Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization object M_MATE_MAR "Material Master - Material Types" in MM01

Former Member

‎10-24-2007 8:04 PM

0 Kudos

Hi,

We in CPS Energy are implementing VIrsa SOD conflicts on the roles that are in place in current SAP 4.6C version. The authorization object M_MATE_MAR is used by MM01(Creation of Material Master) transaction code & used at mutiple roles. We have restricted this authorization object by Material Type Authorization Group (BEGRU)as WMS1 & given activity a 01, 02 & 03 in a role. The same authorization object is used in Common roles also for displaying that is using transaction code MM03 (Display Material) but the activity & authorization group are ''. This '' is taking precedence over the the authorization object given in the other role.

Please let us know how to put a control on this authorization object which is used widely by large number of users.

Maintained Material Master: Material Types T-D119010802

Activity 01, 02, 03 ACTVT

Authorization group WMS1 BEGRU

Any help is really appreciated

Thanks

Sree

2 REPLIES 2

Former Member

‎10-24-2007 8:17 PM

0 Kudos

Hi Sree, your role with MM03 in it should not have * for actvt if it is only a display role.

As it is a display role actvt 03 would be more suitable. That way you could have display for all auth groups, but create and change/MM01&2 would be restricted to WMS1 (and any other materials with a blank auth group)

Former Member

‎10-24-2007 8:42 PM

0 Kudos

In addition to Alex's response, whenever there is a restriction across the board, all roles must be evaluated for the specific authorization object and modified; obviously, if another role has the object with open access, that will supersede the restricted object if that role is assigned to the user as well.