Assigning  ZCNTADMCES, ZCNTADMJOB , ZCNTADMRPT authorization objects

Similar Messages

• Cannot find authorization objects

  Hi Experts,
  Im trying to configure SAP Integration kit for BO and while I am trying to configure my SAP account to use the required authorization objects I cannot find the following:
  ZCNTADMCES
  ZCNTADMJOB
  ZCNTADMRPT
  Thank you
  Andreas Kirtou

  Yes you are right.
  I accidentally missed transports
  Content Administration transport (K900579.r21 and R900579.r21)
  Personalization transport (K900580.r21 and R900580.r21)
  MDX Query Connectivity transport (K900581.r21 and R900581.r21)
  ODS Connectivity transport (K900582.r21 and R900582.r21)
  Thanks a lot

• About authorization object

  Hi basis guys........
  i am not able to give print request.its showing authorization error
  "no authorization for LOCAL PRINTER" and "output could not be issued"
  i checked su53 screen. and i assigned that activity in authorization object.
  even then its showing authorization problem.
  Is there any object to add to get printing ?
  and what is "s_gui" object ? is that works?
  Please tell me your suggestions
  Regards........nagendra.

  Hi
  Check whether for the user a printer is assigned or not. Only the printer which is assigned to the user in SU01 can be used by the user.
  What u can try is assign the Local Printer in default printer for that particular user.
  Also if you have assigned the authorization object that was missing then there should not be a problem.
  Regards
  Sumit Jain
  [reward with points if the answer is useful]

• User List for a specific Authorization Object

  Hi all,
  i am looking for a way to get a list of all users assigned to a specific Authorization Object with specific values. The FM 'authority_check' is the other way arround and not that what i need. Do someone have an idea.
  Many thanks in advance.
  Ali

  Hi,
  Try this FM
  SUSR_USER_AUTH_FOR_OBJ_GET
  Check this FM
  AUTHORIZATION_DATA_READ_SELOBJ
  Rgds,
  Prakash
  Message was edited by: Prakashsingh Mehra

• Authorization Object inative in PFCG

  Hi,
  We created an authorization object for a Z BSP application that is used in htm page.
  When I try to create a role allowing that authorization object in PFCG, auth. object remains inactive and there is no possibility to active it.
  Does anyone knows how I can activate this object ?
  Many thanks.

  I was having the same problem. I was adding an auth object S_ASAPIA of class BC_Z to role (both manually or via Selection Criteria, the authorization is in the selection criteria list) but for some reason I could not make it active, the authorization is brought into the role as inactive. After some digging I realized the problem by looking up the authorization object in SU03. When I tried to check for authorizations associated with the authorization object in SU03 I got an error message:
  No fields have been maintained for this object
  Message no. 01231
  Checking table TOBJ I realized that this is not the only such problem:
  Here are 4 objects in my ECC system that have the same problem. ([ObjectID] [Object Class ID])
  K_ORGUNIT     CO
  S_ASAPIA     BC_Z
  S_RS_PPMAD     RS
  ZSTAT     BC_A
  I found these auth objects by searching for blanks in the field FIEL1 in table TOBJ.
  By the way I also found a number of objects that were not assigned to a valid Authorization Object Class. PFCG will not allow you to add these objects at all, even though they do exist in table TOBJ. ([ObjectID] [Object Class ID])
  CRMCONFMOD     CRM
  CRM_WSC     CRM
  CRM_WST     CRM
  PLM_LAYOUT     PLMB
  RSCRMBUPA     RSAN
  RSCRMEXTR     RSAN
  RSCRM_TG     RSAN
  RSDMEENGIN     RSAN
  RSDMEMBW     RSAN
  RSDMEMODEL     RSAN
  S_ESH_T_BG     TST
  S_ESH_T_MT     TST
  S_ESH_T_PR     TST
  I found these objects by copying all the classes in table TOBC and filtering out all the records in table TOBJ using exclude values in the field OCLSS. The resulting list is those objects not assigned to a valid object class.
  Note that most of this data was SAP delivered.
  Hope this helps to answer this Q.

• Authorization object  assigning to user profile

  Hi all,
    Wht are the steps involved in assigning authorization object S_GUI with activity 60 (S_GUI ACTVT=60) to the users profile.
  Thanks

  you can assign authorization profile to user through Role..
  goto PFCG, either create a new role or change an existing role(which the user has)
  go to authorization tab, change authorization, click manually button,
  add S_GUI and then click on values, select 60.. save the role, generate it..
  if it is new role that you have created, then go to SU01 - roles, add it.. save user..

• Programmatically assigning Authorization Objects to roles

  Hi there,
  I have created an authorisation object with eight fields. The fields control which parts of my application are accessible to the user. (Each field is one category, each category has several subcategories).
  What I want to do is the following:
  There shall be a custom authorization dialog, wherein the system administrator can configure the access of the application for a specific user.
  In plain text: I want to develop an interface which makes it possible to assign authorisation objects with specific values to a user or to an already existing role.
  Is there any functionality, that allows me to perform this assignment and regenerate the users profile?
  I already discovered, that the table UST12 contains the connection between the authorization profile of a role and an authorization object, as well as the assigned values. Anyhow, just to write new values to that table has no affect to the authorization when calling "authority-check object" in an ABAP report.
  Does anyone know, whether there are standard functions in the ERP System, that support the changing of authorization objects and the regeneration of roles?
  Thank you very much,
  Gregor
  Edited by: Gregor Bender on Mar 11, 2008 8:41 AM

  >
  Gregor Bender wrote:
  > I already discovered, that the table UST12 contains the connection between the authorization profile of a role and an authorization object, as well as the assigned values.
  Nope, sorry, it's not the connection but only one of the many.... Roles and profiles are stored in quite a lot of different tables so manipulating one table directly will hardly ever get you the desired situation. It may even lead to problems due to inconsistencies.
  For mass regenerating profiles there's transaction SUPC.
  For manipulating the contents of roles/profiles have a look at scripting with SECATT or LSMW in combination with PFCG.
  If you want to write code to add objects to roles you have to look at least in tables AGR_1250, AG_1251 and AGR_1252. The UST* tables are updated when generating profiles and/or comparing users.

• Assign authorization objects to newly created transaction

  I have just created a new transaction YMM02 as a copy of MM02. When I create a role using PFCG and enter in the new transaction there are no authorization objects proposed. Do these come from the original transaction or can I assign them through a SAP transaction or via a table entry?
  Regards,
  Brian

  Hi Brian,
  that's transaction SU24.
  See also its documentation if needed : http://help.sap.com/saphelp_nw70/helpdata/en/52/671449439b11d1896f0000e8322d00/frameset.htm
  BR
  Sandra

• Assigning authorization objects to transaction

  Hi All,
  While creating a new role using transaction PFCG, If i enter transaction SE38, i will get lot of authorization objects, fields where i can decide whether i should allow only display or change or create etc. But if i create my own transaction, then i will not get these authorization objects. Where should i assign there objects for my transactions.
  I tried to assign this in transaction se93, but that did not work.
  Thanks in advance.
  Best Regards,
  Surendra<b></b><b></b>

  TRY with SE97.
  and check the check box change mode and try running there you can change the authorizations..
  vijay

• Assigning of authorization object to authorization group

  I have created an authorization object and I have assigned this to already exsiting authorization group.I would like to assign the authorization object to a new  authorization group.Please confirm how to create an authorizaton group and assigning a authorization object to this new authorization group.

  hi,
  I have got a pdf related to this.
  I shall send that to you if i can get ur mail id.
  I too havent tried this. I dont have any authorizations to do with my server.
  Plz follow the following steps:
  1. Create a user (for example for SAP DEV, TEST, or PRD systems).
  2. Open the SAP Profile Generator (transaction PFCG) available in SAP R/3 versions 4.6 and above.
  3. Create an Activity group (Role since SAP 4.6C), for example ZBODI_ROLE.
  4. Enter a description for the role.
  5. Go to the Authorizations tab and click Change authorization data.
  6. On the Change Role: Authorizations screen, click the Manually,toolbar icon.
  7. The Manual Selection of Authorizations window opens.
  8. Type in the following authorization objects.
  S_ADMI_FCD*
  S_BTCH_JOB
  S_DEVELOP*
  S_DATASET
  S_PATH
  S_RFC
  S_TABU_DIS
  S_TCODE
  S_RS_ADMWB — for SAP BW
  9. Click OK
  10. Return to the Change Role: Authorizations screen.
  11. Manually configure components by entering the values  that support Data Integrator operations include:
  • Administration
  • Batch
  • BW loading
  • Development
  • File access
  • File system access
  • RFC calls
  • RFC calls in BW
  • Table source access
  • Transactions
  12. To complete the security profile, click the Back icon (or press F3), select
  the User tab, enter your SAP user ID for Data Integrator and click the Save icon.
  Regards,
  Sailaja.

• Authorization object assignment on USERS

  Hi,
  i have to maintain authorization objects in transaction types and users in our company, such that the executives (management of all org. units) of the company are able to see all the transactions including activities within the whole company.
  on the other hand the employees (<b>not executives</b>, belonging to a specific org unit) should be able to see ONLY the transactions belonging to his org. unit
  useful info is avlbl at: http://help.sap.com/saphelp_crm50/helpdata/en/26/99973915e69238e10000000a11402f/frameset.htm
  but where and how are these authorization objects assigned?
  Kindly help, thnx, all answers appreciated.
  Jacob.

  hi Jacob,
  Look at <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/81/0e0f61b566dc44bbb4055b3ccd25be/frameset.htm">Identity Management</a> maybe it helps you.
  Regards.
  Manuel

• Assign authorization object to standard transaction (VA02)

  I've success to create an authorization object and assigned to va02. I also use su24 to check indicator for my customize object. There are reported that it is Check. I think it is activated. Then i access va02, but it still can access, I suppose i no have right to access the va02. What's wrong for my setting. Acutally, I no much ideas for the authorization object. Can you give me some advise. Thanks a lot.

  Hi Giri,
  You could (and probably should) specify the check in SU24, but this won't make the check happen.  The values in SU24 are used in transaction PFCG when a role is created that includes this transaction.
  To make the authorisation check at runtime you'll need to code a user exit or similar to check your new authorisation object.
  Regards,
  Nick

• Authorization Objects assigned to a TCode

  Hi,
  Can you please tell me how do I know which all AUTHORIZATION OBJECTS are assigned to a T-Code.
  Thanks in advance,
  Ishaq.

  hi,
      check the T-codes SU24 and SU25
  sudheer.A

• Assigning authorization through assigning authorization objects

  hi all,
  can anybody tell me the whole procedure for assigning authorizations by assigning authorization objects from the scratch along with the example with guide for assigned authorizaon using this method.b'coz this is the requirement of our organization.
  I mean to say assign authorization manually without assigning trnsaction codes.
  suggestion are always accepted.
  if you want to send me the documents then my email id is [email protected]
  thanks in advance,
  waiting for reply............
  hardik patel.

  hi kumar,
          thanks for your help.
          ok i got it and i agree that i can find the authorization object by your suggested way.
      now my point is that i find that this perticulat object is corresponding to this particular trnsaction code. now if i want to aloow only four transaction code out of all transaction codes belongs to that authorization objects. so, for this how can i maintain authorization for this authorization objects.
  It means on " Change authorization tab" it shows fields of that added authorization objects. so what values should i give to those fields so that i can allow only particular transaction codes which i want. so, how can i determine these values for allowing particular transaction codes, not all transaction codes. can you guide me regarding this?
  Please help me regarding this?
  thanks for your support,
  waiting for your reply...............
  Regards,
  Hardik Patel.

• Assign authorization objects

  HI ,
  1. When i create new set of WS do i need to create to them authorization object ?
  2. if i create new set of users from scratch in the system and i want to provide to them one role that
  I create and contain for instance all the report and transaction that i want to provide,
  do i need to add to them another authorization objects ?
  3. if i create authorization object in the system how i add it to certain role ,i don't see these
  option in PFCG.
  Best Regards
  Michael

  HII,
  Yes u can aad  other authorization object to the existing role if the role needs it because user is unable to perform any task releated to it because of missing authorization object after seeing it in su53 because sometimes tcode assigned but corresponding authorization is not added by system automatically this creates prob for the user to perform task as far as adding up an authorization object u can added it  throught su24 or pfcg in pfcg u need to click on manuaally option u can added upto 8 authroziation objects and if u want to added it through su24 u click on add authorization object feild
  but never forget to save and generate the profile after adding authorization object and also do user comparsion and complete comparsion so this object gets added to the role
  byeeeeeeeeeeee
  takecare