10-07-2008 11:29 AM
Hello all,
I am developing one RFC which will retrieve some data from ECC 6 machine. This RFC is working fine now with one user.
My requirement is to restrict another user to access some records of table pa2002 depending on pernr.
I know for the same i have to use authority-check, authorization field , object method. But i am getting confused in using built in authorization object. How can we get values for particular authorization field??
Can anybody help me??
Thanks,
Prashant
10-07-2008 11:33 AM
well the thing with authorization objects works the other way round.
you do not check pernr´s or such.
a given authority object is needed come across the authority check.
the users either have that authority object or not.
10-07-2008 11:35 AM
Thanks for the reply.
For one user i don't want to give the access to the HR master data. For that there are following authorization object,
P_PCLX HR: Clusters
P_ORGIN HR: Master Data
P_ORGXX HR: Master Data - Extended Check
P_PERNR HR: Master Data - Personnel Number Check
But how to assign this object to to any user
10-07-2008 11:45 AM
hi,
you have to create a role using PFCG transaction and give your authorization object and then give the role for user in SU01.
Generally this will be done by basis people .
10-07-2008 11:50 AM
10-07-2008 11:54 AM
hi,
in PFCG goto authorizatiopns tab ,there click change authorization data,there you can give your objects.
10-07-2008 12:20 PM
there are only few objects. the objects which are displayed in SU21 are not shown in that list.