Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Projects T-code CJ01 and CJ02

Former Member

‎2008 Jun 02 12:48 AM

0 Likes
1,410

Hi Experts,

Can we restict t-code CJ01 and CJ02 based on company code. I couldn't find any authorization for CJ01 and CJ02 to restrict based on Company code.

Thanks

6 REPLIES 6
Read only

Former Member

‎2008 Jun 02 2:20 PM

0 Likes
1,037

Hi Ajay,

You could try adding the object F_T011_BUK manually. It just might work. Alternatively you will need to create a Z auth-object.

Thanks

Chinmaya

Read only

Former Member

‎2008 Jun 02 2:42 PM

0 Likes
1,037

Ajay,

Add the following auth object manually into the role A_IMPR_BUK if you look up the SU24 for CJ01 and CJ02 you will find this object is checked in the standard SAP program fro CJ01. Let us know if it works.

Naveen

Read only

Former Member
In response to Former Member

‎2008 Jun 02 3:31 PM

0 Likes
1,037

> Add the following auth object manually into the role A_IMPR_BUK if you look up the SU24 for CJ01 and CJ02 you will find this object is checked in the standard SAP program fro CJ01. Let us know if it works.

Or move the proposal indicator in SU24 to "yes" (previously "Check / Maintain, depending on your release) and maintain the activity field.

Cheers,

Julius

Read only

Former Member
In response to Former Member

‎2008 Jun 03 3:29 AM

0 Likes
1,037

HI Experts,

I have tried this by adding A_IMPR_BUK

in SU24 as check and maintain, but still no luck. I am SAP 4.6c.

Thanks

Read only

Former Member
In response to Former Member

‎2008 Jun 03 2:06 PM

0 Likes
1,037

Ajay,

If you mark that object as Check/Maintain it will only be useful when you create a new role with this particular transaction. For now please add that object manually into the role and you will be able to restrict the object to a company code.

Naveen

Read only

Former Member
In response to Former Member

‎2008 Jun 03 3:14 PM

0 Likes
1,037

> 

> Ajay,
> 
> If you mark that object as Check/Maintain it will only be useful when you create a new role with this particular transaction. For now please add that object manually into the role and you will be able to restrict the object to a company code.
> 
> Naveen

If the object in SU24 is NC and then moved to CM for a transaction then it will usually activate an auth check which has already been coded into the program. This will activate that check for that transaction regardless of whether the object is added into the manually or otherwise. If there is no check on that object in the code then you can do what you like with SU24 & roles but it won't perform the check. On my system CJ01/2 A_IMPR_BUK is set to Check, so if it is in the code, then it would be invoked if configured or used in the appropriate manner.

Typically PS is resticted by PS and CO specific auth model which does not include company code, in that instance then the next easiest thing is to peg it to an alternative org level/s e.g. profit centre which represent similar part of the organisation as company code - though this depends on your setup & often there is no direct link.

An alternative would be to use a user exit or enhancement point to add in custom validation, but you would need to find the link between project & comp code to perform the check against.