Can the profile be removed from SAP role ( having many profiles)
HI Gurus,Please let me know if the profile can be removed from role having nmultiple roles.If so what are the steps to be taken ThanksVishal
View ArticleClik here to view.
Re: Variable Authorization in BI
The authorization variable will forward the related authorization to variable default value.
View ArticleRe: Generated Analytic Privileges from BW Analysis Authorizations
Hi Nitesh, were you able to figure out the resolution for your query 1? I am also trying to figure out where are these generated analytic privileges are stored? I see where the...
View ArticleRe-assign permissions for deleted BOBJ group
Hi, I'm at the intersection of SAP Business Objects [BOBJ] and SAP Security (perhaps this fits better in another forum). I have a BOBJ Enterprise group which was deleted accidentally and I need to...
View ArticleRe: S_RFCACL not editable in release 701?
Thanks Bernhard, I pressed the 'synch.filed list' button, and it did take longer for PFCG to start, but there was no change to the column structure or ability to add/edit values. This issue is not...
View ArticleRe: Authorization field for SAP Standard Field
Hi Jacob, what is that you are trying to achieve here. Trying to restrict the access to that field ? If you spell out what your objective is, may be people here would be able to help you better.
View ArticleRe: Able to create for all article types (MM41)
HI Peeyush, Authorization group will have to be maintained for all Materials and then you put them in say two groups, Group A: All (minus) those twoGroup B: Those two and then when you will give...
View ArticleRe: Able to create for all article types (MM41)
Hi Zak, Thanks for your inputs. But our functional guys are hesitant to assign authorization groups to all other article types as it might prevent some of the current jobs/processes to work.Please...
View ArticleRe: Authorization field for SAP Standard Field
Hello Zaheer, Exactly.Business wants to restrict the access to this particular field. Jacob
View ArticleIs there a possibility that even when you remove a t-code from a role,...
Hey all, I would like to know if there is a possibility that authorizations get added to roles when you remove t-code from it... Kindly help me understand why this could happen or what can I check to...
View ArticleRe: Is there a possibility that even when you remove a t-code from a role,...
Yep. It's possible that additional authorizations were only just made effective depending on how the role has been maintained previously. If an authorisation default was maintained, or updates were...
View ArticleRe: Is there a possibility that even when you remove a t-code from a role,...
Dear,When ever you Add or Remove dependency authorization objects will be added , so we need to clear those unwanted over laped authorization objects and we need to generate profile for every action....
View ArticleRe: Is there a possibility that even when you remove a t-code from a role,...
Dear, Please read SAP notes:113290 and 679050 for better understanding. Expert mode is using the values assigned in SU24 transaction Regards,pardhu
View ArticleRe: User X not authorized to logon directly error
We had the same problem (we use "Fire Starters").Reason was found in table: /GRCPI/GRIA_CON.The user had the role in PARAMID: 4010, which is not allowed. This table was read via: ZXUSRU01 -> INCLUDE...
View ArticleCan a .Net application get the LogonTicket of an authenticated portal SSO...
A customer use a portal with SSO from windows clients. At the windows client the users login to a AD domain and in the browser they authenticate themself at the portal and work the whole day with this...
View ArticleRe: Generated Analytic Privileges from BW Analysis Authorizations
Hi Neha, Yes, this was resolved. Make sure that the characteristics (all that matters) are auth relevant in QA system also and users are assigned appropriate analysis authorizations. Then only users...
View ArticleRe: Can a .Net application get the LogonTicket of an authenticated portal SSO...
Hi, This should be possible. I have done something similar multiple times before. The latest one was a HTML app that had a custom logon screen. The users entered their username/password. The...
View ArticleRe: Authorization field for SAP Standard Field
Hi Jacob, You are right, there is no NFMAT field or follow up material. I would say check with business again for more clarity, what exactly is the field or find the authorization object involved to...
View ArticleRe: ME21N restriction by material types
Hi Dinesh, To activate the authorization object M_MATE_MAR, please check your developers to find if there is any BADI that needs to be activated. Thanks,Kavitha Rajan.
View ArticleRe: Can a .Net application get the LogonTicket of an authenticated portal SSO...
Hi, from security and usability perspective, the best solution would be to re-use the Windows authentication (the Kerberos ticket) also for your SNC connection to the backend. However, this requires an...
View Article