cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

APO DP Security Model

Go to solution
Former Member

on ‎03-13-2007 5:28 PM

0 Kudos

Hi All

We have a SCM 5.0 for Demand Planning. I have been asked to design security model for the APO DP system.

There are 2 planning areas globally with 5 planning books each. The client wants me to control the authorizations at the Selection IDs level so that in each planning book a selection id can be created for each country. For example one Selection ID for USA, one for Germany, one for Mexico.

So that Mexico users may have read/write access to their Selection ID however only display access to USA Selection ID. Iam designing the security for APO system for first time. I have searched many forum there is not help about APO security models. I think the authorizations cannot be controlled at Selection ID level.

Can someone suggest a better security model if you have implemented it before. Eagerly waiting for replies.

And let me know if you need more information.

Thanks

Ali

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎03-13-2007 11:48 PM
0 Kudos

the help files are here

http://help.sap.com/saphelp_scm50/helpdata/en/21/f6253b90e48743e10000000a11402f/content.htm

you can use object C_APO_SEL3 for selection id authorization

(this is for SCM 4.x and 5.x there are C_APO_SEL2 for 3.x)

You can allow display for * and if you allow creation and change for say US* for the US roles and ME* for the Mexican roles.

Authorization for working with selections is checked using object C_APO_FUN and the functions C_SELCTION and C_SELORG.

by authorizations on location (C_APO_LOC) you can ensure they will choose only their country. Or if you are using some other characteristic in DP you can run additional checks if necessary by using the user exit for authorizations. With this user exit or the BAdI method 'SELECTION_CHECK' (BAdI '/SAPAPO/SDP_SELECTOR'), you can, for example, force a user to make a selection for a certain characteristic.

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎03-28-2007 4:02 AM
0 Kudos

assigned incorrectly

Show replies
Show replies
Former Member
‎04-05-2007 11:59 PM
0 Kudos

Hello,

Does anybody have a step-by-step instructions for using the mentioned user exit or the BAdI method 'SELECTION_CHECK' (BAdI '/SAPAPO/SDP_SELECTOR') ?

I need to filter the users ability to create custom selections by their authorization for characteristic values. But since I'm not a programmer, I'm searching for docs on how to do the '/SAPAPO/SDP_SELECTOR' setup.

Thank you !!

Former Member
‎07-13-2009 12:15 PM
0 Kudos

Hi,

do you have a template for BAdI SDP_SEELCTOR?

Thank you

Aban

Former Member
‎03-13-2007 6:14 PM
0 Kudos

Ali,

As far as I know there is no security object on Selection ID level. If each county is set as different planning book it would be easier to control of change and display access.

If there is a strict requirement to use same planning book, then follwing can be suggested

1- First remove creation/modification of selection ID's from user profile

2- Then create all required Selection IDs. based on country, division...

3- Then assign users to related selection ID's - generally done by functional team

4- Hence each user can reach their selection

5- Further display/ review can be provided through BW report since it has more user restriction capabilities.

Let me know if any further question.

Siir

Show replies
Show replies
Former Member
‎03-13-2007 7:07 PM
0 Kudos

Thank you so much for the quick reply.

I am discussing the same question you asked, with my client. Will post, once I get the answer. And Siir, would you have any documentation available which could help me in this project.

-Shaik

somnath_manna
Active Contributor
‎03-14-2007 8:43 AM
0 Kudos

Hi Shaik,

I hope you have gone through Note 400434 which is specifically about APO Demand Planning authorisations. I know the solution given by Siir works because it was one of my previous clients. It sounds complicated but delivers the business requirement.

Thanks,

somnath

Former Member
‎03-16-2007 4:01 AM
0 Kudos

Thank you so much for inputs. Its still in discussions to base the security model on the Selection ID level. However the business may still require to be able to create new Selection IDs. Iam not very much aware of the org level concept, but will it solve the issue we have right now. I mean can we design security model based on Selection IDs and also users be able to create more selection ids in future. Please suggest.

Thanks again

Ali

somnath_manna
Active Contributor
‎03-16-2007 10:37 AM
0 Kudos

Typically there will be regular users and power or superusers security roles. You can give access to the power / superusers to create and/or edit selection ids and manage the selection assignment for the regular users. In the other hand the regular end-users can use the provided selection ids but not change them or create new ones. You shall have to define a procedure for this.

Thanks,

Somnath

Former Member
‎03-23-2007 6:29 PM
0 Kudos

Hi Siir

User: U1

Planning Book: PB1

Selection IDs: SelectionID1, SelectionID2

I worked on the Selection IDs. The issue is that a user U1 needs display/change access on SelectionID1 and display-only access on SelectionID2. You can see both Selection IDs are in the same planning book PB1. This is the main issue right now to design the model.

Now to give display/change access to SelectionID1, I have to give change access on PB1 first.

But when I give change access on PB1 for the user, the user is getting display/change access on both Selection IDs. Thats not what I want.

This makes me think that the above requirement is not possible. Can you please tell me if this is possible. And if it is possible, can you please give me some detail level on the 5 points you mentioned in ur previous post.

Thanks all for replies.

Somnath, please post if you have any detailed inputs.

Waiting for replies. and please let me know if you need more information

Thanks a ton

Ali

Ask a Question