cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DMS ACL's

Former Member

on ‎07-16-2009 3:15 PM

0 Kudos

Hello,

I have an issue with DMS ACL's. I have activated the TDSwitch and was able to see the Authorization tab in the DIR.

I added a user and given that user "NOauth" access for a particular document. But when I login as that user and searched for the DIR and was able to open the document eventhough I have given him specifically "NoAuth". I have implemented the BADI 'Document_auth01' with the 'check_authority' method.

Any idea, what mistake I am doing? is there any other setting I need to do for this?

Thanks

Satya

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

christoph_hopf
Advisor
Advisor
‎07-17-2009 10:18 AM
0 Kudos

Dear Satya,

could you please check if the mentioned user has maybe an ACO_SUPER authorization. Because then this 'NoAuth' entry wont have any effect for him.

You can either check the user authorization or do an ST01 authorization trace in your system with this user. If it is an ACO_SUPER user you will see such an object check entry in the result of the trace.

More information for the ST01 trace could be found at:

https://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationTrace-+ST01

Best regards,

Christoph

Show replies
Show replies
Former Member
‎07-17-2009 7:44 AM
0 Kudos

hi,

check with PFCG,

The following table shows authorization object C_DRAW_TCD. This object controls which users can process which document info records, based on a combination of activity and document type

U remove for specifi user for u2018create, change , display.

The following table shows authorization object C_DRAW_TCS. This object controls which users can process which document info records, based on a combination of activity, document type, and status.

U remove for specifi user for u2018create, change , display.

The following table shows authorization object C_DRAW_BGR. This authorization object allows you to limit access to individual documents.

U remove for specifi user for u2018create, change , display.

The following table shows authorization object C_DRAW_DOK. This authorization object controls which original data of a specific document type there are access authorizations for.

53-- Display application start

The following table shows authorization object C_DRAD_OBJ. This object controls which users can process which document info records, based on a combination of activity, object, and status.

Benakaraj

??P

Show replies
Show replies
Former Member
‎12-10-2010 6:41 AM
0 Kudos

Hi,

I'm working on a DMS implementation project and trying to understand the scope of Access control management( ACL & ACC)

can any one tell me what will be the drawbacks or difficulties of implementaing ACL in large project or is it better to limit to groups in organisation.

Thanks In advance

Regards,

Babu

Ask a Question