Skip to Content
author's profile photo Former Member
Former Member

SAP DMS / How to restrict the display of Document with using Authorization group

Hi Experts

Need your help urgently.

We want to restrict the display of documents in SAP DMS.

i.e Document created by the User A who works on project 123 should not be seen by the User B who works on project 456.

I heard it can be achieved using "Authorization group field" in DIR.

So i have followed the below procedure.

1. Created X ROLE and assigned to User A.

2. In that 123 given as BEGRU value in AUTHORIZATION Object C_DRAW_BGR.

3. Created Y ROLE and assigned to User Person B.

4. In that 456 give as BEGRU value in AUTHORIZATION Object C_DRAW_BGR.

So User A created a DIR with giving 123 in Authorization group field.

But still User B is able to see the the document created by User A.

I am not getting how resolve this issue.

Could you please help me on this.

I would appreciate your support and reward immediately your work.

Its very urgent.

You can give me your email id, so that i can send an email if my question is not clear.

Regards

KB

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Best Answer
    Posted on Oct 08, 2015 at 03:52 PM

    Hey Balaji.

    I believe Auth Grp wont work with Random inputs.

    You need to decide security Model for whole of your DMS

    e.g. two Groups 123 and 456

    and use it as additional authorization over type and status in your PFCG role.

    Mind this once you decide the auth groups you need create additional roles and assign them to users.

    this should be one time type of exercise.

    Hope this is ok

    Niketan

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Oct 07, 2015 at 10:23 AM

    Hi,

    As per the authorization group and auth object maintained is correct, There may be chances that some roles for auth object C_DRAW_BGR will have "*" . test the role individually or check the SUIM t code by giving the auth object.


    Revert with the impact.



    Rgds,

    Nayeem.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Oct 14, 2015 at 11:17 AM

    Thank you Nayeem and Niketan.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.