User X has no authorization for the requested document
Dear All,
We are trying to allow users to view the reporting documentation against a particular InfoProvider. We have created the documents and assigned them to the InfoProvider and transported these to QA.
However we can see the documents but the users get the above error.
Which authorisation objects do they need assigning to their Role/s ?
We have tried S_RS_ADMWB, S_BDS_D & S_BDS_DS to no avail.
Please help.
Thanks
Craig.
Dear All,
Thanks for the replies however I have solved this myself.
The InfoProvider that we associated the documents against has an authorisation relevant InfoObject that the users are assigned. And the queries run just fine. But because of some bizarre authorisations check EVERY object within the InfoProvider that is marked as Authorisation relevant must be given a value whether used or not that matches your profile.
So what we ended up having to do was to give the users their restricted value for the queries and colon ":" authorisation to display the documents against the InfoProvider.
How crap is that ?
Cheers
Craig.
Similar Messages
-
BPS You have no authorization for the requested data
We are implementing Hierarchy node based security for our BPS.
When the user tries to display the planning layout, they get the error message "You have no authorization for the requested data "
I have given authorization to the relavant Infocubes, also checked the all the Authorization Relavant Info Objects and added theses Info Object to the custom authorization created in RSECADMIN.
Also added the info objects 0TCAACTVT, 0TCAIPROV, 0TCAVALID to the custom authorization.
In pfcg, this authorization has been added to S_RS_AUTH. I have also given activity 02, 03, 16 values and a * to planning areas, functions, packages, groups, levels, folders, ... to the objects R_AREA
R_BUNDLE
R_METHOD
R_PACKAGE
R_PARAM
R_PLEVEL
R_PM_NAME
R_PROFILE
But still we get the same error.
Has anyone encountered this problem? Can you please provide me some clues to resolve this issueThank you very much Grevaz, but that template does not help.
I did run both ST01 trace and BI RSECADMIN trace. RSECADMIN Trace shows the below authorization failure
Subselection (Technical SUBNR) 1
Supplementation of Selection for Aggregated Characteristics
No Check for Aggregation Authorization Required
Following Set Is Checked Comparison with Following Authorized Set Result Remaining Quantity
Characteristic Contents
0FUNDS_CTR
0TCAACTVT
SQL Format:
FUNDS_CTR BETWEEN '4012001000'
AND '4012001999'
AND TCAACTVT = '03'
Characteristic Contents
0FUNDS_CTR Node 1 I EQ #
I EQ :
0TCAACTVT I EQ 02
I EQ 03
Partially Authorized (Average) Characteristic Contents
0FUNDS_CTR
0TCAACTVT
SQL Format:
FUNDS_CTR > '4012001000'
AND FUNDS_CTR <= '4012001999'
AND NOT FUNDS_CTR IN ('4012001001','4012001002','4012001003','4012001004','4012001005','4012001006','4012001007','4012001008','4012001009','4012001010')
AND TCAACTVT = '03'
Value selection partially authorized. Check of remainder at end
Following Set Is Checked Comparison with Following Authorized Set Result Remaining Quantity
Characteristic Contents
0FUNDS_CTR
0TCAACTVT
SQL Format:
FUNDS_CTR > '4012001000'
AND FUNDS_CTR <= '4012001999'
AND NOT FUNDS_CTR IN ('4012001001','4012001002','4012001003','4012001004','4012001005','4012001006','4012001007','4012001008','4012001009','4012001010')
AND TCAACTVT = '03'
Characteristic Contents
0FUNDS_CTR Node 1 I EQ #
I EQ :
0TCAACTVT I EQ 02
I EQ 03
Not Authorized
All Authorizations Tested
Message EYE007: You do not have sufficient authorization
No Sufficient Authorization for This Subselection (SUBNR)
Following CHANMIDs Are Affected:
206 ( 0FUNDS_CTR )
Authorization Check Complete
We have created custom authorization and trying to restrict based on hierarchy node.
One point I observed is, when I give access to all nodes with a wildcard * in the custom authorization, then the error disappears and the layout is visble. But our point here is to try to restrict based on the nodes and we cannot give display access to all nodes. -
You have no authorization for the requested data. Message no. UPC217
Hi All,
When i execute a BPS planning function i am getting the following error.
'You have no authorization for the requested data. Message no. UPC217'
Plz let me know how to rectify the problem asap.
Thank you all in advance
KiranHello,
Your Function/level makes use of an authorization relevant InfoObject without restriction (or at least no restrictions enough).
Check that the Level is restricted correctly regarding the authorizations.
regards, -
You have no authorization for the requested data
Hi Gurus,
While trying to display data in manual layout it shows the erros as
You have no authorization for the requested data.
Any reason behind that.
Thanks,
DebasishHi Debasisha
I faced the same problem yesterday, as Ivan told apply the transaction code rssm. In Business Information Warehouse Authorizations window go to checks for InfoProvider and select your Cube and click the change button. in that window you can see the which infoobjects are selected under switched on column deselct the checkboxes for authorization obj. save - refresh
and go to BPS screen execute your layout you can find your layout. I solved my problem like that.
Hope it helps you.
Regards, -
User XYZ has no authorization for tp command IMPORT
Dear friends,
We have several users who are facing the issue while importing TR in QA system from DEV system. We have checked with the users by assigning them SAP_ALL and even then they are facing same issue. Could you please help us in this ? I have attached screenshot of the error. We are using Solman for transports.
Thanks
GauravI suggest extra troubleshooting:
- does this happen for all users, or only one? Who are the users for which it works? what is different about them?
- note that SAP_ALL is famous for not including "all" authorizations, especially some RFC related auths such as S_RFCACL (unless you specifically switch that on) and these RFC failures rarely appear in traces (but they do appear in SM21 sometimes). also, unless you are consistent with regenerating SAP_ALL after installing support packs it will get out of date and not contain everything.
- have you checked TMS logs on operating system as advised by the error message? Those logs usually have extra details. you can probably read them yourself with AL11.
- have the generated RFC destinations used by TMS been altered? You first need to identify the RFCs within STMS then go into SM59 and look at them. They should not be using "current user" authentication, because tp should be run by the sidadm or sapservice users on the OS. Maybe basis has altered those RFC.
let us know what you find.
UPDATE:
thinking about this further.
I bet you are hitting S_RFCACL errors. Give the user SAP_ALL plus a dummy role having S_RFCACL and try. Activate a trace. If I'm right, you will see the S_RFCACL proper value needed in a role. compare that to a user for whom it works. Bet it's something like that. Might as well add several S_RFC* authorizations to the dummy role too.
Message was edited by: Kesayamol Siriporn -
User does not have authorization for InfoProvider
Hi,
We are in BI 7.0 and want to display the data in the cube that I created and loaded data to. In RSA1, I am do a right click on the cube and select "display data". I am getting to selection screen and after selecting the output fields and executing, I am getting the following error:
User XXX does not have authorization for InfoProvider ZFREDC
The long text is like this:
You do not have sufficient authorization
Message no. EYE007
Diagnosis
You do not have sufficient authorization for the requested data records.
Procedure
Either select other data or get the required authorizations from your administrator.
I did a authorization check in SU53 after I got the error and it says the last authorization check was successful.
Can somebody suggest me what to do. If there are any authorization objects that I need to have in my role?
Thanks.Hi,
Be sure to have authorisation object S_RS_ICUBE assigned with at least activity 03 (execute) and subobject data and agregate for the respective cube(s) or infoarea(s).
Regards, Patrick Rieken.
Message was edited by:
Patrick Rieken - BI-Formance B.V. -
User has no authorization for function group SWRS
Dear SRM Gurus,
We are facing an issue u201CUser has no authorization for function group SWRSu201D.
Hope the user has no authorization to access function group SWRS and this function group is saying that workflow substitution.
Can you any one have any idea what scenario are we using Workflow substitution?
Is there any Roles need to be assigned?
I would be appreciating if you could let us know more detail on this.
Thanks.
Regards,
Magesh Basavaraj.Hi,
The authorization object is 'S_WF_SUBST' for substitute role..try to assign this object and check..
Saravanan -
User has no authorization for Function group SYST
Hi,
We are starting to make customisation to B2B application. I have just created a new project for B2B_XXXX application and deployed it on the server. When I run this custom application, I am not able to login using the same user that is working fine for the standard B2B application.
Following is the error I am getting
ERROR 1 - RFC_ERROR_LOGON_FAILURE: User INTUSER05 has no RFC authorization for function group SYST
ERROR 2- The application was not able to switch to a stateful connection......
Strange thing is that the same user works very well for standard B2B.
Any clue? All I have done is created a CUSTCRMPRJ for B2B ERP (SHRWEB, SHRAPP). Please help.
Best regards,
-Tarun
Edited by: Tarun Bakshi on Nov 10, 2011 7:37 PMHi Shanto,
The problem is still occuring. Even If I give s_rfc authorisation the order is not being created.
I compared the source code for b2b and b2b_custom application, I have pasted below the component info
sap.com CORE-TOOLS 7.00 SP14 (1000.7.00.14.0.20071210170909) SAP AG SAP AG 20080125132852
sap.com SAP_JTECHF 7.00 SP14 (1000.7.00.14.0.20071210172424) SAP AG SAP AG 20080125132853
sap.com BASETABLES 7.00 SP14 (1000.7.00.14.0.20071210170411) SAP AG SAP AG 20080125132853
sap.com SAP-JEECOR 7.00 SP14 (1000.7.00.14.0.20071210172300) SAP AG SAP AG 20080125132852
sap.com JLOGVIEW 7.00 SP14 (1000.7.00.14.0.20071210160700) SAP AG SAP AG 20080125132853
sap.com SAP-JEE 7.00 SP14 (1000.7.00.14.0.20071210172039) SAP AG SAP AG 20080125132853
sap.com SAP_JTECHS 7.00 SP14 (1000.7.00.14.0.20071210172719) SAP AG SAP AG 20080125133813
sap.com BI_UDI 7.00 SP14 (1000.7.00.14.0.20071210170522) SAP AG SAP AG 20080125133909
sap.com BI_MMR 7.00 SP14 (1000.7.00.14.0.20071210170459) SAP AG SAP AG 20080125133230
sap.com UMEADMIN 7.00 SP14 (1000.7.00.14.0.20071210164800) SAP AG MAIN_APL70VAL_C 20080125140341
sap.com LM-TOOLS 7.00 SP14 (1000.7.00.14.1.20080124101556) SAP AG MAIN_APL70P14_C 20080125134809
sap.com SAP-SHRWEB 6.0 SP0 (1000.6.0.0.2.20080129095806) SAP AG MAIN_CRM70PAT_C 20110608153828
sap.com SAP-SHRAPP 6.0 SP0 (1000.6.0.0.2.20080128172843) SAP AG MAIN_CRM70PAT_C 20110608154506
b2b_custom application has been created by using code from the following SCs that were added to the track
SAPSHRWEB10_7-20003522.SCA
SAPSHRAPP10_7-20003520.SCA
SAPCRMWEB10_7-20003518.SCA
SAPCRMAPP10_7-20003516.SCA
SAPCRMDIC10_0-20003519.SCA
STRUTS01_0-10003646.SCA
SAPIPCMSA10_0-20003515.SCA
SAPCRMJAV10_7-20003517.SCA
SAPSHRJAV10_7-20003521.SCA
TEALEAF00_0-20001451.SCA
SAPBUILDT14_0-10003479.SCA
Any help would be great... -
Hello,
Question of a newbie:
In Windows Server 2012 I'm using IE10 to simulate numerous different users. But for some of these "fake" users I got the error:
Logon failure; the user has not been granted the requested logon type at this computer.
So I opened PowerShell : GPEDIT.MSC
Computer Configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignment.
In the detail zone : Double-Clic sur Allow log on locally.
Dialog box : Allow log on locally properties
But the Add User or Group
button is grayed out!
What can I do?
Thanks for your help!Several months after...
I found the solution : the user has to be member of the Server
Operators in Active Directory.
That's all :)
Thanks -
We just rebuilt our machine with server 2012, and it was working flawlessly and then randomly it started giving me this error if i would try to start up a machine. At first this was just an annoyance but now it is worrying me greatly. I have tried
everything from logging on as the domain admin account to the actual server administrator account. Nothing seems to start these machines up, and I need them to start.
'Computer1' failed to start worker process: Logon failure: the user has not been granted the requested logon type at this computer. (0x80070569).Hi,
As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as 'Answered' as the previous steps should be helpful for many similar scenarios.
If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.
In addition, we'd love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems.
Thanks!
Lawrence
TechNet Community Support -
Hello ,
For my user id, I have the authorization for the transaction, but still iam getting the error that, you don’t have authorization, plz suggest?????
ThnksHello Sampath,
after you have received the error message about the no authorization, run transaction SU53.
This transaction shows which authorization has failed last time.
Best regards,
Laszlo -
Need some help, I was downloading an album when the message "could not complete itunes store request, requested resource not found." "Error in the itunes store please try again later." My account has been deducted for the amount of the album, but I dont have it downloaded on my computer. Please help!!! Thank you!!!
Does the purchases show in your Purchased list?
Downloading past purchases from the App Store, iBookstore, and iTunes Store
Have you looked at the previous discussions listed on the right side of this page under the heading "More Like This"? Ones with a green checkmark are solved.
Next contact iTunes by:
Contact iTunes -
When testing the message from RWB error - User PAMIDIK has no authorization
Hi Experts,
When i am testing the scenario from FILE to PROXIE i am geeting the following error in SXMB_MONI.
i went to RWB - IE - TEST MESSAGE .the message had left from RWB but when i see in SXMB_MONI in XI i get the following error.
Error Message: User XX has no authorization to process messages
Regards
KiranHi ,
where you are testing the message in RWB, IE or Adapter Engine ??I think you dont have proper authorization to perform the action check with you basis team.
Regards,
Raj -
Hi @ all,
I've got a question regarding a migration scenario from Exchange 2003 to Exchange 2010 / 2013.
In 2003 a pop up appears in general before sending the request if a meeting request is for example too far in the future or if the atendee has no permission for the ressource.
In a few tests we did the request is sent to all the participants and afterwards the room sends the cancellation email. This is very annyoing because in 2003 the request was not sent thereby giving one the possibility to change the meeting with the correct
ressource.
Is it possible to generate this pop up in 2010 / 2013 hindering you to send a meeting request until you get it right as it is in 2003?
Thanks in advance and regards from Germany
ReneExtensions
Produtools Manuals 2.1 Community Toolbar 3.21.0.1 ({b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1})
Open the Add-ons Manager by
Pressing the '''Alt''' or '''F10''' key to bring up the tool bar.
Followed by; '''Tools > Add-ons.'''
Hot key; '''<Control> ''(Mac: <Command>)'' <Shift> A)'''
On the left side of the page, select Extensions. -
LDAP : Access for the requested connection is refused.
Hi
After successfully connected to ldap server through OBI rpd , I imported the users and created init. blocs and variables.
But when logging into dashborad/Answers i am getting the following error :
Error Codes: OPR4ONWY:U9IM8TAC
State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused. [nQSError: 13024] Successful completion of init block 'oidAuthentication' is required. (08004).
Pls. help.RPD users got preference over LDAP users i.e if you have a user with same name in RPD and LDAP, then RPD authentication will take place and not the LDAP authentication.
Now if you are importing all the users from LDAP to RPD, then LDAP authentication will not take place and creating INIT block for the same will through an error when trying to login to Presentation services (if Required for Authentiaction is checked).
Workaround
You can create groups in your LDAP and assign all your users to these groups.
Import groups to RPD and do group level authorization.
Do not import users to RPD and create INIT block for LDAP authentication.
Refer Oracle® Business Intelligence Server Administration Guide- 15# Security in Oracle BI for more details.
Maybe you are looking for
-
Microsoft Report Viewer Print Button is not Displayed in FireFox. Why?
Hi, I have developed a reporting web site using asp.net. To view the reports I have used the microsoft report viewer. In IE it works fine. But when im goint to run this web site in Fire Fox some buttons (print button, search button) in the ReportView
-
Ive synced and backed up my iPod onto my old laptop which has now broken, how can i sync and bakc it up onto a new computer without everything being wiped?
-
Phone won't face time-rcv or send. FaceTime bar Accept / Decline goes directly to End after tap accept. Turned off & on + closed all open applications. FaceTime button is "ON". Can U advise how to get working again?
-
Hello, Since yesterday my TV became to act strange. When I let tv on standby for a long time and turn it on, the tv turns on but show no image. If I shutdown, by the remote, and turn it acts normal, but if I shutdown and let it be in standby for a lo
-
Time sheet, rates, date dependent
I am trying to figure out the best database design for the following; I have individuals (stored in Agents table) that enter their billing or time worked each day for different projects. Now we have different rates that we pay based on the person and