Skip to Content
author's profile photo Former Member
Former Member

authorization variables of customer exit type

Hi

Has any one worked on authorisation variables? I shall use the type: „customer exit“ which will be filled with my own ABAP code. I shall use that type of variable for granting authorization by including them in the authorization (in the role maintenance). I want to use this feature for ease of authorization maintenance.

I shall try to elaborate on this issue:

We have 225 plants / depots and a role needs to be created for a unit head who manage these plants / depot.

The roles of these personnel will similar in terms of queries released but would have different values for organizational elements like sales org., sales office etc. What we have done in R/3 is create a master role without any organizational elements and a host of derived roles for which these organizational values have been maintained. In case a new Tx Code needs to be added, then it's added to master role and the same gets replicated across all derived roles.While in BW, if we have to add a new query we have to visit each and every role created for a depot and manually add it.

Any suggestions or help in terms of sample code (e.g.) or dos and don't ?

regards

Harsh

Add comment
10|10000 characters needed characters exceeded

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Jun 16, 2004 at 02:44 PM

    So what you have are roles in your R/3 environemnt (it sounds like a lot of them at that), which have auth values for:

    - Sales Org

    - Sales Office

    - Plant/Depot

    I would make two suggestions. First, if you can move the authorizations for objects (like Sales org or Sales office) that have only one value per user to the parameters tab in R/3 instead of doing it in a role. [I understand that not all values can be put here as its limite to one parameter = one value.] There are a lot of standard objects like sales org which authorizations in R/3 support using parameters in this manner.

    2nd, I would recomend using the Authorizations ODS in BW to pull data into. You would need to create a InfoSet Query (SQ02) in R/3 to pull the appropriate USR* tables to get your information by username, object and value, and then create a datasource (RSO2) to pull the data in BW.

    You can see more info on using these ODS objects w/ RSSM here: http://help.sap.com/saphelp_bw33/helpdata/en/59/2cf4388818ac2be10000000a114084/frameset.htm.

    In this manner you can simply automate the pull of authorization information from R/3 to BW and not need to maintain authorizations manually in two systems.

    Add comment
    10|10000 characters needed characters exceeded