Hierarchy
SAP_ABA (Software Component) Cross-Application Component⤷
CA-DSG (Application Component) Digital Signature⤷
DS (Package) Digital Signature
IMG Activity
| ID | ELSIG_01 | Define Authorization Groups |
| Transaction Code | S_ABA_72000134 | (empty) |
| Created on | 20011108 | |
| Customizing Attributes | ELSIG_01 | Define Authorization Groups |
| Customizing Activity | ELSIG_01 | Define Authorization Groups |
Document
| Document Class | SIMG | Hypertext: Object Class - Class to which a document belongs. |
| Document Name | ELSIG_01 |
Use
In this activity, you define the authorization group that can provide a specific individual signature when executing signature strategies.
You use user groups if individual signatures are to be executed in succession by different groups of users, such as production operators, shift managers, and QM employees, and this process is to be implemented with a signature strategy. This has the advantage that an individual signature is only executed when the system has verified that the correct user group was assigned to the user for this individual signature.
You use the authorization groups to restrict the authorization for executing digital signatures in applications as follows:
- You define different authorization groups for users with different areas of responsibility.
- In the user master record, you assign authorizations for the authorization group that corresponds to the user's area of responsibility (authorization object C_SIGN_BGR). Depending on the application, it may also be necessary to assign the authorizations for the C_SIGN authorization object.
- You define individual signatures that must be created by the user of a specific authorization group and use them in the signature strategies for the relevant application.
Requirements
Standard settings
Activities
- Determine which user groups or which areas of responsibility must be distinguished in your company.
- Define an authorization group for each user group.
Example
In your company, specific input values must be entered by an employee and then verified by a second employee. Make the following settings:
- Define the authorization groups EING (entry) and VERIF (verification).
- The employees that enter data receive authorization for the EING group and the employees that check data receive authorization for the VERIF group.
- Define two individual signatures for the relevant applications and assign the first to authorization group EING and the second to authorization group VERIF.
Further notes
Authorization groups are valid in all areas in which the digital signature with signature strategy is used. Therefore, before you change existing authorization groups or use them for your purposes, ensure that this will not lead to conflicts of interest with other areas.
Business Attributes
| ASAP Roadmap ID | 204 | Establish Functions and Processes |
| Mandatory / Optional | 2 | Optional activity |
| Critical / Non-Critical | 1 | Critical |
| Country-Dependency | A | Valid for all countries |
Assigned Application Components
| Documentation Object Class | Documentation Object Name | Current line number | Application Component | Application Component Name |
|---|---|---|---|---|
| SIMG | ELSIG_01 | 0 | ABA0000041 | Digital Signature |
Maintenance Objects
| Maintenance object type | C | Customizing Object |
| Assigned objects | ||||||
|---|---|---|---|---|---|---|
| Customizing Object | Object Type | Transaction Code | Sub-object | Do not Summarize | Skip Subset Dialog Box | Description for multiple selections |
| V_TC81 | V - View | SM30 |
History
| Last changed by/on | SAP | 20011112 |
| SAP Release Created in | 620 |
