Transaction FCHN authorization

Similar Messages

• Adding "Sending company code" to Transaction FCHN

  Hi,
  We would like to add a column "Sending company code" to the report out of transaction FCHN. The info for this column is present in REGUH-ABSBU. Is there anyway this could be done without copying the standard program into a custom program and modifying it.
  Any help will be appreciated.
  Thanks,
  ALAM.

  Hi
    I believe you would need an exit cause, FCHN is feed from table PAYR, and in taht table you don t have the sending company code field
  Regards
  Jose

• Transaction code authorization

  have created a report using table BSID
  I have used a variant name standard
  Now when I have given authorization to the User.
  1. The Variant authorization is not there .
  2. The user does not have the rights to view table BSID.
  How Can I
  1. Authorization Variant.
  2. Table View
  regards,
  SAP SD

  hi sap sd,
  For First Question
  1] PFCG
  2] In menu tab click on Reports
  3] U can define the authorization for a report with varient using ABAP Report radio button
  For Second
  1] In the same role menu add transaction SM31
  2] generate the authorization for the same

• Transaction VASK authorization check on warehouse

  Hello all,
  Does anyone know why there is no authorization check on the warehouse in transaction code VASK? I have an issue where users from different warehouses are deleting groups created in other warehouses. I wanted to know if anoyone else has run into this issue as well. My solution is to create a custom transaction for VASK and add the warehouse check as well as a selection value. Does anyone else have a better soultion?
  Thank you,
  Steve

  I am going to create a new t-code and add the authorization check.

• Transaction Code Authorization in background

  Hi all, i have an issue whereby during a leave cancellation, the system is supposed to set a workflow item as 'completed'. However in order to do so, the user needs to have the authorization to Tcode SWIA.
  On the other hand, this user should not have explicit rights to execute this transaction in the command prompt. Is there a way to grant users this SWIA without letting them execute the transaction online ?
  Appreciate your advice.
  Reg,
  Pete

  Hi
  If you need to change the status of the work item, you can use the FM 'SAP_WAPI_WORKITEM_COMPLETE'.
  SWIA is for Workflow administrator and access for the same is not given to users. You can also look for more function modules in se37 by looking for the keyword SAP_WAPI*
  Hope it helps.
  Regards,
  Navneet

• Transaction Code authorization related query --- Not maintain tcode in Role

  Dear All,
  First of all, I have not found any specific area where I can post my problem.Then I found that the OS level expert should also have expertise in SAP basis administration.My query is as follow;
  I have found a scenario where i have seen that a tcode for ex. VA03 is present in an user from SUIM. But when I tried to find out in which Role and profile it is maintained not found.
  I have checked each and every Role & Profile but no where it is maintained although the user can run this tcode.
  Please note that the tcode VA01 is given as example I actually found this thing for a customized tcode called ZCOA,ZINTROT,ZPROINV etc.
  Please help me by giving some idea that how can they maintain this kind of authorization.
  Please note that this is a USA company running SAP from 2001 & current SAP version is 4.7.
  Thanks,
  Suman

  Hi,
  Please note that the tcode VA01 is given as example I actually found this thing for a customized tcode called ZCOA,ZINTROT,ZPROINV etc.
  Firstly what have you created roles or profiles to accomodate Z-tcodes. If its profile or if its roles select relevant option in tcode SUIM. Viz List transactions in roles / profiles.
  Hope this helps.
  Regards,
  Deepak Kori

• Transaction and Authorization

  Hi Gurus,
              With transaction SU24 I am able to view the objects associated with a specififc Transaction code and also the details of the objects. However when I assign the same transaction code to a Role I am not able to Control/ VIew all the objects as I got to view from SU24.Can anyone please explain me the reason for this.

  Hello Parvez,
  Run Su24 for the concerned transaction and go to authorization object screen. Look for the column: Check Indicator. Only if the value is maintained as check/maintain against a particular authorization object will it come automatically in a role to which the concerned transaction is assigned. It won't work if indicator is set to check.
  Regards.
  Ruchit.

• Transaction SP02 - Authorization question

  Hi all,
  In transactioon SP02 it is possible to open a spool request and change the "user name" to another one. So it is possible to redirect a spool request to another user.
  Is there any way to restrict this function. I made some trials with authorization objecct S_SPO_ACT but it will not work.
  Best regards and thanks for help,
  Klaus

  Hi all,
  In transactioon SP02 it is possible to open a spool request and change the "user name" to another one. So it is possible to redirect a spool request to another user.
  Is there any way to restrict this function. I made some trials with authorization objecct S_SPO_ACT but it will not work.
  Best regards and thanks for help,
  Klaus

• Report to view user nm, authorization objects, activity, transaction code.

  Hi All,
  I want to view a user-wise report that displays the transaction code, authorization objects and activities for which the user has authorization.
  Is there any standard report to view all this at a glance?
  Can anybody help me on this?
  Thanks.

  u can try SUIM tcode
  its really helps u
  regards,
  Abhilash

• Restricting the authorization Object for B2B Transactions

  Hi All
  we are facing the problem in the ISA b2b app, actually the scenario is as below.
  we have various transaction types like b2b sales,Peoplesoft order,Request for Order change, RMA ,Request for Quotation(RFQ) and metel order.
  As per the requirement, The client wants only a few functionalities for a particular user.
  Example:
  Transaction Type Authorization
  PeopleSoft order View only View only
  B2B:Req. OrderCh x x
  B2B: Req. RMA
  B2B: Req. Quote x x
  Metel Order x
  For b2b sales transaction a lower level employee would only be able to view the order and he should be restricted to make any changes. Is there a posibility to restrict in this manner? This is Urgent. Please respond immediately. Thanking you in anticipation.
  Message was edited by:
  Sunil Kumar

  >
  Viral741 wrote:
  > Hi All
  >
  > I have a requirement in SAP Security to restrict the authorization object S_ALV_LAYO to a particular set of users.
  >
  > Background:
  >
  > We use composite roles which is shared accross all areas(Finace,marketing,work managment).Now the requirement is for from Work managment to restrict S_ALV_LAYO so that user cant change default layout and can create user specific layout,but other areas are not ready for this.So please let me know if there is any way i can restrict this auth object only for work managment area only.
  >
  > Thanks,
  >
  > Nitesh
  Nitesh,
  Remove access to S_ALV_LAYO for general users and give access to F_IT_ALV instead.  Keep S_ALV_LAYO for the users who will be maintaining the default layout.
  Good Luck!

• Custom transaction authorization

  Hi,
  I have a custom transaction which calls a custom table. And as there's no ABAP code for that, it's not possible to enter ABAP statement - AUTHORITY-CHECK to check any data before user run custom transaction.
  Is it possible to restrict custom transaction in this scenario ?
  Thanks..

  Thank you all for your answers. But I know what you all are talking about.
  Well, let me be specific. I have 3 companies and all are using same custom table. And I have a custom transaction code which points to custom table for table display/update access.
  Now, as there's no ABAP code for custom transaction, I can't insert AUTHORITY-CHECK to restrict one company's data from others.
  So in this case, is there any way I can restrict custom transaction for authorization check, which would be inserted in user's profile, for specific company code value ?
  I know you can do it using TSTCA table: insert authorization object and value and then check against user's profile. But would like to know what other folks are doing.
  Cheers...

• Assign authorization group to transaction

  Hi,
  I have to assign a auth group to Z-transaction. How can i do this.
  Thanks,

  Hi,
  What type of paramater transaction you have created? Have you created a paramater transaction for a view or a table?
  I think when you create a parameter transaction the authorization is controled from the parent transaction  and not in the tcode definition.
  You can use S_TCODE to assign the paraeter transaction to any user and control it based on the user profile.
  Cheers
  VJ

• Checking of Authorization and Transaction

  Hi ,
  I want to see for a user what the Transaction and authorization has given to a user. What are T-code assign to him, how can i check.
  Regards
  Brijesh Prasad

  Hi Brijesh,
  Go to SUIM
  Roles | By User Assignment | Provide Username | Execute |
  Click on Transaction Button on top if you wish to have Transaction.
  or
  Transactions | Executable for User | Provide Userid | Click on Execute.
  Hope it helps.
  Cheers
  Deepanshu

• Authorization check based on item category on sales order (VA01 or VA02)

  I want to be able to restrict authorization of users based on item category. We only want certain users to be able to select a certain item category.  I know I'm going to have to check one of the userexits in MV45AFZZ. The issue I'm having is the authorization object .
  The item category is field VBAP-PSTYV.
  What we are going is having a item category for emergency orders. But this requires more manual steps to associate with the original order. We already have the emergency item categories defined and working (no credit check etc) so there's no reason not to have them added to the original order. The issue is its use has to be restricted so when the user selects an alternative item category it checks whether they have the authority.   
  Any help would be appreciated

  Hi,
  You can achieve this through authorization objects.
  Transaction
  SU20 - Authorization Fields
  SU21 - Authorization Objects
  Create the field PSTYV in the Authorization Fields.
  Then Create the authorization object and include this field along with the standard field ACTVT (which determines what activities can be performed by a certain user i.e. Create, Change or Display) & user-name
  In your your-exit, you can either use the ABAP command AUTHORITY-CHECK or the function-module AUTHORITY_CHECK and pass the values for these fields. The system can perform the test based on this values & based on the sy-subrc value you can restrict the users that are not having the authorization to select item-categories for emergency orders.
  Following link should help you:
  [SAP Authorization Concept|http://help.sap.com/saphelp_wp/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm]
  Hope that helps you.
  Regards,
  Saurabh

• Restrict the user   based on document type on migo transaction-prepare GRN

  Hi,
  We are running ECC6.0 R/3 system.We had a requirement as follows
  In MIGO transaction , we want to restrict the user on document type i.e. we want that a particular user can  prepare GRN for document type  STO only. He cannot prepare GRN for other document type.
  We checked  SU24->maintain check indicators for transaction codes->enter migo->execute->check indicator.This returned us the authorisation objects present in Migo transaction.We checked the help of all these objects,but none of them we found suitable for above mentioned requirement.We were planning to find out the proper authorisation object to add to Profile generater.
  The following is the objects which we have checked for.
  A_B_ANLKL-->     Asset Postings: Company Code/Asset Class
  A_B_BWART-->     Asset Postings: Asset Class/Transaction Type
  B_USERSTAT-->     Status Management: Set/Delete User Status
  B_USERST_T-->     Status Management: Set/Delete User Status using Process
  C_AFKO_AWK-->     CIM: Plant for order type of order
  C_CACL_DSG-->     Interface Design
  C_DRAW_BGR-->     Authorization for authorization groups
  C_DRAW_DOK-->     Authorization for document access
  C_DRAW_TCD-->     Authorization for document activities
  C_DRAW_TCS-->     Status-Dependent Authorizations for Documents
  C_KLAH_BKP-->     Authorization for Class Maintenance
  C_STUE_BER-->     CS BOM Authorizations
  C_STUE_WRK-->     CS BOM Plant (Plant Assignments)
  C_TCLA_BKA-->     Authorization for Class Types
  C_TCLS_BER-->     Authorization for Org. Areas in Classification System
  C_TCLS_MNT-->     Authorization for Characteristics of Org. Area
  F_BKPF_BUK-->     Accounting Document: Authorization for Company Codes
  F_BKPF_BUP-->     Accounting Document: Authorization for Posting Periods
  F_BKPF_KOA-->     Accounting Document: Authorization for Account Types
  F_FICA_FOG-->     Funds Management: authorization group of fund
  F_FICA_FSG-->     Funds Management: authorization group for the funds center
  F_FICB_FKR-->     Cash Budget Management/Funds Management FM Area
  F_KNA1_APP-->     Customer: Application Authorization
  F_LFA1_APP-->     Vendor: Application Authorization
  F_SKA1_BUK-->     G/L Account: Authorization for Company Codes
  G_GLTP  -->       Spec. Purpose Ledger Database (Ledger, Record Type, 
                                 Version)
  J_1IDEP_SL-->     Authorization object for depot sale transaction
  J_1IEXC_OT-->     Authorization object for Other Excise Invoice Create
  J_1IEX_PST-->     Autorization object for posting Other Excise invoice
  J_1IGRPT1-->     Auth. for PART1 at GR
  J_1IINEX  -->            Incoming Excise Invoice
  J_1IRG23D-->     Authorisation object for Depo Transactions
  K_CCA-->                     CO-CCA:  Gen. Authorization Object for Cost Center 
                                  Accounting
  K_CSKS     -->                CO-CCA:  Cost Center Master
  K_CSKS_SET-->     CO-CCA: Cost Center Groups
  K_PCA-->                    EC-PCA: Responsibility Area, Profit Center
  L_TCODE-->                    Transaction Codes in the Warehouse Management System
  M_ANFR_BSA-->     Document Type in RFQ
  M_ANFR_EKG-->     Purchasing Group in RFQ
  M_ANFR_EKO-->     Purchasing Organization in RFQ
  M_ANFR_WRK-->     Plant in RFQ
  M_BEST_BSA-->     Document Type in Purchase Order
  M_BEST_EKG-->     Purchasing Group in Purchase Order
  M_BEST_EKO-->     Purchasing Organization in Purchase Order
  M_BEST_WRK-->     Plant in Purchase Order
  M_MATE_CHG-->     Material Master: Batches/Trading Units
  M_MATE_STA-->     Material Master: Maintenance Statuses
  M_MATE_WRK-->     Material Master: Plants
  M_MRES_BWA-->     Reservations: Movement Type
  M_MRES_WWA-->     Reservations: Plant
  M_MSEG_BMB     -->Material Documents: Movement Type
  M_MSEG_BWA-->     Goods Movements: Movement Type
  M_MSEG_BWE-->     Goods Receipt for Purchase Order: Movement Type
  M_MSEG_BWF-->     Goods Receipt for Production Order: Movement Type
  M_MSEG_LGO-->     Goods Movements: Storage Location
  M_MSEG_WMB-->     Material Documents: Plant
  M_MSEG_WWA-->     Goods Movements: Plant
  M_MSEG_WWE-->     Goods Receipt for Purchase Order: Plant
  M_MSEG_WWF-->     Goods Receipt for Production Order: Plant
  M_RAHM_BSA-->     Document Type in Outline Agreement
  M_RAHM_EKG-->     Purchasing Group in Outline Agreement
  M_RAHM_EKO-->     Purchasing Organization in Outline Agreement
  M_RAHM_WRK-->     Plant in Outline Agreement
  Q_TCODE     QM -->         Transaction Authorization
  S_ADMI_FCD-->     System Authorizations
  S_ALV_LAYO-->     ALV Standard Layout
  S_BDS_DS-->     BC-SRV-KPR-BDS: Authorizations for Document Set
  S_BTCH_ADM-->     Background Processing: Background Administrator
  S_BTCH_JOB-->     Background Processing: Operations on Background Jobs
  S_CTS_ADMI-->     Administration Functions in Change and Transport System
  S_DATASET-->     Authorization for file access
  S_DEVELOP-->     ABAP Workbench
  S_DOKU_AUT-->     SE61 Documentation Maintenance Authorization
  S_GUI-->                     Authorization for GUI activities
  S_OC_DOC-->     SAPoffice: Authorization for an Activity with Documents
  S_OC_ROLE-->     SAPoffice: Office User Attribute
  S_OC_SEND-->     Authorization Object for Sending
  S_PACKSTRU-->     Internal SAP Use: Package Structure
  S_PRO_AUTH-->     IMG: New authorizations for projects
  S_RFC-->                     Authorization Check for RFC Access
  S_SCD0     -->                Change documents
  S_SPO_DEV-->     Spool: Device authorizations
  S_TABU_DIS-->     Table Maintenance (via standard tools such as SM30)
  S_TCODE     -->                Transaction Code Check at Transaction Start
  S_TRANSLAT-->     Translation environment authorization object
  S_TRANSPRT-->     Transport Organizer
  S_WFAR_OBJ-->     ArchiveLink: Authorizations for access to documents
  V_LIKP_VST-->Delivery: Authorization for Shipping Points
  V_VBAK_AAT-->Sales Document: Authorization for Sales Document Types
  V_VBAK_VKO-->Sales Document: Authorization for Sales Areas

  Have you executed a trace while a functional user executes the transaction code for the specific parameters? (i.e. document type). The trace will then show which objects are being checked; then look at the object documentation in txn Su21 to determine if there are any ways to restrict on the particular value; in some cases, if the authorization group field is being checked, additional configuration is needed in order to implement the security (Su21 will explain in detail for the particular object).