cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Use Of 'Authorisation Group' in SAP DMS

Go to solution
Former Member

on ‎08-07-2012 4:50 AM

0 Kudos

Hi,

My requirement is as explained below.

I have 2 users, say USER1 & USER2. Both these users have authorization for creating & changing document of document type ‘MNL’. But I don’t want USR2 to modify document created by USER1 & vice versa.

To achieve this, I have created 2 different roles for creating & changing document of document type ‘MNL’. Only difference in these 2 roles is of authorization group maintained in the role. Role assigned to USER1 has authorization group as ‘1111’ & role assigned to USER2 has authorization group as ‘2222’.

I have a 3rd role which is only for displaying all document types to both the users.

Details of these 3 roles are as below.

Authorisation Object

Role 1

Role 2

Role 3

C_DRAW_BGR

1111

2222

*

C_DRAW_DOK

Activity

52, 53

52, 53

53, 54

Document Type

MNL

MNL

*

C_DRAW_STA

Document Type

MNL

MNL

*

Document Status

CR, IW, RL, VD

CR, IW, RL, VD

*

C_DRAW_TCD

Activity

01, 02, 03

01, 02, 03

03

Document Type

MNL

MNL

*

C_DRAW_TCS

Activity

01, 02, 03, 52, 53

01, 02, 03, 52, 53

03, 53, 56

Document Type

MNL

MNL

*

Document Status

CR, IW, RL, VD

CR, IW, RL, VD

*

While creating new document of document type ‘MNL’, USER1 enters authorization group ‘1111’ whereas USER2 enters authorization group ‘2222’.

Even after these settings, USER 1 is able to change document created by USER 2 & vice versa.

I have followed same procedure for BOM (Bill Of Material) in PP module & it works fine there.

Would appreciate if you throw some light on where I am wrong & what I need to do to implement these user specific restrictions in DMS.

Regards,

Abhijit Khandekar

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-07-2012 6:41 AM
0 Kudos

Hello Abhijit,

Your roles and authorizations are correct.

In addition to the authorization above, you might have to implement BAdi:  DOCUMENT_AUTH01 & write your own authority check in method check authority.

Link : http://help.sap.com/saphelp_46b/helpdata/en/18/247237a323427ee10000009b38f8cf/content.htm

Cheers,

Simran

Show replies
Show replies
amit_maheshwari2
Contributor
‎08-07-2012 12:20 PM
0 Kudos

Hi Abhijit,

For the authorisation group check, we do not require any custom development.

Once the authorization group is mentioned for the roles, it should work fine.

Please assign the roles to the users again and check.

Cheers

A

Answers (1)

Answers (1)

Former Member
‎08-08-2012 7:46 AM
0 Kudos

Hi Simran,

As commented by Amit, I am also of the opinion that it should work only with preparing & assigning roles correctly & maintaining proper authorisation group in the document so as to restrict the authorisation.

I even have implemented same functionality for controlling BOM authorisations.

Just surprised, why its not working in this case. Can you suggest any other solution?

Hi Amit,

Logically, what you have said is correct & should work in that manner only. I have checked it several times, but unfortunately doesn't succeed.

Regards,

Abhijit Khandekar

Show replies
Show replies
amit_maheshwari2
Contributor
‎08-08-2012 12:11 PM
0 Kudos

Hi Abhijit,

It is working for me. Please check with Basis or GRC team members if they can help you.

Cheers

A

Former Member
‎08-09-2012 7:57 AM
0 Kudos

Hey Guys,

It should work with the groups. I agree with it.

In case if it does not work for some reason then you can go for the custom development.

Authorization levels should be something like that:

1st

C_DRAW_BGR (auth groups)

C_DRAW_TCD (document type) or C_DRAW_TCS  (document type with status)

Re- assign all the authorization and check.

All the Best,

Simran

Ask a Question