Authorizations for the Business Workplace

Roles for the Business Workplace

Authorizations are checked when functions are used in the Business Workplace, as they are throughout the SAP system. SAP supplies roles that group together the authorizations for a specific user group. The roles for the area of the send, folder and office functions of the Business Workplace are the following:

Role	Description
SAP_BC_SRV_USER	Authorizations for the end users of the Business Workplace
SAP_BC_SRV_GBT_ADMIN	Authorizations for the administrators of the Business Workplace

For more information, see the documentation on Users and Roles.

Authorization objects

When the send, folder and office functions of the Business Workplace are used, the system checks authorizations using the following authorizations objects:

S_OC_ROLE: Administrator authorization
S_OC_TCD: Authorization to use the transactions
S_OC_FOLCR: Authorization to create shared folders
S_OC_SEND: Authorization to send documents
S_OC_DOC: Authorization to archive documents

Administrators require additional authorizations for table maintenance. These are checked using the following authorization objects:

S_TABU_CLI (client-independent tables) and
S_TABU_DIS (other tables).

Authorization objects for the administration of the Business Workplace

Object	Activity	Values
S_OC_ROLE	Administrator	Transaction codes for the administration functions of the send, folder and office area Note You can also enter generic values - that is, with a star (*) - so that the entry applies to all the possible values in the field.

Authorization objects for working with the Business Workplace

Object	Value	Description
S_OC_FOLCR	M	Creation of client folders
G	Creation of group folders
S_OC_SEND	e.g.1000	The number of recipients that can be addressed per send process
OFF	Internal sending
FAX	Sending documents by fax and telex
RML	Sending documents between different SAP Systems
X40	Sending via X.400
INT	Sending via the Internet
X50	Sending to LDAP addresses
S_OC_DOC	24	Archiving documents
S_OC_TCD	Transaction codes for the application functions of the send, folder and office area Note You can also enter generic values - that is, with a star (*) - so that the entry applies to all the possible values in the field.
S_LDAP	Specify the access authorization (for example, Read) and the logical LDAP server to which the authorization is to apply.