User level authorization wise F4 help functions
Dear All,
We have a requirement i.e. User should be able to see only authorized entities when he/she press F4 on any field like Company code,Customer number,Sales Organization etc.. in any standard screen of SAP transaction codes.
For Ex: we have 3 company codes 1000,2000 and 3000. Assume user is authorized for 1000 only. If user presses F4 on BUKRS field in any screen, it should show only 1000 as possible entry.
Is there any way to address this issue. Please help....
Once you press F4 against the Company Code field from search option, in Drop Down list on the TOOL BAR there is an icon INSERT IN PERSONAL LIST. Place the mouse on the Company Code which you want and then click on the INSERT IN PERSONAL LIST. Also Click on Personal Value List after choosing Company Code of your choice in Insert Personal List. Don't forget to click on KEEP Button. Kindly note, this is only valid for that particular user only where you are exercising your insert personal list.
G. Lakshmipathi
Similar Messages
-
User level Authorization for SSO by using SOAP Sender
Hi,
Scenario : Non-SAP to PI 7.31 using SOAP Sender adapter.
Authentication we need to go for user based level at the receiver system where the information shall be passed from the sender (non-SAP) and also we 're using Single Sign On method for this interface.
Note : Previously we achieved this through WS-RM using SAML certificates, but this adapter doesn't support in PI7.31 single stack since we have option only by using SOAP adapter.
Please suggest how can i achieve this for my current landscape.
Thanks for your help.
Warm regards,
Ram.Hi!
The SOAP Adapter itself has no queueing mechanism. But the PI has one if you work asynchronously.
To pick files it may be helpful to use the Axis Framework of SOAP Adapter whre you can add your own adapter modules.
Very helpful tips concerning the SOAP Adapter can be found in the SAP Note 856597 (FAQ SOAP Adapter XI 3.0 Pi 7.0 PI 7.1).
For Axis Adapter FAQ refer to SAP note 1039369
Hope this helps.
Regards,
Volker -
User Level Authorization in Position Based Security
Hi Geeks,
I'm facing a problem in restricting a user accessing from another users data.
Let me give you a picture of my issue.
I have assigned a position based role to a Position XXXXX, while XXXX is accessing his data, he is also able to see the data of User YYYYY, but as per my client requirement, User XXXXX can only see the data of his own, not other users.
Can you please let me know how to restrict this.
<removed_by_moderator>
Thanks
Venkat
Edited by: Julius Bussche on Jun 4, 2009 8:44 AM> p_pernr when this object is present, including infotypes in this object allows you to control access to own record only(I), or other employee records only(E) excuding own.
Stated like that it could still be misleading.
E does not grant access to other employees records. It only means that if the user already has access to other employees records (via P_ORGIN...), then this authorization will exclude their own personel number from that authorization, even although they have the access.
This can be usefull, for example to prevent the HR department from changing their own basic pay without stopping them from giving you a raise or a bonus...
Cheers,
Julius -
User level authorization for process order
Hi,
Greetings for the day.
As we all know that there are three main screen of process order
1. Header Data
2. Operations data
3. Materials Data
Now, we want to restrict the users to access the screen as below. (T-Code: COR1 & COR2)
Header
PP, MM, QM Users can change
Operations
PP, QM Users can change, MM user can display only
Materials
MM, QM Users can change, PP user can display only
How can we achieve this?
Please guide me.Hi
Yes, that is impossible to control that way in standard, so I think you may consider the the user exits to write your own source codes to check the changes done by user and prohibit the save.
PPCO0018 Check for changes to production order header
PPCO0019 Checks for changes to order operations
PPCO0008 Enhancement in the adding and changing of components
Regards.
Leon. -
Restricting Authorizations to Variants at User level
Hi SAPians,
Can you help me to know how can I restrict variants to be displayed for particular users.?
Example: I am creating 5 variants in EMMACL transaction and give authorizations for the users only to particular Variants as below:
1. Variant1 --> Can be access by only users ERP-EHK, ERP-SAP & ERP-EJS
2. Variant2 --> Can be access by only users ERP-EAS & ERP-HJG.
3. Variant3 --> Can be access by only user ERP-EMM
4. Variant4 --> Can be access by only users ERP-EHK & ERP-UJY
5. Variant5 --> Can be access by only user ERP-EAS
Let me know how I can achieve the above requirement?Hi,
i have assigned it at user level then why iam i
getting the currency code of site level ?Did you user to logout and login again after setting the profile option at the user level?
What if you set this profile option at the site/application/responsibility level, can you reproduce the issue then?
Thanks,
Hussein -
"Low-level" authorizations for accessing BW reports - add users to role
Using the advice in Topic "Low-level" authorizations for accessing BW reports, I have been able to publish a query to a role that has 3 test users and each user gets the same query but with different data, as determined in the tables.
Is there a way to look up the users and e-mail addresses from a table and associate them to the role? We have several hundred e-mail recipients that will not need BW access, but only need an e-mail with a static report that contains data on their own territories.Hi!
i think programatically it might be complex. You got to maintain a seperate variant of report per user and use this variant to send mail. that means you need to maintain a variant and a Broadcast setting per user. once maintained you can use it any number of times the values will be recalculated everytime.
with regards
ashwin
<i>PS n: Assigning point to the helpful answers is the way of saying thanks in SDN. you can assign points by clicking on the appropriate radio button displayed next to the answers for your question. yellow for 2, green for 6 points(2)and blue for 10 points and to close the question and marked as problem solved. closing the threads which has a solution will help the members to deal with open issues with out wasting time on problems which has a solution and also to the people who encounter the same porblem in future. This is just to give you information as you are a new user.</i> -
Organization Units Authorization on user level
Hello experts,
Is there a way to add authorization for an organization unit (i.e. Company Code) on a user (SU01) level and not on a authorization objects (PFCG) level?
For example,
I would like to create the following Role (profile):
ZFI_AP_REPORT_DISPLAY
This role should be able to display AP report from the Financial module.
However our problem is, we would like to create authorization levels with organizational units for each user:
For example:
User Anson has ZFI_AP_REPORT_DISPLAY assigned but can only display Report from Company Code 3202.
We know we can create this authorization creating several roles, like:
ZFI_AP_REPORT_DISPLAY_3201
ZFI_AP_REPORT_DISPLAY _3202
ZFI_AP_REPORT_DISPLAY_3203
but our idea is not create several roles, but to assign the Company Code authorization on a user level and leave just one role so we would only need ZFI_AP_REPORT_DISPLAY.
Is there a way to do this?
Thank you in advanced for your replies.
Christine TsengI agree with Jurjen. There is no point creating a "new" authorisation concept for a few transactions. If you use standard authorisation objects for the check in your custom tcodes then you will likely have very little work to do if you assign those tcodes to existing roles.
Even using a custom auth object & creating the variants will take up no more time than doing something like repeating the variable functionality in BI or messing about with PIDs in the UMR (which I definitely do not recommend). By sticking with the standard concept you ensure consistency, making it much easier to support and/or handover if you move on from the role. -
Need a user exit to add custom partner function in sales order @ item level
Hi,
Need a user exit to add custom partner function in sales order at item level. Goto --> Item --> Partner.
Thanks,
ThiyagiHI Leo
To add a condition price for a condition type, this has to be assigned in the <b>pricing procedure</b>. For each condition type in a pricing procedure, we will have <b>access sequences</b>. If we follow this approch, the price is automatically extracted basing on the access sequences when condition records are maintained. For this, no coding is required and everything can be done by configuration by Functional consultant.
Naren is right to point out on the same.
If you need to change the price for a particular condition which already exists, you can go by <b>pricing routines</b>. Go through transaction <b>VOFM</b> for the same.
I advice you to discuss with your functional consultant and understand the requirement and then go for modifying accordingly.
Kind Regards
Eswar -
PM Organization Units Authorization on User Level
Hello experts,
Is there a way to add authorization for an organization unit (i.e. Planning Plant) on a user (SU01) level and not on a authorization objects (PFCG) level?
For example,
I would like to create the following Role (profile):
ZPM_AUT_EQM_EQUIPMENT_DISPLAY
This role should be able to display equipment from the Plant Maintenance module.
However our problem is, we would like to create authorization levels with organizational units for each user:
For example:
User jsmith has ZPM_AUT_EQM_EQUIPMENT_DISPLAY assigned but can only display equipment from Planning Plant SL01.
We know we can create this authorization creating several roles, like:
ZPM_AUT_EQM_EQUIPMENT_DISPLAY_SL01
ZPM_AUT_EQM_EQUIPMENT_DISPLAY_SJ01
ZPM_AUT_EQM_EQUIPMENT_DISPLAY_AG01
but our idea is not create several roles, but to assign the Planning Plant authorization on a user level and leave just one role so we would only need ZPM_AUT_EQM_EQUIPMENT_DISPLAY.
Is there a way to do this?
Thank you in advanced for your replies.
Best regards,
Fernando MontenegroHi ,
Could you share about your solution ? I think I have face the same problem as yours. -
Help functionality for basic users
Hi,
I was wondering if anyone knows of a good way to implement a help functionality in your dashboards.
The users that work with our dashboards overall don't have much experience with IT, so i'd like to make a buildin function.
This could either be a question mark at every rapport to explain what it does and how you do it, or perhaps a F1 index help like you get with Outlook.
Does anyone have better ideas or could point out to me a good option?
Thx,
Erik
Edited by: user10703465 on Nov 6, 2009 7:01 AMIf you have your sample sales webcat and rpd with you that comes with your install(10.1.3.4) you can check the dashboards there. They have implemented the Help functionality with a link and a report.
Any ways Let me explain
Create a sample report with a dummy object and directly go to your static text and you can include what ever text you need like how to use the dashboards or what is that dashboard used for etc etc. Save the report
Now go to your dashboard page and add the link object present on the left side pane and at the destination simple reference this request. Type "Help" in the caption.
you can simply use the fmap functionality in the image layout if you have one. Sample referecing as shown below
fmap:views/help.gif
You can download the images online and make sure you store them under
C:\OracleBI\oc4j_bi\j2ee\home\applications\analytics\analytics\res folder
Hope it helps
Thanks
Prash -
URGENT...Help on User Level export and import
User level export and import -
In my db there are more than 20 users, i would like export only 2 users and they have constraints to other user tables in db.
what are the precautions I need to take before exporting ???
1. Disabling all constraints etc, .
2. Synonymns, Procedures , Triggers etc.
3. what are the parameters setting I should use for the export.
For Importing back into DB (same users) - What are the sequences/steps to follow..
1. what are the parameters setting I should use for the Import.
2. Precautions like Disabling Constraints...
3. Special actions for Synonyms/ Procedures.
Using Oracle 8.1.7 on Solaris.. Total DB Size is 13.3 GB
Any help will be appreciated....See to it that u have the DBA PRIVS to exp/imp.
1.Grant export full database /import full database privileges to the user doing this.
2.If this is the first time u are doing this u have to run the scripts CATEXP.SQL and CATPROC.SQL to create the necessary views,datadictionaries as user SYS/INTERNAL.These instructions are also mentioned in the scripts comments at the beginning .
3.Also create the necessary tablespaces where u need to direct u'r imp.
4.select the interactive option where u can interact with
imp/exp process and u can do this selectively for users/tables/partitions and other preferences.
5.look out for the version compatibility of your .DMP files -
Setting Default Url At User Level? Help !!
Hi-
After a user logs on .. I would like to point that user to a specific default url .. if I specify the default url at the domain level:
manage domains
select domain
select user tab
show advanced settings
delete default url: /DesktopServlet
add new url
It works fine when the default url is set at this level .. problem is it then points EVERY user who is a member of that domain to the specified url ..
Logically.. one would think that the correct approach would be to specify the defaul url for a particular user at the user level:
manage domains
select domain
select role
select users
click username
click user tab
show advanced settings
delete default url: /DesktopServlet
add new url
However, when this approach is used .. the user is sent to:
/DesktopServlet
in spite of the fact that the users default url had been set to a specific url other than:
/DesktopServlet
Question:
Is it possible to set a users default url to a specified url and have it only affect that user?
If so .. how?
Does anyone have any recommendations as to how to make this work?
Essentially .. I would like to create a domain with multiple users and have each user within that domain sent to a distinct and unique url .. how can I accomplish this objective?
And if it simpy can't be done .. please let me know .. it would be much appreciated .. Happy Holidays .. to all ..
Sincerely .. jesus ..Thanks for your response .. as it is .. I was able to accomplish the stated objective by using the Url Scraper to point each user to a page containing a meta-refresh tag which causes the desktop to appear for a fraction of a second before the user is advanced to the desired url .. sans the desktop and with the secure lock in the right hand corner .. thanks again for your response .. much appreciated .. jesus ..
-
Issue in User Level Simulation in GRC 10.0
Hello Every one,
Before i Jump into the question, please find below the screen shot which tells about the B.P(Business process),Functions created in test system(GRC 10.0), where as the roles and corresponding users which have been created in back end system connecting to GRC 10.0.
Now when i am trying to run a risk analysis on user TEST_RISK(TEST_ROLE_RISK role is assigned and pfa the authorizations in the role), i will be shown the Risk R001.
Now i am trying to run user Level Simulation on the above user TEST_RISK and i am trying to simulate by adding a new role TEST_ROLE_RISK3 as shown in the below screenshot at Action level,Permission Level,Critical Action level ,Critical permission level.
Even though i select the option, Risk from Simulation only, when i try to execute at action level , it is also showing me the risk which coming from the actual role assigned but not from the simulating one.
Thanks and Regards,
Naga.Hi Naga,
there are some notes which might help to fix the problem. Especially the first might fix your problem.
http://service.sap.com/sap/support/notes/1895502
http://service.sap.com/sap/support/notes/1953347
Please let us know if it helped.
Regards,
Alessandro -
Running Risk analysis at User Level(CC)
Hi
Please Clear my query, wat is the difference between running the risk analysis at userlevel Violation count by Risk and Violation count by Permission.
violation count by Permission, the total number of violations are 377,569.
Violation count by Risk,the total number of violations are 11,716.
Thanks & RegardsHi Karuna,
When you perform Risk Analysis at User level and choose violation count by Permission/Risk. Here are the details of each analysis:
1. Violation Count by Risk
This analysis will display the count of how many SOD risks associated with the users existing in each business process like FI, HR, MM, PR, SD.
It will display as a bar graph or pie chart. If you choose each of the business processes and drill down to the particular SOD risk,P001 then you can display how many users have that risk, P001
2. Violation Count by Permission
This analysis will display the count of SOD violations at the action/permission level associated with the users existing in each business process.
If you choose the conflicting functions inside each SOD risk, and then expand on the permission tab you will understand why the huge number of violations it is showing.
In the Risk information screen, in Conflicting Functions, click the AP02 u2013 Process Vendor Invoices link to display the SAP transaction codes and the authorization objects. There are 26 different transactions in SAP to Process Vendor Invoices and another 185 authorization object values u2013 all come preconfigured out of the box.
Choose the Permission tab. Expand Action F-42. Open an authorization object to show field values. By looking at all possible permutations of actions/permissions of one business function with all actions/permissions of the second business function, you can understand how the system arrives at the number of violations.
Hope this will help you understand better.
Regards,
Kiran Kandepalli. -
Report to view user nm, authorization objects, activity, transaction code.
Hi All,
I want to view a user-wise report that displays the transaction code, authorization objects and activities for which the user has authorization.
Is there any standard report to view all this at a glance?
Can anybody help me on this?
Thanks.u can try SUIM tcode
its really helps u
regards,
Abhilash
Maybe you are looking for
-
Once I downloaded the new IOS 5.0 I've lost all of my photos that were stored on my PC, and I no longer have access to them on the IPOD. Cannot figure out what has happened. Please help.
-
Opera 11.0 will not upgrade it's flash player however firefox will
Ok i'm going to give my information. I have windows xp sp3 pro 32bit. I upgraded internet explorer to flash 10.3.183.7 and I upgraded firefox 3.6 but opera will not upgrade. I do not get a error notice but when I do the upgrade and then check at the
-
PI 7.0 Error 500 Internal server error
Exception Details Exception class: com.sap.aii.utilxi.prop.api.PropertiesException Message Unable to read configuration data (ExchangeProfile/aii.properties) Stacktrace Thrown: MESSAGE ID: com.sap.aii.utilxi.prop.api.rb_all.NO_PROPERTIES com.sap.aii.
-
Oct 2010 - What are the options for Cuda supported cards ?
Hi everyone, I was just on the Adobe website, and although they say they update their list of CUDA supported video cards, I haven't seen any change in many months. at this point in time ( Oct 2010 ) what is the least expensive option available for Pr
-
Yet another Motion crach on startup - dump seems different
I wanted to move all my FCS content off my MacBook Pro to an external pocket USB drive. I used AppZapper to remove the programs, then reinstalled. All appears to go well except for Motion, which (when booted) fails to show the serial number in the st