accepting serial number
I bought a new Mac from the Apple Online Store on 29th June. It is all registered and showing up as such on the Applecare look-up page. When I now go to the Lion up-to-date page to try and retrieve my upgrade, it gives me the error message: "Sorry,
-
Is there a table of properties for an authorized computer and an associated device somewhere?
I'd like to see a table of properties/capabilities for an associated device and an authorized computer. Here's a rough draft --- Does one exist? Where is it? When was it written? Is it accurate for today's use? Has there been a graphic made of the
-
Assuming a photo is 400 KiloBytes (some are bigger), which is 3200 Kilobits (quite a lot for a 500 * 500 pixel image for the web) This creates a some problems…. 1. Effectively excludes dialup users from viewing any of these sites and reduces the expe
-
Here's what I get anytime I want to start Acrobat 8 (it's a part of Design Suite). "Adobe Acrobat 8 Professional cannot be launched at this time. You must launch at least one other suite component (such as Adobe Photoshop) before launching Acrobat 8