Authorisation Objs

Similar Messages

• Authorisation obj for parameter group

  Hello Friends,
  Can anyone letme know the authorisation object for Parameter group in BPS.
  One of our customer gets the below error while executing an BPS report in Portal.
  "No authorisation for parameter group AlZ23K3".
  Regards,
  Balaji

  Hi,
  Ask the customer execute SU53 Tcode after immediat execution of BPS report. It will show the missing authorization object.
  Hope this helps.
  Veerendra.

• Interco transactions authorisation

  I would like to ask on inter-co transactions authorisation.
  The authorisation objects which controls the inter-co Tcode also control
  other normal Tcodes which we do not want to grant authorisation to other
  companies.
  Eg:
  Role: ZFI_A
  Inter-co Tcode: ABT1N
  Authorisation obj that controls company: A_B_ANLKL
  A_B_ANLKL also controls a lot of other Tcodes where the user is only
  allowed to post in his own company.
  If we grant  A_B_ANLKL authorisation: *  (ie all companies ) to ZFI_A, all
  other Tcodes under this authorisation will have access to other companies
  too.
  How can we restricts only a certain Tcodes to have authorisation for all
  companies where other Tcodes are authorised to only own company?
  Thanks.

  you can do that, normally what is followed in that case is to designate a single user Id for BDC executiona nd give it all the access so that it can be useful in tracking down the changes and all the other work too.
  Also, this will help in avoiding other users from making changes,
  But for using this option you have to discuss with you project manager and the client.
  Regards,
  Amit
  Reward all helpful replies.

• Release strategy based on costcentre for PR

  Hi Experts
  I want to add Cost Centre as my release criteria in the existing release strategy . Presently I have Purchase grp and amount as my release criteria . Pls advise me how to proceed on this . Kindly also let me know how the user can be mapped to cost centres for approval as the user wants to have different approvers for different cost centres. We have searched for the authorisation obj for cost centre but could not get mor information .Pls help .
  Thanks
  Edited by: Devashish  Lenka on Sep 6, 2010 2:10 PM

  Hi,
  Option-1:
  You can create release characteristics with field KOSTL and add this characteristic with release class with other release characteristics. And you can design your release strategy based on requirement & then limit the cost center via authorization object K_REPO_CCA
  Option-2:
  Create Purchasing Group (OME4) as Department & assign the department to Cost center(KS02/KS01). Now create purchasing group as release characteristics with field EKGRP add this characteristic with release class with other release characteristics. And now you can design your release strategy based on requirement.
  Regards,
  Biju K

• Joins to For All Entries

  Hi ABAP Folks,
  I am extracting a set a values from 5 different tables using FOR ALL statement and consolidating the results of each internal table to form a MASTER INTERNAL TABLE containing fields USERNAME ROLENAME ROLENAMETEXT TCODE TCODETEXT.
  BNAME UNAME->(USERNAME)
  AGR_NAME -> ROLES
  OBJECT,OBJCT->AUTHORISATION OBJ
  If the user input is a group name.
  Select BNAME CLASS From USR02 into LT_USR02 where CLASS IN S_USRGRP
  Select UNAME AGR_NAME into LT_AGR_USERS From AGR_USERS For All entries in LT_USR02 where UNAME = LT_USR02-BNAME
  Select AGR_NAME OBJECT into LT_AGR_1251 From AGR_1251 For All entries in LT_AGR_USERS where AGR_NAME = LT_AGR_USERS-AGR_NAME
  Select AGR_NAME TEXT into LT_AGR_TEXTS From AGR_TEXTS For All entries in LT_AGR_1251 where AGR_NAME = LT_AGR_1251-AGR_NAME
  Select OBJCT TCODE into LT_TSTCA From TSTCA For All entries in LT_AGR_1251 where OBJCT = LT_AGR_1251-OBJECT
  Select TCODE TEXTS into LT_TSTCT From TSTCT For All entries in LT_TSTCA where TCODE = LT_TSTCA-TCODE.
  Resultant ITAB IS User Name, User Group, User Group Texts, Transaction Codes, Transaction Code Text.
  <b>Is it better to go for a join in this case?Will joins be more efficient?Any help welcome and will be rewarded.</b>
  in case yes,Syntax for the above case will be helpful.
  Thanks in Advance.
  <b></b>

  Jayant,
  The joins are helpful when the two tables are related to each other basically VBAK and VBAP would be useful to join on document number but it is not advisable to join vbap and aufo on material number.
  In your case you can join the USER* related data and Transaction* related data via joins.
  Message was edited by: Anurag Bankley
  Message was edited by: Anurag Bankley

• How to use standard Authorisation object?

  Hi, suppose in PFCG in a Z role suppose i have added a standard tcode (exp. VA01). Now in the authorisation field if I go to chage it it will automatically populate all maintain screens regarding that TCODE where we can maintain authorisations.
  Now suppose I have used a standard authority obj (for exp V_VBAK_AAT ) in at-selection screen of my Zprogram. Now while assiging the Ztcode in the role I m not getting the maintains screen which generates automatically for standards. I have to use the standard authotity obj, but while assigning how can we call the maintainance screen for the used autho-obj?

  Hello All,
  The Problem is resolved now.
  Actually it was the first case only.
  When i created the new user id and checked i realized that its working fine and there was
  some mistake while checking previously.
  Anyways thanks for ur reply.

• What auth obj to use for allowing user to create and save workbook?

  Hi all,
  We are on BI 7.0, we have requirement which will allow users to develop and save workbooks (NOT BEX query) via BEx Analyzer. I have examined the auth obj S_RS_WKBK but it is obsolete auth obj and there is nothing similar obj in BI 7.0.
  i then looked at the S_BDS_D, is this all i need in order to allow user to save workbook on to the backend system?
  pls note, user can only save workbook NOT BEx query.
  regards,
  Joe

  Hi,
  Actually there is no direct away to do it
  First use the Authorisation s_user_agr , here in the activity field assign01,02,03 and 06 , in the role name assign a specific role name.
  In s_user_tcd in transaction asssign - RRMX.
  Got to PFCG, maintain the role.
  Hopr this will be expedite.
  ThaX and Regards
  Vaibhave Sharma

• DMS: CV02N without delete original option...any Authorisation object exist?

  Dear All,
              I have a requirement that a person requires to link WBS element, PO item or PR item to some documents which he doesn't has no authorisation to create or change since those are not created by his Dept. but he wants to links them to his WBS lement or PR item.
  So i was thinking of creating a role for him by giving a change mode athourization to those doc types but then he also gets the authorization to delete the original,
  Which he should not get.
  So is there any athuo. Obj. to control it or by any other method i can control it.
  Suggestions welcome.

  Hi Nishant,
  Delete authorization comes automatically with change role.
  So if you want this solution in SAP GUI then you have 2 options
  1. Make a ZTABLE with User IDs whom you want to restrict deletion activity and maintain the same in the cv02n user exit. This will disable your delete button.
  2. There is a BAPI i.e Document_Auth01 implement that and then remove the activity 52 from Auth Object C_DRAW_TCS. This will also restrict users from deleting originals.
  Else if you also want this solution is Easy DMS then to make you aware both above changes will not have any affect on EASY DMS there you can achieve this via registry Entries or Via ACL's.
  Hoe it answers your query.
  Thanks Amulya

• Authorisation checks failed

  Hi Guys
  A Problem has come in picture: I ran su53 and it ended with error for some users.
  This all has come in picture after we applied SP to SAP System.
  Authorisation check failed
     Object class BC_C Basis - Developement Environemnt
       Authorisation Ojb.S_TransLAT Translation environment ojbect
        Authorisation field ACTVT Activity
                                       02
        Authorisation filed TLANGUAGE Target Language
                                       E
        Authorisation field TRANOBJ Translation : Text type name
  Can anyone aware of this error?
  Regards
  Ricky
  Edited by: Ricky kayshap on Oct 14, 2008 4:56 PM

  Hi Ricky,
  You had said earlier that the SU53 had ended with errors for some users.What i wanted to say is that if you could check for those users if they are missing the authorizations as shown in SU53 in their user profile.
  For finding out the same.
  Go to SUIM
  Roles by complex search criteria
  In the field "User" give the user name i.e PASCOAJ
  Scroll down to the section "Selection according to authorization values"
  Enter the name of the auth. obj in the field "Object 1" i.e S_TRANSLAT
  Click on the button "Entry Values" and then in the respective fields below enter the values as per the SU53 error that you are getting.
  Then Execute.
  If the user PASCOAJ has this authorization avaliable in his user profile then the result would display the name of the roles through which he is getting the access or else it will display at the bottom "no data was selected" which would mean that the user does not have this particular authorization.
  You will then have to find out the appropriate roles if existing in your landscape with this authorization which can be assigned to the user without any SOD conflicts.
  Thanks,
  Saby..

• Authorisation checks while calling SAPGUI.

  Hi All,
  I am analysing the authorisations required to call SAP GUI Script.
  Autho obj S_SCR with ACTVT 16, should be present in user's profle to successfully call the SAPGUI Script.
  However auth check will only be active sapgui/user_scripting_per_user to TRUE.we have set the parameter to TRUE and were expecting for SAPGUI Script call to fail because of above missing authorisation.
  However, as the SAPGUI Script was successfully called without access to S_SCR auth obj.
  (Trace shows a check and returns a code RC=12,  for obj S_SCR).
  Can someone provide me inputs on authorisation checks while calling SAPGUI.

  Additional authorization check of S_SCR through parameter : sapgui/user_scripting_per_user is available with below software versions :
  SAP GUI for Windows
  1- 6.40: Patch 22 and following
  2- 7.10 and following
  SAP System
  1 - 6.40: Kernel 6.40 patch level 159, support package SAPKB64020
  2 - 7.00: Kernel 7.00 patch level 87, support package SAPKB70011
  3 - 7.10 and following
  Just check the version of SAP GUI and let us know.

• Authorisation missing

  Dear Gurus ,
                     When i ran mbbs report in our ECC server , we will get the error shown below .
                     You have no authorization for this transaction in plant TB01
  Message no. M7120
  Diagnosis
  According to the settings made in your user master record, you are not authorized to perform this transaction in plant TB01.
  So kindly give me the solution for this error.
  Regards,
  S.Palani Selvan

  Dear Subhash
                 AS per your suggestion i ran the same , below i mentioned the result .
                  Evaluation of Last Failed Authorization Check of User MARKET2
  Description          Authorization values
  User Name                      MARKET2      Authorization Object                     V_KONH_VKO
  System                         PRD          Client                                   100
  Date                           24.02.2011   Time                                     12:45:20
       Instnce                        eccprd       Profile Parameter auth/new buffering     4     
       03      Authorization check failed
            Object Class SD   Sales and Distribution
            Authorization Obj. V_KONH_VKO Condition: Authorization for Sales Organizations
            Authorization Field ACTVT Activity
                                                                                  01
            Authorization Field SPART Division
                                                                                  <Dummy>
            Authorization Field VKORG Sales Organization
                                                                                  S001
            Authorization Field VTWEG Distribution Channel
                                                                                  <Dummy>
       User's Authorization Data MARKET2
            Object Class SD         Sales and Distribution
            Authorization Object V_KONH_VKO Condition: Authorization for Sales Organizations
            Authorizat. T-PD08005900 Condition: Authorization for Sales Organizations
           Profl. T-PD080059   Profile for role ZITDEO
           Role ZITDEO
            Authorization Field ACTVT Activity
                                                                                  03
            Authorization Field SPART Division
            Authorization Field VKORG Sales Organization
                                                                                  S001
  I am not able to find the transactions which i have to give the authorisation .
  So kindly advice me .
  Regards
  S.Palani Selvan

• DP-Planning Book - Authorisation issue

  All,
  1. we have currently installed  SCM7.0
  2. We are builiding the roles  and authorisaiton.
  3. We have given authorisaiton to the transaction code  /SAPAPO/SDP94 - Interactive Demand Planning  and also
     /SAPAPO/SDP94 - Interactive Supply Network Planning (all Books) .
  4. But the user is not able to open the selectino profile and the below error is getting displayed
  "You are not authorized to use the selected function
  Message no. /SAPAPO/TSM600
  5. Any clue what is the exact object we need to give the authorisation.
  reg
  Dsk

  Hi all,
  1. the below is the result of Su53
  Authorization check failed
  Object Class APO  APO Authorization Objects
    Authorization Obj. C_APO_FUN  APO 3.0 Authorization Object: SDP Functions
      Authorization Field APO_FUNC Demand Planning and Supply Network Planning functions
                                                                                  S_SELE
      Authorization Field APO_PAREA Name of DP and SNP Planning Area                                 9ASNP02
  2. Also in the object  C_APO_FUN   bopth the files are given *.
  still i am facing the issues

• Authorisation error issues

  I have recently been having trouble viewing moveies and tv shows through my Apple TV (gen 1). When I go to play I get the error message that the "apple tv is not authorised to play this conent". This is a recent problem. I have followed the de-authorise/ re-authorise mac process and this solved it the first time, however the problem persists. The error message appearance coincides with the delivery of "**** on Wheels" TV show which is pushed to my iTunes each Monday. Has anyone else expereinced this error, is it triggered by a season pass or could it be something else?

  hello,
  this is because they have disabled your authorization for that application component say for e.g MM.
  You need to request BASIS to provide authorization for the appl.comp. you want in your user profile.
  then u will be authorized to execute any DS in tht appl.comp.
  Also,
  Are you loading with ALEREMOTE user, then check the roles this user have and if this authorization object is assigned to one of these roles.
  I think the profile reqd is :S_BI-WHM_RFC  and the auth obj is : S_RO_OSOA.
  Regards,
  Dhanya

• Merging Authorisation objects

  Hi,
  My project is about upgrading to SAP R/3 4.7 from 4.6B. We have done technical upgrade and now working on auothorisation issues using SU25.
  We choose to add new transactions to profile. Now we are working on merging new authorisations (using PFCG). We could see, <b>some of the old authorisations with status as "Maintained" are replaced by new authorisations.</b> The problem is some of the old auth objects are not in the final list  after merger and new auth are subtituted. Also importantly, not all the fields are filled with values as old ones.
  Is there anyway, we can make new auth objects comes with field values as old one?
  Thanks in advance!!!

  Mike,
  Thanks for your quick response. Since large number of profiles , manullay adding T-code is not possible. We use SU25 for doing so. We added new trans-codes and have not removed any old ones. This emsures, existing auth not much distrubed.
  while doing merging, we could see some of the old auth obj were replaced by new one. But the issue is " Field values" are missing in new auth obj. we are interested to know, how to get the same field value as old ones.
  Thanks !!

• Vendor Open items Authorisation

  Hi Peers!
  Is there any report were i can authorise the payments to which vendor and which invoice i can pay today like that.
  Ex: Say my higher authority wants to select the open items vendor wise to pay the due. so that i will check that invoices and pay through outgoing payment.
  Pls reply soon, Its urgent
  Thanks
  Murali

  Hi
  There are so many age wise analysis reports are there for analysing the customers or vendors open items. out of those, F.41 for vendor open items there you can find all the relevant data including business area level also satisfied because in some cases higher management wants the particular business area wise required for analysis. similarly f.21 for customers.
  I hope it will be suffice your requirement.
  Regads
  madhav