Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RE: SAP HR Auth Object

Go to solution
sreekanth_sunkara
Active Participant

‎06-22-2010 8:11 PM

0 Kudos

Hi all,

1. I am working on HR Authorizations and i have a doubt on P_PERNR (Master Data - Personnel Number Check)

when i put " E "or" I " in the P_SIGN field, how do system know that the person who is doing it should be excluded. does it checks the person logged in anywhere. i mean does it relates the persons login id to the perner anywhere in the system and stops doing the modification for himself or do we need to do anything for this.

2. i added PU00 (transaction for deleting an peronnel record. what is the specific object that we need inorder to get the delete functionality and the activity we need for this.

Thanks in Advance,

SS

Edited by: sun on Jun 22, 2010 9:11 PM

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎06-22-2010 8:53 PM

0 Kudos

Hi Sun,

1. I am working on HR Authorizations and i have a doubt on P_PERNR (Master Data - Personnel Number Check)

when i put " E "or" I " in the P_SIGN field, how do system know that the person who is doing it should be excluded. does it checks the person logged in anywhere. i mean does it relates the persons login id to the perner anywhere in the system and stops doing the modification for himself or do we need to do anything for this.?

Obviously the system will check whether the user id has been assigned pernnel number or not. Check on P_PERNR takes place only if user id has been assigned to pernnel number

Make sure you activate P_PERNR in 'OOAC' please enter a '1' for 'AUTSW' 'PERNR'.

The method that SAP uses to determine whether a personnel number is already assigned or not is by determining whether there is an Infotype 0003 with that number. Whenever you change ANY HR infotype, SAP checks the existance of IT0003. If it does not exist, then it creates it.

Check to see if IT0003 exists. If it does not, it will be created when you modify data for any other infotype. If that fixes your problem, then you should be able to re-use the PERNR or delete it.

Check this link for more information:

2. i added PU00 (transaction for deleting an peronnel record. what is the specific object that we need inorder to get the delete functionality and the activity we need for this.

had u set up personnel actions and the table V_T77SOwill be haveing integrations values.

Did you add any info types?

2. Report RPUEVSUP makes the required entries in the Additional Actions infotype (0302).

In table T77S0, it sets the value of the semantic code EVSUP to 1 for the group ADMIN.

This activates the Additional Actions infotype (0302).

In table T529A, it sets the indicator U0302 for all personnel action types.

The system then logs all personnel action types that are executed for an employee and their related reasons in the Additional Actions infotype (0302).

It creates an Additional Actions record (0302) on the specified key date for each record in the Actions infotype (0000).

Thanks

Sri

12 REPLIES 12

Go to solution
Former Member

‎06-22-2010 8:30 PM

0 Kudos

1. Yes Exclude the administrator and I will allow the user

look at this example from SAP it clearly explains

Examples

A user should be able to maitain his or her own data. You assign the user an authorization for the HR: Master data - Personnel number check object (P_PERNR), with the following specificatons:

Authorization level: *

Interpretation of assignment

User - personnel number: I

Infotype: 0002

Subtype: *

1. A personnel administrator, who processes the basic pay for all employees, should be able to display, but not maintain his or her own pay. For the HR: Master data - Personnel number check object (P_PERNR), you assign an authorization with the following specifications:

Authorization level: W,S,D,E

Interpretation of assignment

User - personnel number E

Infotype: 0008

Subtype: *

Note

(1) When you assign no authorization, or the interpretation '' (Space), to a combination of authorization level, infotype and subtype for the HR: Master data - Personnel number check object (P_PERNR) ,the personnel number assigned to the user will be dealt with in the same way as all other personnel numbers.

(2) Note that you can not assign the interpretation I and E or * for a combination of authorization level, infotype, and subtype.This is because the interpretations of the user personnel number assignment should be consistent for many of the assigned authorizations in the HR: Master data - Personnel number check (P_PERNR) object.

Answer 2:

See if the P_Pernr object is checked if so

for the auth object use the value L for field name AUTHC

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎06-22-2010 8:46 PM

0 Kudos

Thanks a lot Franklin.

I am ok with the examples you provided. however i want to know that do we do anything inorder for system to recognize and stop the person who logged in (other than putting "E" in P_PERNR)

for Ex: if logged in to system and entered my perner number and if i have authorizations P_PERNR = "E" then how will system recognize that the entered PERNR number is mine (belongs to my id), is there something that relates user login id to PERNR in HR.

Thanks for your reply on the 2nd question, i did not hear about AUTHC = "L " till now, but its good that i learned a new thing.

L in AUTHC means DELETE.

Thanks a lot for your help.

SS

Go to solution
Former Member
In response to Former Member

‎06-22-2010 8:51 PM

0 Kudos

To answer your question normally in an ESS role we have the value I

so that the system can match the logged in userid to his personnel number to all him make the modification .

For MSS( Manager role ) we have the value E, which means the logged in user will not be able to maintain his own data

I am thinking technically the userid here is mapped to the Manager/Administrator pernr number and disallows him to edit his own data, but will allow him to display or Edit the data of the employees who report to him.

Go to solution
Former Member
In response to Former Member

‎06-22-2010 8:53 PM

0 Kudos

I forgot another important step the userid and pernr numbers should have been configured already in the system.

Go to solution
Former Member
In response to Former Member

‎06-22-2010 9:15 PM

0 Kudos

Look at the following for the object P_PERNR

Authorization level E, I, R AUTHC

Infotype 0022, 0378 INFTY

Interpretation of assigned per * PSIGN

Subtype * SUBTY

Please perform a test in case you have HR Master data object just to make sure you do not have authroization issue

with P_ORGIN

Authorization level E, R AUTHC

Infotype 0022, 0378 INFTY

Personnel Area * PERSA

Employee Group * PERSG

Employee Subgroup * PERSK

Subtype ' ' SUBTY

Organizational Key * VDSK1

in the above case i am assuming we do not have an issue, please check/test by changing the AUTHC and INFTY to make sure

the role works as expected

Go to solution
Former Member

‎06-22-2010 8:53 PM

0 Kudos

Hi Sun,

1. I am working on HR Authorizations and i have a doubt on P_PERNR (Master Data - Personnel Number Check)

when i put " E "or" I " in the P_SIGN field, how do system know that the person who is doing it should be excluded. does it checks the person logged in anywhere. i mean does it relates the persons login id to the perner anywhere in the system and stops doing the modification for himself or do we need to do anything for this.?

Obviously the system will check whether the user id has been assigned pernnel number or not. Check on P_PERNR takes place only if user id has been assigned to pernnel number

Make sure you activate P_PERNR in 'OOAC' please enter a '1' for 'AUTSW' 'PERNR'.

The method that SAP uses to determine whether a personnel number is already assigned or not is by determining whether there is an Infotype 0003 with that number. Whenever you change ANY HR infotype, SAP checks the existance of IT0003. If it does not exist, then it creates it.

Check to see if IT0003 exists. If it does not, it will be created when you modify data for any other infotype. If that fixes your problem, then you should be able to re-use the PERNR or delete it.

Check this link for more information:

2. i added PU00 (transaction for deleting an peronnel record. what is the specific object that we need inorder to get the delete functionality and the activity we need for this.

had u set up personnel actions and the table V_T77SOwill be haveing integrations values.

Did you add any info types?

2. Report RPUEVSUP makes the required entries in the Additional Actions infotype (0302).

In table T77S0, it sets the value of the semantic code EVSUP to 1 for the group ADMIN.

This activates the Additional Actions infotype (0302).

In table T529A, it sets the indicator U0302 for all personnel action types.

The system then logs all personnel action types that are executed for an employee and their related reasons in the Additional Actions infotype (0302).

It creates an Additional Actions record (0302) on the specified key date for each record in the Actions infotype (0000).

Thanks

Sri

Go to solution
Former Member
In response to Former Member

‎06-22-2010 9:27 PM

0 Kudos

Hi Sun,

For example on P_PERNR,go thru HR940, page 25,26,& 27.

Thanks,

Sri

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎06-22-2010 9:37 PM

0 Kudos

Thanks a lot Sri for very useful thread.

i went in to infotype 003 and IT0105 and i see that user name is assigned to perner number but i did not see anywhere user ID assigned to pernr number, it means even though we added P_PERNR in the role , it wont restrict the user from modifying his/her own data because User ID is not assigned to PERNR number. how to assign user ID to PERNR NUMBER?

i checked in OOAC AUTCW PERNR is set to "1 "

just wanted to know how can i confirm that P_PERNR is working correctly and users are assigned to PERNR.

Thanks,

SS

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎06-22-2010 9:39 PM

0 Kudos

sure, i will go through HR 940 suggested pages.

Thanks,

SS

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎06-22-2010 9:58 PM

0 Kudos

Hi Sri,

i checked under IT0105 , subtype 0001 and its is saying that no data stored for selected period.also table V_T513A is empty.

so to assign user id to pernr number do we need to maintain subtype 001 in IT0105 and /or V_T513A correct?

other wise P_PERNR wont work correct?

Thanks in advance,

SS

Edited by: sun on Jun 22, 2010 10:59 PM

Go to solution
Former Member
In response to Former Member

‎06-22-2010 10:24 PM

0 Kudos

Hi ,

Please use transaction in your HR system SE16, do not attempt this on a production without a proper process and permission from higher authorities, do this in quality or if you have data in Developement please do the following.

feed in the table name PA0105

execute

in the next screen execute again you will see a huge list

look at column heading PERNR and UNAME

that is what you are looking for if I understood your need.

Hope that helps.

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎06-22-2010 10:36 PM

0 Kudos

Thanks a lot Franklin,

i checked in DEV and i did not find UNAME field in the PA0105 table it means that we did not add UNAME to PERNR, i think this solved my question.

As Sri Suggested its mentioned in HR940 as well (Thanks Sri).

Thanks a lot.

SS

Edited by: sun on Jun 22, 2010 11:36 PM