1.  Introduction

Often while working on project we come across the requirement, where in for transaction types business doesn’t want all the statuses to be displayed to all the partner function. This is to restrict users to certain set of significant statuses in transaction beyond which they are not authorized. This helps in maintaining transaction untouched from users who are not a key decision maker.

Statuses can be defined in configuration in line with the business requirements. In status profile one can…

·         Define user statuses and map them with system statues

·         Specify the sequence of user statuses by assigning status number

·         Allow/forbid certain transaction, if status is active

·         Assign status profile to object type like Sales order, campaign, marketing plan etc.

Each user status has one status number. This status number defines the sequence of statuses in transaction. Only one user status can be active at any given point of time.

This is how status profile look like.

Here, I am trying to explain the steps involved in bridging this requirement. 

2.    Prerequisite

The user should have necessary authorizations to:

·         Create status profile, authorization key.

·         To create and edit PFCG roles.

3.    Step By Step Procedure

3.1         Define Authorization key

Here we have to define authorization key. This key is the assigned to user   status in status profile. This key would be assigne

    PFCG role of user later to allow the authorization for the required user status.

1. Access the activity using following navigation option.

              SAP CRM IMG –>CRM –> Transactions -> Basis Settings -> Status Management -> Define Status authorization keys

2. Click on New Entries and create new authorization keys as required. I created APPROVE and ENDUSER for demo purpose.

3. Enter and save you entries.

     3.2 Define Status profile

1. Access the activity using following navigation option.

           SAP CRM IMG –>CRM –> Transactions -> Basis Settings -> Status Management -> Define Status profile for user status

2. Create/copy or use existing status profile. Enter additional user statuses required by business and their numbers thereby to display them in predefined sequence.

3. Also assign authorization key to the statuses as shown

1. 4. Assign the authorization keys to required statuses and save your settings.

3.3         Define Authorization role

Authorization role is a predefined set of authorization object. These authorization objects administer the scope of work for user in system. Authorization roles are then assigned to user, so that to let them access the system.

1. Access the activity using flowing navigation objectSAP CRM IMG -> Cross Application components -> Classification System -> Authorization Management – Maintain roles

2. Identify the required role for user who business wants to restrict for certain statuses.

3. Search or add authorization object B_USERSTST or B_USERST_T in the existing role.

4. Enter the details as activity, Authorization key, Object category and Status profile as shown in the screen shot.

         5. In this way you can have any number of Authorization key and Status profile combination for one role

       6. The user who is assigned to this role would be able to view and change the only two statuses as Approved and Rejected for the

           status profile ZDEMO.

4.    Conclusion

This covers the steps that need to be followed for restricting users to modify status of transaction which user is not authorized.