Authorization for the menu transactions

Hi,
Where can I setting fot the user to use transactions for the several menu types.
For example: S002 for administration, MB00, CS00, HUM, HUM_CHANGE, HUM_MD, LE_INB, LE_IS, LE_MASTER, LE_OUTB, LE01, LES, LLVS, LO01, MC00, MCC1, MCC2, MCE0, MCE9, MCU0, ME00, MM00, SI00, VF00, VX00, WEKF, WKUN, WL00, WM00, CMRP, FKMN, etc...
Thanks,
Gábor

Hi,
Just a question about it. I can use these area menu transactions.
But when I list the transactions which are in my assigned roles, I couldn't find the area menus.
Do you know where can I find if an area menu has been assigned to a user or a role?
Thanks so much,
Best regards,
Gábor

Similar Messages

  • For my user id, I have the authorization for the transaction, but still iam getting the error that, you don't have authorization, plz suggest?

    Hello ,
    For my user id, I have the authorization for the transaction, but still iam getting the error that, you don’t have authorization, plz suggest?????
    Thnks

    Hello Sampath,
    after you have received the error message about the no authorization, run transaction SU53.
    This transaction shows which authorization has failed last time.
    Best regards,
    Laszlo

  • List of users who have authorization for a particular transaction?

    Hi All,
    Can anyone guide me how to know the list of users who have authorization for a particular transaction?
    I need this to find out the list of authorizations that are obsolete ,when the particular trnsaction is obsolete in an Upgrade process.
    Thanks in advance.

    we can get the list of users for a particular transaction as below.
    get the tcode and place in AGR_TCODES and we get the list of roles .
    loop the roles and pass each role to AGR_USERS and we get list of users for that role.
    finally we got the list of users for that tcode.

  • Restrict authorizations for payment item transaction

    Hi All,
    This is regarding authorizations for a banking system.
    The requirement is the users need to be restricted for the following transaction based on the Bank Posting Area or the contract managing unit.
    BCA_PAYMITEM_CREATE
    When the user goes to create payment item the user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM. The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area
    BCA_PAYMITEM_MAINTN
    The user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM .The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area.
    I checked the transactions in SU24 and found only authorization object S_TCODE associated with the transcations BCA_PAYMITEM_CREATE and BCA_PAYMITEM_MAINTN.
    Can someone please suggest a way to acheive this.
    Regards,
    Thamarai.

    Hi Shiva,
    I tried assigning the org unit using PFCG ORGFIELD CREATE.
    Now the org unit in pfcg shows Org. level Contract-Managing Organizational Unit (Encrypted) but there is no coresponding field in the authorization objects in the role.
    Can you please help since the project is very critical.
    Regards,
    Thamarai.

  • No authorization for the creation of resource WG10 00_1000_001

    Dear All,
    While checking SMQ1(Outbound queue), we found 2 displayed , pls check below details.
                   Queue Informationen
    Number of Entries Displayed:                11
    Number of Queues Displayed:                  2
      Cl. Queue Name               Destination                      Entries
      100 CFLDZ31CLNT100_0034      E06CLNT100                               4
      100 MCEX03                   NONE                                     7
    While Double clicking queue (CFLDZ31CLNT100_0034), Its shows Status SYSFAIL .
    Please check details log.
    Cl. Queue Name               Destination                      Entries    Status   Date 1     Time 1   NxtDate    NxtTim   Wait for queue
    100 CFLDZ31CLNT100_0034      E06CLNT100                               4  SYSFAIL  22.09.2011 12:57:11 22.09.2011 13:16:32
    Note : E06CLNT100 (SCM System).
    While double clicking SYSFAIL Its shows No authorization for the creation of resource
    00_1000_001.
    Kindly Suggest.

    And also User not able to do activate Integration Model using Transaction CFM2 , it is giving error as below .
    System:    E06CLNT100    User:  KAPGATEG 22.09.2011 12:57:11
    Function/Q/SAPAPO/CIF_RES_INBOUND4
    Text:        No authorization for the creation of resource WG10
    Kindly advise.

  • Doesnot ask for access key. error No authorization for the 'S_DEVELOP'

    Hi,
    After applying patches,in transaction F-43 one of the field Inv Recd Date( BSEG-ZOLLD) is not getting displayed.
    after analzing we found that ZOLLD is not there in screen SAPMF05A(0302).
    in my development server when i try to change the screen it says "You have no authorization for the authorization object 'S_DEVELOP', which would allow you to change the screen concerned"
    my profiles contains sap_all and sap_new rights even then I am getting this error.
    Why doesnt it ask for access key ?
    Kindly guide me .
    Regard

    > Please check in Su24, if iy has S_develop object or not,
    In SU24? why? and what or who is "iy"?
    > since you say you have SAP_ALL access please regenerate SAP_ALL its a composite profile this should work fine.
    What does the fact that it is a composite profile matter? Besides that I've already made a remark about regenerating it.
    > But you need to check at SU24 against f-43 whether S_develop missing or not,if missing please insert manually
    Ehm, do you really think the SU24 settings for a transaction influence the changeability of it's underlying screens/programs etc? It will not matter at all what you do with S_DEVELOP in SU24.

  • How to remove authorizations for a particular transaction

    Hi,
    I have an SAP_ALL authorisation for a user. I need to remove authorization for a particular transaction (FK01) for this particular user.
    How do i make that.

    Hi Marcus ,
    u can remove authorization Objects for a given tcode ,but what i am thinking is SAP_ALL will get ride of this child objects , may be i am wrong.
    But what i am saying is check that are the authorization which are required to run FK01/XK01 and remove them from that Role .
    2.Otherwise check for Object S_Tcode and remove FK01 and XK01.
    Regards
    Prabhu

  • BADI's for the MD04 Transaction ?

    Hello All ,
               I want to know the BADI's for the MD04 Transaction.
    I want to incorporate one Custom-Authorization Object in this Transaction.
    Is it Posible ?
    If yes can anyone help me out ?`
    Regards,
    Deepu.K

    There are multiple ways of searching for BADI.
    • Finding BADI Using CL_EXITHANDLER=>GET_INSTANCE
    • Finding BADI Using SQL Trace (TCODE-ST05).
    • Finding BADI Using Repository Information System (TCODE- SE84).
    1. Go to the Transaction, for which we want to find the BADI, take the example of Transaction VD02. Click on System->Status. Double click on the program name. Once inside the program search for ‘CL_EXITHANDLER=>GET_INSTANCE’.
    Make sure the radio button “In main program” is checked. A list of all the programs with call to the BADI’s will be listed.
    The export parameter ‘EXIT_NAME’ for the method GET_INSTANCE of class CL_EXITHANDLER will have the user exit assigned to it. The changing parameter ‘INSTANCE’ will have the interface assigned to it. Double click on the method to enter the source code.Definition of Instance would give you the Interface name.
    2. Start transaction ST05 (Performance Analysis).
    Set flag field "Buffer trace"
    Remark: We need to trace also the buffer calls, because BADI database tables are buffered. (Especially view V_EXT_IMP and V_EXT_ACT)
    Push the button "Activate Trace". Start transaction VA02 in a new GUI session. Go back to the Performance trace session.
    Push the button "Deactivate Trace".
    Push the button "Display Trace".
    The popup screen "Set Restrictions for Displaying Trace" appears.
    Now, filter the trace on Objects:
    • V_EXT_IMP
    • V_EXT_ACT
    Push button "Multiple selections" button behind field Objects
    Fill: V_EXT_IMP and V_EXT_ACT
    All the interface class names of view V_EXT_IMP start with IF_EX_. This is the standard SAP prefix for BADI class interfaces. The BADI name is after the IF_EX_.
    So the BADI name of IF_EX_CUSTOMER_ADD_DATA is CUSTOMER_ADD_DATA
    3. Go to “Maintain Transaction” (TCODE- SE93).
    Enter the Transaction VD02 for which you want to find BADI.
    Click on the Display push buttons.
    Get the Package Name. (Package VS in this case)
    Go to TCode: SE84->Enhancements->Business Add-inns->Definition
    Enter the Package Name and Execute.
    Here you get a list of all the Enhancement BADI’s for the given package MB.
    Also have a look at below report which will list BADIs.
    *& Report  ZNEGI16                                                     *
    REPORT  ZNEGI16                                 .
    TABLES : TSTC,
    TADIR,
    MODSAPT,
    MODACT,
    TRDIR,
    TFDIR,
    ENLFDIR,
    SXS_ATTRT ,
    TSTCT.
    DATA : JTAB LIKE TADIR OCCURS 0 WITH HEADER LINE.
    DATA : FIELD1(30).
    DATA : V_DEVCLASS LIKE TADIR-DEVCLASS.
    PARAMETERS : P_TCODE LIKE TSTC-TCODE,
    P_PGMNA LIKE TSTC-PGMNA .
    DATA wa_tadir type tadir.
    START-OF-SELECTION.
    IF NOT P_TCODE IS INITIAL.
    SELECT SINGLE * FROM TSTC WHERE TCODE EQ P_TCODE.
    ELSEIF NOT P_PGMNA IS INITIAL.
    TSTC-PGMNA = P_PGMNA.
    ENDIF.
    IF SY-SUBRC EQ 0.
    SELECT SINGLE * FROM TADIR
    WHERE PGMID = 'R3TR'
    AND OBJECT = 'PROG'
    AND OBJ_NAME = TSTC-PGMNA.
    MOVE : TADIR-DEVCLASS TO V_DEVCLASS.
    IF SY-SUBRC NE 0.
    SELECT SINGLE * FROM TRDIR
    WHERE NAME = TSTC-PGMNA.
    IF TRDIR-SUBC EQ 'F'.
    SELECT SINGLE * FROM TFDIR
    WHERE PNAME = TSTC-PGMNA.
    SELECT SINGLE * FROM ENLFDIR
    WHERE FUNCNAME = TFDIR-FUNCNAME.
    SELECT SINGLE * FROM TADIR
    WHERE PGMID = 'R3TR'
    AND OBJECT = 'FUGR'
    AND OBJ_NAME EQ ENLFDIR-AREA.
    MOVE : TADIR-DEVCLASS TO V_DEVCLASS.
    ENDIF.
    ENDIF.
    SELECT * FROM TADIR INTO TABLE JTAB
    WHERE PGMID = 'R3TR'
    AND OBJECT in ('SMOD', 'SXSD')
    AND DEVCLASS = V_DEVCLASS.
    SELECT SINGLE * FROM TSTCT
    WHERE SPRSL EQ SY-LANGU
    AND TCODE EQ P_TCODE.
    FORMAT COLOR COL_POSITIVE INTENSIFIED OFF.
    WRITE:/(19) 'Transaction Code - ',
    20(20) P_TCODE,
    45(50) TSTCT-TTEXT.
    SKIP.
    IF NOT JTAB[] IS INITIAL.
    WRITE:/(105) SY-ULINE.
    FORMAT COLOR COL_HEADING INTENSIFIED ON.
    Sorting the internal Table
    sort jtab by OBJECT.
    data : wf_txt(60) type c,
    wf_smod type i ,
    wf_badi type i ,
    wf_object2(30) type C.
    clear : wf_smod, wf_badi , wf_object2.
    Get the total SMOD.
    LOOP AT JTAB into wa_tadir.
    at first.
    FORMAT COLOR COL_HEADING INTENSIFIED ON.
    WRITE:/1 SY-VLINE,
    2 'Enhancement/ Business Add-in',
    41 SY-VLINE ,
    42 'Description',
    105 SY-VLINE.
    WRITE:/(105) SY-ULINE.
    endat.
    clear wf_txt.
    at new object.
    if wa_tadir-object = 'SMOD'.
    wf_object2 = 'Enhancement' .
    elseif wa_tadir-object = 'SXSD'.
    wf_object2 = ' Business Add-in'.
    endif.
    FORMAT COLOR COL_GROUP INTENSIFIED ON.
    WRITE:/1 SY-VLINE,
    2 wf_object2,
    105 SY-VLINE.
    endat.
    case wa_tadir-object.
    when 'SMOD'.
    wf_smod = wf_smod + 1.
    SELECT SINGLE MODTEXT into wf_txt
    FROM MODSAPT
    WHERE SPRSL = SY-LANGU
    AND NAME = wa_tadir-OBJ_NAME.
    FORMAT COLOR COL_NORMAL INTENSIFIED OFF.
    when 'SXSD'.
    For BADis
    wf_badi = wf_badi + 1 .
    select single TEXT into wf_txt
    from SXS_ATTRT
    where sprsl = sy-langu
    and EXIT_NAME = wa_tadir-OBJ_NAME.
    FORMAT COLOR COL_NORMAL INTENSIFIED ON.
    endcase.
    WRITE:/1 SY-VLINE,
    2 wa_tadir-OBJ_NAME hotspot on,
    41 SY-VLINE ,
    42 wf_txt,
    105 SY-VLINE.
    AT END OF object.
    write : /(105) sy-ULINE.
    ENDAT.
    ENDLOOP.
    WRITE:/(105) SY-ULINE.
    SKIP.
    FORMAT COLOR COL_TOTAL INTENSIFIED ON.
    WRITE:/ 'No.of Exits:' , wf_smod.
    WRITE:/ 'No.of BADis:' , wf_badi.
    ELSE.
    FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
    WRITE:/(105) 'No userexits or BADis exist'.
    ENDIF.
    ELSE.
    FORMAT COLOR COL_NEGATIVE INTENSIFIED ON.
    WRITE:/(105) 'Transaction does not exist'.
    ENDIF.
    AT LINE-SELECTION.
    data : wf_object type tadir-object.
    clear wf_object.
    GET CURSOR FIELD FIELD1.
    CHECK FIELD1(8) EQ 'WA_TADIR'.
    read table jtab with key obj_name = sy-lisel+1(20).
    move jtab-object to wf_object.
    case wf_object.
    when 'SMOD'.
    SET PARAMETER ID 'MON' FIELD SY-LISEL+1(10).
    CALL TRANSACTION 'SMOD' AND SKIP FIRST SCREEN.
    when 'SXSD'.
    SET PARAMETER ID 'EXN' FIELD SY-LISEL+1(20).
    CALL TRANSACTION 'SE18' AND SKIP FIRST SCREEN.
    endcase.
    I hope it helps.
    Best Regards,
    Vibha
    *Please mark all the helpful answers

  • Fix authorizations for the budget approval flow (internal orders)

    Hi,
    I need to fix the authorizations for the budget approval flow.
    What do I need to take into account?
    Thank you.
    Kind regards,
    Linda

    (1) Each appropriation request should be attached to an investment program (leaf) position. To update the approved budget on the investment program from time to time, you should
        -  make a plan rollup from the appropriation requests to the program positions via IM34 (use an appropriate status selection profile on the initial screen of IM34 and select appropriation requests only to make sure that
           >  only appropriation requests
           >  with status 'Approved' are taken into account),
        -  To budget the investment program via IM32, set view 'Planned total' (Menu: 'Views -> Planned total') and copy this view, which contains the latest approved budget amounts, to the "real" budget (Menu: 'Edit -> Select -> Select all' and then 'Edit -> Copy view').
    (2) You can even generate an order from the appropriation request that enherits the appropriation requests plan value. For details see SAP Library (Menu: 'Help -> SAP Library'), path 'Financials -> IM Investment Management -> Appropriation Requests -> Replacement by a measure for implementation'.  Analogously to step (1), you can also take over the orders 'Planned total' view into the orders budget via txn IM52.
    If you strictly limit the authorisations to execute IM34, IM32 and IM52 as pointed out in steps (1) and (2) to a handful of people who execute these functions as pointed out above (withoud adding or removing budget arbitrarily, of course), the budgeting process
    really focusses on planning/approving appropriation requests which is fully accompanied by the approval workflow.
    Hope above helps you.
    Regards
    Siva

  • You have no authorization for the requested data

    Hi Gurus,
    While trying to display data in manual layout it shows the erros as
    You have no authorization for the requested data.
    Any reason behind that.
    Thanks,
    Debasish

    Hi Debasisha
    I faced the same problem yesterday, as Ivan told apply the transaction code rssm. In Business Information Warehouse Authorizations window go to checks for InfoProvider and select your Cube and click the change button. in that window you can see the which infoobjects are selected under switched on column deselct the checkboxes for authorization obj. save -  refresh
    and go to BPS screen execute your layout you can find your layout. I solved my problem like that.
    Hope it helps you.
    Regards,

  • Authorization for the report

    Hi
    I have made one report,  I needed to check the authorization for the report, how to do it.
    Eg.  One employee is executing the report, he only needed to select his transaction
    If somebody from one sales organisation, they only needed to take the data belongs to the sales office.
    SELECT-OPTIONS: p_vkorg  FOR tvkot-vkorg.
    SELECT-OPTIONS: p_pernr FOR pa0001-pernr
    for example two selection parameter is displaying. if my employee no is 100, while trying to enter execute the report for 200 employee no. no data should show. like that vkorg filed also should work.
    Please let me know how it possible.
    Regards
    Sebastian John

    Hi,
    You can change the code below
    *---Authorization for Company code entered by the users.
    *---This code will restrict users to see data for company
    *---codes which they are not authorized to.
    *---Select all the company codes based upon selection entered by the
    *---user
    SELECT bukrs
       FROM t001
       INTO TABLE li_bukrs
      WHERE bukrs IN z_bukrs.
    IF sy-subrc EQ 0.
    *---Clear Screen variable for Company code
       CLEAR z_bukrs.
       REFRESH z_bukrs.
    *---Filter and prepare Select options for Company code table to be
    *---passed to query. Table will only have values of company codes he is
    *---authorized to for display.
       LOOP AT li_bukrs INTO lwa_bukrs.
         AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                           ID 'BUKRS' FIELD lwa_bukrs
                           ID 'ACTVT' FIELD '03'.
         IF sy-subrc = 0.
           z_bukrs-sign = 'I'.
           z_bukrs-option = 'EQ'.
           z_bukrs-low = lwa_bukrs.
           z_bukrs-high = space.
           APPEND z_bukrs.
         ELSE.
           lv_flag = 'X'.
         ENDIF.
       ENDLOOP.
    *---Give warning message to the user in case he is not authorized to see
    *---data for all the company codes that he has entered.
       IF lv_flag = 'X'.
         MESSAGE ID 'ZFNG' TYPE 'W' NUMBER '015'.
       ENDIF.
    ENDIF.
    This code does an authorization check at company code level and removes all the company codes that user has entered but is not authorized to look for. After that we pass the filtered list of company codes for which user is authorized to in the select query and fetch the results. You can first select all the records from database for PERNR and VKORG. Then filter them and prepare new list of VKORG and PERNR after performing authorization check and pass it further to select queries in your program.
    KR Jaideep,

  • How to take a report for the assigned transaction and activity in a role

    Hi Colleagues,
    I want to take a report for the assigned transaction with activity for all roles, which are assigned to the users,
    Transaction list for a role i can able to take it from SUIM but not able to take the ACTVT for the role.
    Please suggest how to take this information.
    BR,
    Jai

    Hi Jaikumar from the post :
    I think you have reached the state of finding the USER to ROLE relationship
    Take the output to an excel,
    COPY just the roles column exactly in order do not rearrange , use AGR_1251 like other experts have mentioned
    insert the roles copied from you buffer and execute, the output will have multiple entries for each role take the output to an EXCEL again , make it unique and match the outputs between both the EXCELS.
    It will be a little tricky to do this, but I think you are proficient in MS EXCEL.
    This is one of the ways to do , there are many other ways to do it.

  • Report S_ALR_87013105 : no authorization for the report/ table 7KU6_001

    Hi Gurus,
    While executing the program S_ALR_87013105 (Detailed Reports 
    For Sales Order : Plan/Actual Comparison ) system showing the selection log.
    "Have no authorization for the report/table  7KU6_001 and 7KU6_002".
    But for the user the authorization check through SU53 was successful.
    Pl can any one suggest on this issue.
    Thanks in advance,
    Vijay

    Hi,
    Contact your basis consultant to provide the missing authorisation. This is one of the authorisation object.
    Regards,
    Sankar

  • How to create F4 for the standard transaction

    Hi all ,
    How to create F4 for the standard transaction for a particular field .
    Bye

    Santosh,
        You can create F4 values for a field in a standard Transaction .
    1. First search for a standard search help meeting your requirement .
    2. If you don't find one, create your own custom (z) serach help .
    ( 1 is preferable )
    After that, include that serch help to the standard field in the transaction .
    For this u need to go to the screen
    ( F1->F9-> screen-> Field )
    Click on the property of the field and include the search help .
    You ll require the access key from the basisi guys as u r changing standard .
    Hope it helps,
    ~ laxmi
    Reward for helpful answers

  • In Bdc I have huge volume of data to upload for the given transaction

    Hi gurus,
    In Bdc I have huge volume of data to upload for the given transaction, here am using session method, it takes lots of exection time to complete the whole transaction, Is there any other method to process the huge volume with minimum time,
    reward awaiting
    with regards
    Thambe

    Selection of BDC Method depends on the type of the requirement you have. But you can decide which one will suite requirement basing the difference between the two methods. The following are the differences between Session & Call Transaction.
    Session method.
    1) synchronous processing.
    2) can tranfer large amount of data.
    3) processing is slower.
    4) error log is created
    5) data is not updated until session is processed.
    Call transaction.
    1) asynchronous processing
    2) can transfer small amount of data
    3) processing is faster.
    4) errors need to be handled explicitly
    5) data is updated automatically
    Batch Data Communication (BDC) is the oldest batch interfacing technique that SAP provided since the early versions of R/3. BDC is not a typical integration tool, in the sense that, it can be only be used for uploading data into R/3 and so it is
    not bi-directional.
    BDC works on the principle of simulating user input for transactional screen, via an ABAP program.
    Typically the input comes in the form of a flat file. The ABAP program reads this file and formats the input data screen by screen into an internal table (BDCDATA). The transaction is then started using this internal table as the input and executed in the background.
    In ‘Call Transaction’, the transactions are triggered at the time of processing itself and so the ABAP program must do the error handling. It can also be used for real-time interfaces and custom error handling & logging features. Whereas in
    Batch Input Sessions, the ABAP program creates a session with all the transactional data, and this session can be viewed, scheduled and processed (using Transaction SM35) at a later time. The latter technique has a built-in error processing mechanism too.
    Batch Input (BI) programs still use the classical BDC approach but doesn’t require an ABAP program to be written to format the BDCDATA. The user has to format the data using predefined structures and store it in a flat file. The BI program then reads this and invokes the transaction mentioned in the header record of the file.
    Direct Input (DI) programs work exactly similar to BI programs. But the only difference is, instead of processing screens they validate fields and directly load the data into tables using standard function modules. For this reason, DI programs are much faster (RMDATIND - Material Master DI program works at least 5 times faster) than the BDC counterpart and so ideally suited for loading large volume data. DI programs are not available for all application areas.
    synchronous & Asynchronous updating:
    http://www.icesoft.com/developer_guides/icefaces/htmlguide/devguide/keyConcepts4.html
    synchronous & Asynchronous processings
    Asynchronous refers to processes that do not depend on each other's outcome, and can therefore occur on different threads simultaneously. The opposite is synchronous. Synchronous processes wait for one to complete before the next begins. For those Group Policy settings for which both types of processes are available as options, you choose between the faster asynchronous or the safer, more predictable synchronous processing.
    By default, the processing of Group Policy is synchronous. Computer policy is completed before the CTRLALTDEL dialog box is presented, and user policy is completed before the shell is active and available for the user to interact with it.
    Note
    You can change this default behavior by using a policy setting for each so that processing is asynchronous. This is not recommended unless there are compelling performance reasons. To provide the most reliable operation, leave the processing as synchronous.

Maybe you are looking for