Authorization for transaction SE11 & SE12

Similar Messages

• Cancel a SD invoice error message "no authorization for transaction FB08"

  Hi Gurus,
  I am trying to cancel a SD invoice and am receiving the error message " no authorization for transaction FB08" is coming. Never has this happened in past, i have checked all the security authorizations also and they are in place. Accounting document status is showing as not cleared. Also, as per my understanding cancellation of invoice happens through VF11 which does not calls FB08. Please point out reasons as to why this could be happening and the possible solution thereof.
  regards
  Anmol Pareek

  Hi Anmol
  Once you got the error screen, immediately after that goto T code SU53 and expand all link. Take the screen shot and send it to your BASIS team to provide you proper access.
  Yes you are correct cancellation is done through VF11 but sometime some programs internally calls other T codes.
  take help of your basis team.

• Authorization for transaction VL09

  Hi Experts,
  I have a requirement to get authorization for transaction VL09 for specific user based on document type of the delivery. Please let me know is there any specific enhancement point or user exit to add authorization group for this.
  Thanks,
  Karthikeyan.

  Hi,
      Please check the below ...
  Enhancement
  V50S0001                                User Exits for Delivery Processing
  Business Add-in
  DELIVERY_ADDR_SAP                       Address Change in Delivery Processing
  DELIVERY_PUBLISH                        Announcement of delivery data during database update
  Regards,
  Srini.

• Maintenance of Authorization for transactions in CRM 5.0.

  Hi Experts .
  We are using CRM 5.0 with PCUI.
  TheBusiness  requirement is to maintain authorization for own transactions.the users who is involved in transactions should only be authorized to  Open & see the transactions.Other users who are not involved in partner function like "Assigned to" & "Account responsible " should not be able to open &  see the transactions like Activity .Lead , Opportunity ,Sales orders.& Service orders.System should give error message saying no authorizations.
  We tried with below authorization objects to achieve this
  CRM_ORD_OP (your own documents)
  - CRM_ORD_LP (organization levels)
  - CRM_ORD_PR (transaction type)
  - CRM_ORD_OE (sales area/service Org).
  - CRM_ORD_RL
  - CRM_ORD_RS
  But still system allows to open transaction belong to others.
  Is there any alternative to control this.
  Helpful answers would be rewarded max points.
  Thanks in Advance.
  Regards,
  Basavaraj Patil

  Hello
  in order to check authority object CRM_ORD_OE,
  CRM_ORD_OP and CRM_ORD_LP must not give authority. Please see
  online documentation for detailed information:
  http://help.sap.com/saphelp_crm40/helpdata/en/e9/
  b29a39e7aee372e10000000a11402f/frameset.htm
  Under the chapter 'Process Flow of Authorization Check in Business
  Transactions' you will find detailed explanations.
  I hope that I could be of help with that information. 
  Gerhard

• Authorizations for transactions MIR6/MIR4

  Hi All,
  Need help to setup a security rights for transactions MIR6/MIR4.
  Here is the situation:
  We have setup an user profiles which allow the users to access
  transaction mir6 (provide a list of Invoide Documents(BELNR)which will
  lead into transaction MIR4, but we only want this group of users have
  the ability to Held the document NO POSTING RIGHTS. I have set user with role:
  MM_RELEASE_INVOICE users can access
  Please advice on how to go around with this security problem.
  Thanks in advance.
  Srii...

  Hi,
  one possible solution (though not tested personally) is via
  badi INVOICE_UPDATE and method CHANGE_AT_SAVE.
  Within this method you can do something like:
      CHECK sy-tcode = 'MIR4' OR sy-tcode = 'MIR6'.
  * Get OK-CODE of the main window
      CONSTANTS: c_okcode(17) TYPE c VALUE '(SAPLMR1M)OK-CODE'.
      FIELD-SYMBOLS: <fs_okcode> TYPE ANY.
      ASSIGN (c_okcode) TO <fs_okcode>.
      DATA: l_okcode LIKE sy-ucomm.
      CLEAR l_okcode.
      l_okcode = <fs_okcode>.
  * Read user authorizations with FM
  * SUSR_USER_AUTH_FOR_OBJ_GET
  IF USER NOT ALLOWED.
  * Do not allow posting
        CASE sy-ucomm.
          WHEN 'BU'.
            CLEAR <fs_okcode>.
            MESSAGE e061(zxxx) RAISING error_with_message.
        ENDCASE.
  ENDIF.
  Best regards.
  Edited by: Pablo Casamayor on Oct 31, 2008 7:51 PM

• Authorization for transaction created in se80

  Hi all , i have created few transaction in se80 , now i want my transaction to run only if the person authorised for that is using that , means authorization for these  transactions so can i do this in this way, pls reply if anyone know the procedure

  Hi Ado,
  You also have disable other Auth. Objects (CRM_ORD_LP CRM_ORD_OP,CRM_ORD_TE), because they work together.
  Please, see screenshot under Business Transaction  ->Authorization Check in Business Transactions  -> Process Flow of the Authorization Check in Business Transactions:
  http://help.sap.com/saphelp_crm70/helpdata/EN/f6/57fa3ab5573919e10000000a114084/frameset.htm
  Regards,
  Vadim.

• Authorizations for transactions MIR6/MIR4/MIR7

  Dear Reader
  Need help to setup a security rights for transactions mir6/mir4/mir7.  
  Here is the situation:                                                 
  We have setup an AP user profiles which allow the users to access      
  transaction mir6 (provide a list of outstanding PARK document)which will
  lead into transaction MIR4, but we only want this group of users have  
  the ability to park/view the document NO POSTING RIGHTS. I have set the
  security on object M_RECH_WRK to 3 (display only) than it will cause the
  the other problem which is the user can not access transaction MIR7, BUT
  if I grant access 77 (pre-enter) to object M_RECH_WRK than the users can
  access transaction MIR7 AND HE HAS RIGHTS TO POST IN TRANSACTION MIR4. 
  Please advice on how to go around with this security problem.
  Thanks in advance.
  Regards
  Tony

  Have you got answer to this question, can you try to restrict the user based on authority object "F_BKPF_KOA", Its being checked while trying to post.

• Authorization for transaction types in webui

  Hi,
  we would like to set authorizations to create and edit only certain transaction types for some users.
  I tried with object CRM_ORD_PR
  activity 01,02
  transaction type Z1,Z2
  but on the webui all the transaction types are still available...
  what's wrong?
  Thanks, Ado

  Hi Ado,
  You also have disable other Auth. Objects (CRM_ORD_LP CRM_ORD_OP,CRM_ORD_TE), because they work together.
  Please, see screenshot under Business Transaction  ->Authorization Check in Business Transactions  -> Process Flow of the Authorization Check in Business Transactions:
  http://help.sap.com/saphelp_crm70/helpdata/EN/f6/57fa3ab5573919e10000000a114084/frameset.htm
  Regards,
  Vadim.

• Authorization for Transaction in BDC

  Dear All,
  We are facing a problem in our implementation. We have developed a Custom Program an in that we are using a BDC of Transaction FB60. However, the requirement is that if the user wants to run T.Code FB60 from SAP GUI straightaway; he/she should be stopped doing it. But if he/she uses that Custom Program (Z-Program), it should not stop them.
  Does anybody have the idea as to how the Authorization strategy can be devised for this kind of issue?
  Thanks,
  Shalin Shah

  Hi Shalin,
  Don't assign user the transaction code FB60  (S_TCODE should not have FB60). This will prevent the user to run the FB60 directly, however, you will have to add the required authorization objects manually so that the BDC program runs. (a quick authorization trace (ST01) would give you the auth objects checked)
  SU24 for FB60 : these should be added manually to user's roles.
  F_BKPF_BEK
  F_BKPF_BES
  F_BKPF_BLA
  F_BKPF_BUK
  F_BKPF_GSB
  F_BKPF_KOA
  F_FAGL_SEG
  Cheers !!
  Zaheer

• Missing authorization for transaction VC/2 (Sales summary)

  Hi Expert,
  I am running transaction VC/2, but I get the message VB500 "the list is incomplete due to missing authorizations".
  Via transaction SU53, I see that it is object M_INFO_MCB with auth. field MCINF which is missing.
  Do you know what this object field is about?
  Thank you.
  Kind regards,
  Linda

  Hi,
  First goto SUIM T.Code.
  click on "Authorisation Objects".
  Select "Authorization Objects by Complex Selection Criteria".
  Enter "M_INFO_MCB" as "Authorization object".
  Execute.
  It shows that this is related to "Evaluation: Evaluation Structure".
  The path is:
  SPRO>Logistics General>Logistics Information system(LIS)>Flexible Analyses>Select layout reports for evaluation structures.
  Maintain values here.
  Save.
  Regards,
  Krishna.

• Authorization For transaction

  Hi All
  I have an issue with authorization.
  Actually basis people blocking Standard trnsaction 'MB1A' and i am using in my report through call Transaction in BDC and when i am excuting report Authorization Error coming.
  Means i am not able to acess Transaction throuogh Report because its blocked by basis.
  So, Is it basis issue or ABAP issue?
  If basis issue please Provide me solution How basis Person can block Transaction Access directly but it should access through report.

  Check out the below notes:
  [SAP Note# 358122|https://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=0000358122&nlang=E]
  [SAP Note# 515130|https://websmp108.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=515130&_NLANG=E]

• Authorization for customized transaction

  Hi,
       In our system, developers create one transaction ZSIDUPDATE.
  Whenever I (Basis Admin) hit this transaction, error "No Authorization for Transaction" is occurred. I don't understand why the error is for authorization for this customized transaction because I have SAP_ALL & SAP_NEW profile.
     Can anybody give the solution?
  Regards,
  Rajesh

  Hello Rajesh,
  Check the report behind ZSIDUPDATE. I suppose there must be some kind of code which will allow only certain user to execute it based on their user ids. Either the user ids will be hardcoded or else they are being picked up from some table. This is not a classical authorization error. You may set a trace also but debugging is best. it will crack it open in seconds.
  Regards.
  Ruchit.

• No authorization for company code in MRBR

  Transaction MRBR is currently wide open. Anyone with authorization to this transaction can unblock invoices in any company code.
  Standard security profiles can only restrict users at universal (*) or purchasing group level. We require control on company code.
  OSS 399953 suggests creating validation rule (GGB0) to test user authorizations for transaction MRBR and authorization object F_BKPF_BUK.
  Can anyone supply the validation coding to solve this security problem?
  Is anyone familiar with this problem ? Do you have a solution ? also None standard SAP solutions are welcome
  Thanks in advance
  Greetings,
  Vincent

  Hi Vincent
  Another option could be to implement an authorization check in the BAdI MRM_RELEASE_CHECK - this is, of course not Standard.
  The code could look somthing like this:
  DATA: wa_rbkp_blocked TYPE mrm_tab_rbkp_blocked.
    LOOP AT i_rbkp_blocked INTO wa_rbkp_blocked.
      AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
               ID 'BUKRS' FIELD wa_rbkp_blocked-bukrs
               ID 'ACTVT' FIELD '02'.
      IF sy-subrc EQ 0.
        APPEND wa_rbkp_blocked TO e_rbkp_blocked.
        CLEAR wa_rbkp_blocked.
      ENDIF.
    ENDLOOP.
  Regards
  Morten Nielsen

• Authorization for KO01

  Hi
  I want to restrict authorization for transaction KO01 (Create Internal Order) by company code. IS it possible??
  WHen I add this transaction in a role, SAP proposes controlling area for org. Structure restriction.
  In our setup, we have single controlling area with many companies assigned to it. We want to create derived role for each CC by restricting it for I/O creation.
  Is it possible??

  Hi Dev,
            I have just gone throught this document . I hope it may answer your query.
  Link: [KO01|http://help.sap.com/bp_blv1600/BL_US/Documentation/Scenarios/V1H_IMPL_EN_US.doc]
  As we know we have tools to restrict the field use for particular log on by maintaining activties.For this purpose we use SU21 and SU20.I hope you will get some idea from the document i have send to you.
  We can also check the activity code for the KO01 using database table TSTCA.
  Please see point number 10 in the document.
  Have a best day ahead.

• List of users who have authorization for a particular transaction?

  Hi All,
  Can anyone guide me how to know the list of users who have authorization for a particular transaction?
  I need this to find out the list of authorizations that are obsolete ,when the particular trnsaction is obsolete in an Upgrade process.
  Thanks in advance.

  we can get the list of users for a particular transaction as below.
  get the tcode and place in AGR_TCODES and we get the list of roles .
  loop the roles and pass each role to AGR_USERS and we get list of users for that role.
  finally we got the list of users for that tcode.