Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

PPOCE authorization

Former Member
0 Kudos

can we give authorization in this transaction PPOCE

if there is a organisational structure,can i give authorization such that a user can assign only certain positions i.e; if he tries to assign work to certain positions- it shud say no access allowed.can we do it?????

if so wat is the authorization object and how do i it.kindly help if u know

thanks

renjy

7 REPLIES 7

manohar_kappala2
Contributor
0 Kudos

Hi,

PPOCE is for creation of the root org unit and not for maintaining.

Perhaps you might be referring to PPOME.

You can control the access to the transaction as the you wanted by using

Role+Structural Authorizations.

In the role u need to give S_TCODE and P_TCODE with PPOME

The in the Auth Object PLOG

give infotype 1001

Planning status as per your sytem

Object Type P(position) and WI (work item)

Plan Version as per your system normally current plan is choosen.

Function Code DISP, INSE, COPY,AEND

Subtype you need to know the way these two are related (like A/B030, A/B007 etc) for this you need to trace and obtain that value.

Now this give access to Add a Work item to a position.

But for controlling this to a set of positions

create a PD profile (tcode oosp) with relevant evaluation path and attach that to a user ID (OOSB) . Then the user will be appropriately controlled.

Hope this helps

Cheers Manohar

Message was edited by:

Manohar Kappala

0 Kudos

thanks manohar for ur help i ll try it,i have awarded points

0 Kudos

Hi Manohar,

Would you please send me complete step with two three example of HR security with two three roles created one. what is the difference between regular HR authorizaiton and structural authorization. So please send me to this email address happyman336@yahoo.com

Thanks

Happy

0 Kudos

if u do send a reply to happyman sent a copy of that to this maid too renjyverghese@gmail.com

0 Kudos

Hi,

Gurus, I didn't received mail to me please let me knwo

Thanks

H

0 Kudos

the difference between structural and 'standard' authorization is most easily described as follows:

the IT0001 (organizational assignment) screen is divided into 2 parts: enterprise structure and organizational structure.

the enterprise structure is what usually can be authorized through standard authorization (e.g. P_ORGIN --> personnel (sub)area, employee(sub)group, etc)

sometimes authorizing employees through these enterprise entities can lead to being authorized for too large a part of the HR population.

in this case it could be helpful to further restrict access with help of a structural profile.

if we were to take the following structural profile as an example :

(look in Tcode OOSP for fieldnames)

ZEXAMPLE  |  10  |  01  | O  |  5xxxxxxx  |  x  |  O-S-P  |  12  | 

(all other fields can be left blank)

so, the combination of the standard role (e.g. where the user is authorized for personnel area 1000) with this structural profile will delimit access to only employees within pers. area 1000 but who should also be 'under' organizational unt 5xxxxxxx. If one of these prerequisites is not met, the user won't be authorized.

with authorizations setup this way, plus the additional PLOG authorization mentioned in the above post, the user will only be allowed to maintain positions within the org. unit (5xxxxxxx) entered in the structural profile.

hope this helps a little...

0 Kudos

Hi,

was caught up in project work will try to reply u soon