Question Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN) in Product Lifecycle Management Q&A

Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

Former Member — Mon, 23 Feb 2015 14:51:47 GMT

Hi,

My client wants to load documents in EHS report management (and hence document management).

Not all reports will have the same access restrictions:

* inbound SDS is accessible throughout the company

* dedicated report categories are accessible for specific departments.

On DMS side however, authorization groups are not set automatically and access can only be restricted on document type.

Once you have access to DMS transactions CV0xN, you can find/open the inbound documents.

Business users consider the generic document name (WWI-number) not "secure" enough.

Have you seen similar requirements?

Do you have any suggestions on how to meet this requirement?

Current consideration is to use a custom load tool which updates the authorization group on Document Info Record, but this prevents us from using the standard tools (CG36/CG36VEN), which I would prefer...

All input is most welcome.

Kind regards,

Luk

Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

former_member191252 — Mon, 23 Feb 2015 19:03:58 GMT

Luk,

On DMS authorization groups (BERGU field) need to maintained for restrictions. If you are planning for the custom coding, here is my suggestion:

1. You custom program need to have the Authorization field entry (this should be the authorization groups that you have created for the XYZ doc type).

2. While loading the document (in DMS under the filed selection, make the Authorization group as "." optional entry).

3. After successful load, go to the document type and select the Authorization Group under field selection and select "+: as Required entry.

This will solve your query.

Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

Former Member — Tue, 24 Feb 2015 15:11:55 GMT

Hi Tarun,

Thank you for your response.

We do try to load the documents based on document type IBD though and we would like to make the documents visible through the CG5* transactions.

Is there a way to do this in a more or less standard way rather than custom development.

Kind regards,

Luk

Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

former_member191252 — Tue, 24 Feb 2015 17:50:01 GMT

Luk,

I think you may need to go with custom, as CG36VEN can load the IBD, but there will be no authorization.

May be you can load the IBD using cg36ven and later on you may add the authorization for the doc type. Try for few documents, use the cg36ven and load few IBDs and then go to DC10, under field selection, make Authorization filed as required. Hope this will solve your problem, try this on your sandbox, if possible.

Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

christoph_bergemann — Tue, 24 Feb 2015 19:54:56 GMT

Dear Luk

you shouldcarefully the ffedback of Tarun (On DMS authorization groups (BERGU field) need to maintained for restrictions. If you are planning for the custom coding, here is my suggestion:)

Let us try it this way:

You have an EHS environment (CG54/CG50) and you have DMS (or archive Link). In most cases the users would like to use CG54/CG50 to check content of documents (IBD or other types).

The "grainting" of access rights in CG54/Cg50is quite normal and easy going. You need to check the aurhorization objects in that context. It is quite easy to restrict or allow access(display etc.). The "only" con is: you need lots of generation variantes; report types etc. to make it possible.

Here you have a "slight" conflict in using CG36VEN. We do not use this transaciotn for upload but standard CG36. But the story is "nearly" the same. based on the objects (report type, ratings, etc.) you can grant access tights etc.

Therefore this is "normal". I am "pretty" sure that if you use CG54/CG50 you will not gain any profit if you use the DMS authorization concept. DMS capabilities (searching etc.) is quite bad in comparison to CG54/CG50 functionality.

So if you would like to do some kind of "access set uop" in DMS: (Once you have access to DMS transactions CV0xN, you can find/open the inbound documents.) go on as Tarun has proposed. But I would assum,e that you can not use CG36VEn to do it "right". (and I have doubts about CG36).

What is now the "specific" demand? Generate an access concept incontext CG54/CG50 or in context of DMS?

C.B.

Re: Restricting access to IBD documents in DMS for reports loaded through EHS (CG36VEN)

former_member191252 — Wed, 25 Feb 2015 18:43:34 GMT

Luk,

Hope your query is solved ?