I suspect, may be the user for whome you have not assigned authorization group, might also have other role(s) attached to his roles & authorizations, which is suppressing you current role, assigned to his/ her id.

Go to SU01 , enter the user id for which you are checking your DMS config, click on display (F7). In the next screen check "Roles" tab. Check how many roles are listed there. If it has more than one, then change the other roles (other than what you have created), as per your requirement. Otherwise delete other roles & save, then check. But take your BASIS guy's help, if you are not sure of roles & authorizations.

Come back again.

Good luck

Hi

What happened? did your issue resolved?

Best Regards

Regarding your first question, you decide whether you want to have authorization groups or not?

If not, go to IMG>Cross-Application Components>Document Management-->Define Document Types , double click on the document type you have defined. In the next screen, In "Field Selection" tab chose the option "Supress" for Authorization Group.

Once you do this & save, in CV01N/CV02N/CV03N, "Authorization Group" filed won't appear.

In this case, authorization object assigned by BASIS to user will not be effective.

On other hand, if you decide to use it. Then make once decision at this point. Whether you want to make it mandatory field or optional field? According to your decision, you make changes in the "field Selection" tab.

Now if you make it optional , System allows you to save the document in the CV01N, with or without authorization group code.

And if you make it mandatory then system will not allow you to save the document unless you enter the authorization group code, define in roles & authorizations by Basis guy.

In this case, authorization object assigned by BASIS to user will be effective.

Which authorization will have more priority, whether BASIS authorization or authorization group?

Basis authorization is can be set on transaction code levele, filed level etc.. It depends on the requirement of particular project/ customer.

In general, WRT, DMS I can say like this (just give you an idea, this depends on the requirement of the individual customer),

BASIS can restrict (based on the requirement) whtehre to give access to a T-code, say for example CV01N. If BASIS give access, then only a person whose log Id as access to CV01N can execute that transaction.

Now consider you have made your aurthorization group filed as optional entry. In this case, say BASIS has given access to CV01N/CV02N/CV03N/CV04N T-code to USER1 & USER2. And BASIS has defined authorization code only for USER1.

In this case any document, without authorization group, can be accessed by both USER1 & USER2. If USER1 creates a document & enters the authorization code in the authorization group field & saves the document. In that case, only USER1 & anybody whose rolese & authorizatin have aurhorization code defined (same authorization code which has been assigned to USER1) for their SAP log on id can access this file. If USER2 tries to open this file using CV02N/CV03N/CV04N , system will throw an error.

I hope this clarifies your doubt.