cancel
Showing results for 
Search instead for 
Did you mean: 

security objects for sap APO DP,SNP

Former Member
0 Kudos

Hi Experts , Could you please tell me what are the objects we need to control for sap apo dp and snp in security point of view which objects we need to give to security and basis team in development project how to control specific data view for user ? Regards Chary

Accepted Solutions (0)

Answers (2)

Answers (2)

marianoc
Active Contributor
0 Kudos

Hello,

These are common objects assigned into Demand Planner General Roles:


C_APO_ADVN <OBJ> APO 3.0 Authorization Object: Macro Names

C_APO_DPPR <OBJ> Authorization for Products in Demand Planning

C_APO_FUN  <OBJ> APO 3.0 Authorization Object: SDP Functions

C_APO_IOBJ <OBJ> Authorization for Key Figure Values (APO 4.0 and Later)

C_APO_LOC  <OBJ> APO Authorization Object: Master Data, Locations

C_APO_MAC  <OBJ> APO 2.0 + 3.0 Authorization Object: Macro (DP)

C_APO_PB   <OBJ> APO 3.0 Authorization Object: SDP Planning Books

C_APO_PROD <OBJ> APO Authorization Object: Master Data, Products

C_APO_PRPF <OBJ> Authorization Object SCM 4.1: Forecast Profiles

C_APO_SEL2 <OBJ> APO 3.0 Authorization Object: Selection in Planning Area

C_APO_SEL3 <OBJ> APO 3.0 Authorization Object: Selection in Planning Area

C_APO_VERS <OBJ> APO Authorization Object: Planning Versions

S_PROGRAM  <OBJ> ABAP: Program Flow Checks

S_TABU_DIS <OBJ> Table Maintenance (via standard tools such as SM30)

S_TCODE    <OBJ> Transaction Code Check at Transaction Start

These are the ones that you can used for Supply planners:


B_MASSMAIN <OBJ> Cross-Application Mass Maintenance Tool

C_APO_ADVN <OBJ> APO 3.0 Authorization Object: Macro Names

C_APO_AMON <OBJ> APO Authorization Object: Alert Monitor

C_APO_ATP  <OBJ> APO Authorization Object: ATP

C_APO_DEF  <OBJ> APO Authorization Object: Master Data, Resource Definitions

C_APO_EXPR <OBJ> APO Authorization Object: External Procurement Relationships

C_APO_FUN  <OBJ> APO 3.0 Authorization Object: SDP Functions

C_APO_IOBJ <OBJ> Authorization for Key Figure Values (APO 4.0 and Later)

C_APO_LOC  <OBJ> APO Authorization Object: Master Data, Locations

C_APO_MAC  <OBJ> APO 2.0 + 3.0 Authorization Object: Macro (DP)

C_APO_MALO <OBJ> APO Authorization Object: PP/DS, Location Product

C_APO_MOD  <OBJ> APO Authorization Object: Model

C_APO_PB   <OBJ> APO 3.0 Authorization Object: SDP Planning Books

C_APO_PLAN <OBJ> APO Authorization Object: Production Model Plan

C_APO_PPL  <OBJ> APO Authorization Object: PP/DS, Production Planner

C_APO_PPM  <OBJ> APO Authorization Object: Master Data, Prod. Process Model

C_APO_PROD <OBJ> APO Authorization Object: Master Data, Products

C_APO_RELO <OBJ> APO Authorization Object: PP/DS, Resource

C_APO_RES  <OBJ> APO Authorization Object: Master Data, Resources

C_APO_SEL2 <OBJ> APO 3.0 Authorization Object: Selection in Planning Area

C_APO_SEL3 <OBJ> APO 3.0 Authorization Object: Selection in Planning Area

C_APO_SETG <OBJ> Authorization Object APO: Master Data, Setup Groups

C_APO_SETM <OBJ> Authorization Object APO: Master Data, Setup Matrixes

C_APO_VERS <OBJ> APO Authorization Object: Planning Versions

C_TCLA_BKA <OBJ> Authorization for Class Types

S_APPL_LOG <OBJ> Applications log

S_BTCH_NAM <OBJ> Background Processing: Background User Name

S_PROGRAM  <OBJ> ABAP: Program Flow Checks

S_TABU_CLI <OBJ> Cross-Client Table Maintenance

S_TABU_DIS <OBJ> Table Maintenance (via standard tools such as SM30)

S_TABU_NAM <OBJ> Table Access via Generic Standard Tools

S_TCODE    <OBJ> Transaction Code Check at Transaction Start

Kind Regards,

Mariano

ravisankara_varaprasad
Active Participant
0 Kudos

Dear Chary,,

One possible option is to implement user specific roles authorizations to access only authorized locations and location products .

Not clear on second part of your question about data views ?.. You mean location views or location product vies.

Kind regards,

Ravi

Former Member
0 Kudos

HI Ravi, Appreciate your time , what i'm trying to ask is what would be the possible security rols with respective to DEMAND PLANNING implementation and if we want to assign specific data view to selected users only / selected data view only should visible to user not all. Thanks in advance chary

ravisankara_varaprasad
Active Participant
0 Kudos

Hi Chary,

Thanks for the details.

Please refer the SCN post http://scn.sap.com/thread/537176  for APO roles and authorizations.

Try to explore the below authorization objects.

C_APO_PB:        SDP planning books

  ACTVT Activity (01, 02, 03, 06, 16)

  APO_PLBK2 Planning book

  APO_DVIEW Data view

C_APO_SEL3:        Selection in planning area

  ACTVT Activity (01, 02, 03, 06, 16)

  APO_SELTXT Description of a selection <--- only 40 characters used

  APO_PAREA Planning area

  APO_PLBK2 Planning book <--- is not used, maintain*

  APO_VERS APO plan version

C_APO_LOC:        Master data, locations

  ACTVT Activity (01, 02, 03, 06, 16, 32)

             Activity 16 is used in SDP

             to change the data

  APO_LOC Location

C_APO_PROD:        Master data, products

  ACTVT Activity (01, 02, 03, 06, 16)

             Activity 16 is used in SDP

             to change the data

  APO_LOC Location (must be maintained with '*' in DP)

  APO_PROD Product

Either you can implement user restrictions using Planning Book/Data views or CVC, Location..etc.,

Hope this helps.

Kind regards,

Ravi Zakka