cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DMS-Authorization

Former Member

on ‎08-28-2007 10:15 AM

0 Kudos

Hi guys,

How to use the authorization group field in the document data screen?

my requirement is that for final approval(release) &internal i need to maintain some authorization,so that only selective people can do that?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

christoph_hopf
Advisor
Advisor
‎09-13-2007 10:15 AM
0 Kudos

Hi ,

There has to be some user profile which includes the authorization objects.

For editing or displaying specific profiles you can use the PFCG transaction. Here you have to enter the profile which is assigned to the user and then you can

display the single authorization objects.

In transaction SU01 you will find the assinged profiles for a specific user.

Best regards,

Christoph

Show replies
Show replies
daniel_huber
Employee
Employee
‎08-28-2007 1:04 PM
0 Kudos

Hi Vijay,

sure you can use PFCG roles without having the HR module active. You just need to create a new role and assign it to the user (SU01 -> roles tab).

Best regards,

Daniel

Show replies
Show replies
Former Member
‎09-11-2007 4:01 PM
0 Kudos

Hi Daniel,

I have a question regarding document type in DIS,Its urgent ..

For a particular document type (for example PPN)..

How to find a authorization object and roles...Please let me know.

In the DIS which autority object and roles they use it for this.

Reward with full points

Regards

preethi

daniel_huber
Employee
Employee
‎08-28-2007 10:31 AM
0 Kudos

Hi Vijay,

if I understand your requirement correctly you are looking for status dependent document authorizations. In SAP standard you can make this via PFCG roles: So you can create a new role with 'status dependent authorizations for documents' and maintain document type, document status and activity. Afterwards you can assign this role to the specific users. You can find more details on PFCG roles <a href="http://help.sap.com/erp2005_ehp_01/helpdata/en/52/6714a9439b11d1896f0000e8322d00/frameset.htm">here</a>.

In addition you can find more details on the different document authorization objects in the <a href="http://help.sap.com/erp2005_ehp_01/helpdata/en/c1/1c24ac43c711d1893e0000e8323c4f/content.htm">SAP Help portal</a>

Best regards, Daniel

Authorization Object C_DRAW_TCD (Activities for Documents)

The following table shows authorization object C_DRAW_TCD. This object controls which users can process which document info records, based on a combination of activity and document type.

Authorization Object C_DRAW_TCS (Status Dependent Authorization)

The following table shows authorization object C_DRAW_TCS. This object controls which users can process which document info records, based on a combination of activity, document type, and status.

Authorization Object C_DRAW_STA (Document Status)

The following table shows authorization object C_DRAW_STA. This object controls which status(es) can be set for which document type.

Authorization Object C_DRAW_BGR (Authorization Group)

The following table shows authorization object C_DRAW_BGR. This authorization object allows you to limit access to individual documents.

Authorization Object C_DRAW_DOK (Document Access)

The following table shows authorization object C_DRAW_DOK. This authorization object controls which original data of a specific document type there are access authorizations for.

Authorization Object C_DRAD_OBJ (Object Link)

The following table shows authorization object C_DRAD_OBJ. This object controls which users can process which document info records, based on a combination of activity, object, and status.

Show replies
Show replies
Former Member
‎08-28-2007 12:17 PM
0 Kudos

Ya Daniel,

Ur understanding is right,But i have one more doubt-We dont have HR module in our project is it possible to go for authorization w/o HR?

Former Member
‎03-17-2008 11:43 PM
0 Kudos

Hi Daniel,

I have this scenario:

a) one documento type: ACD

b) 3 laboratory/Office: L01, L02 and L03

c) 3 users: USER1, USER2 and USER3

d) The users when create a document, inform the code of his lab/office in the field "Authorization group". The USER1 inform lab/office L01. USER2 inform lab/office L02 and USER3 inform lab/office L03

e) the documents created by one user can be displayed by others users. Example: USER1 create a documento and the users USER2 and USER3 can display this document (tc CV03N) but can not change it.

f) I granted the authorization objects as above:

authorization

User object Field

USER1 C_DRAW_TCT ACTVT=*

DOKA=ACD

C_DRAW_BGR BEGRU=L01, L02, L03 ==> note that the values L02 and L03 are only for

display, but this is not possible to declare to

SAP

USER2 C_DRAW_TCT ACTVT=*

DOKA=ACD

C_DRAW_BGR BEGRU=L01, L02, L03 ==> note that the values L01 and L03 are only for

display, but this is not possible to declare to

SAP

USER3 C_DRAW_TCT ACTVT=*

DOKA=ACD

C_DRAW_BGR BEGRU=L01, L02, L03 ==> note that the values L01 and L02 are only for

display, but this is not possible to declare to

SAP

With this scenário is it impossible to indicate to SAP that an user can only maintain his documents identified by his lab/office because he need the authorization to the documents of the other lab/office. Withc this strategy, all users can maintain and display all documents type ACD. The restriction by the field "Authorization group" has no effect.

Do you have a solution for this problem using PFCG roles?

Best regards

Ramiro

christoph_hopf
Advisor
Advisor
‎03-18-2008 8:33 AM
0 Kudos

Dear Ramiro,

please note that the authorization group is just working as an ON/OFF switch. You can only enter an authorization group and if the user is member of this group he will be able to handle those document info records. There is no further action you can define for this authorization object.

In ERP 2005 there is a new tab called AUTHORIZATION where you can assign specific detailed authorizations for document info records based on users and usergroups. For more information on this functionality please see the WIKI link [ACL Authorization|https://www.sdn.sap.com/irj/sdn/wiki?path=/display/plm/newFunctionalitiesinERP2005&].

For a description of the existing DMS authorization objects please see the following link

https://www.sdn.sap.com/irj/sdn/wiki?path=/display/plm/caDMS-AuthorizationObjects&

Best regards,

Christoph

P.S.: Please always reward points for useful information

Ask a Question