Skip to Content
avatar image
Former Member

SAP DMS / How to restrict the display of Document with using Authorization group

Hi Experts

Need your help urgently.

We want to restrict the display of documents in SAP DMS.

i.e Document created by the User A who works on project 123 should not be seen by the User B who works on project 456.

I heard it can be achieved using "Authorization group field" in DIR.

So i have followed the below procedure.

1.  Created X ROLE and assigned to User A.

2.  In that 123 given as BEGRU value in AUTHORIZATION Object C_DRAW_BGR.

3.  Created Y ROLE and assigned to User Person B.

4.  In that 456 give as BEGRU value in AUTHORIZATION Object C_DRAW_BGR.

So User A created a DIR with giving 123 in Authorization group field.

But still User B is able to see the the document created by User A.

I am not getting how resolve this issue.

Could you please help me on this.

I would appreciate your support and reward immediately your work.

Its very urgent.

You can give me your email id, so that i can send an email if my question is not clear.

Regards

KB

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    avatar image
    Former Member
    Oct 08, 2015 at 03:52 PM

    Hey Balaji.

    I believe Auth Grp wont work with Random inputs.

    You need to decide security Model for whole of your DMS

    e.g. two Groups 123 and 456

    and use it as additional authorization  over type and status in your PFCG role.

    Mind this once you decide the auth groups you need create additional roles and assign them to users.

    this should be one time type of exercise.

    Hope this is ok

    Niketan

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Oct 07, 2015 at 10:23 AM

    Hi,

    As per the authorization group and auth object maintained is correct, There may be chances that some roles for auth object C_DRAW_BGR will have "*" . test the role individually or check the SUIM t code by giving the auth object.


    Revert with the impact.



    Rgds,

    Nayeem.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Oct 14, 2015 at 11:17 AM

    Thank you Nayeem and Niketan.

    Add comment
    10|10000 characters needed characters exceeded