hai great minds

Former Member · ‎10-10-2007

hai everyone

iam new to this forums,i was preparing for my job interviews, and presently i was working on a project at home , iam facing little difficulties in giving the authorizations to the transactions,bcoz there are many transactions (ex i was working on a HR ROLE) in project for some transactions they given <b>"display only"</b>and for other transactions "<b>or executives only"</b>etc.. like that

and my doubt is in the menu , we give all the transactions right, and coming to authorizations , transactions code check, basis administration, HR objects , in HR objects again for some they need display only, and for some they need only display and change, etc, but i dont know which transaction is appearing in the authorization one ,

can some one suggest me how to get rid of this problem( how to give authorizations ) ,

thanks to everyone, take care, have a nice day

srinivas

Former Member · ‎10-10-2007

There is a little "mountain" sign by the auth object. This will tell you which transactions are linked to that auth object (or at least configured in SU24).

The authorisation values that you give in a role are applicable to all transactions in that role. If 2 transactions share an auth object, you cannot have them in the same role and have 1 display and 1 change. This also applies when you combine roles.

Former Member · ‎10-11-2007

hai Alex

thanq u very much , really it helped me ,can u plz suggest me any links to go through so that i will be confident in doing this authorizations for the objects and all, and i want to know much about user tables and all, thanq once again for everything

bye

pradeep

Former Member · ‎10-12-2007

hi pradeep,

Have a look here for some info: http://www.sapsecurityonline.com/r3_security/r3_security.htm

Also try to get hold of book/pdf Authorizations Made Easy - google will tell you where to get it from.

If you are doing this sort of work as part of your job then I strongly recommend that you get training. Course ADM940 from SAP is a good starting point to cover all the fundamentals.

Former Member · ‎10-12-2007

Hi,

Though the subject is closed, I still want to make a remark. If you want an update for an object (actvt 02) for field a and a read (actvt 03) for field a an b, you just add the object by hand and split this over the two objects. It will work I guarantee. Of course you can make two roles and some times this is better.

Have fun

Jan van Roest

Former Member · ‎10-12-2007

Good point Jan, the only caveat I would place on this is that it can get a bit messy when Org Levels are involved in the objects you want to split

Former Member · ‎10-12-2007

thanxs jan

Former Member · ‎10-12-2007

than q Alex ,

Former Member · ‎10-14-2007

hello srinivas,

just check in SU24. in that mention the Txn then it will shows all the object of that.

in that u can see 4 options U,N,C,C/M.

U->un check then if u select that option PFCG doesn't propose to maintain authorisation objects.

N-> NO check this is also same

C-> Check this one also.....

C/M-> this one is different means if u select this then pfcg proposes to maintain authorisation objects.

that type of authorisation objects will displayed in authorisation tree then u can maintain there. if u requirre any further information please feel free to reach out me!

Regards,

sree