Authorization Problem for Ztcodes

Similar Messages

• Archive Link Authorization problem for Business Partner.

  Hi Experts,
  Currently we are attaching documents to respective objects through Tr. OAWD & these documents are available in service for object as attachment, until this it is working fine.
  But we are facing problem of authorization for archive link of ISU- Business Partner. Letu2019s say we had two users USER-A & USER-B responsible to upload documents of Business partners started with 1 & 2 respectively.
  We needed authorization control for USER A&B so that,
  USER-A should upload documents for Business Partner 1001 to 1999
  & USER-B should upload documents for Business Partner 2001 to 2999
  we need to know can we restrict USER A&B so that they can not upload documents for Business Partner for which they are not responsible. we allready checked the roles "SAP_BC_SRV_ARL_*  " but not found useful to restrict USER A&B.
  Thanks in advance....

  Hi Sam,
  as this sounds like you search for suitable authorization objects I think that the authorization trace in transaction ST01 could be useful for you. For further information please see the following link: http://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationTraceintransactionST01
  Best regards,
  Christoph

• Authorization-problem for standard users when running WDR_TEST_ZCI

  hi
  we've developed a WDA application incorporating several interactive forms. it all runs fine in QA--environment when a user with developer-role are running the application, but when standard users are running it, it fails.
  the same happens with the demo-app WDR_TEST_ZCI.
  i so belive this to be caused by missing authorizations for the users. can anyone shed any light on which these might be?
  the error as reported in the browser:
  The following error text was processed in the system Q97 : Access via 'NULL' object reference not possible.
  The error occurred on the application server xx-x168_Q97_05 and in the work process 0 .
  The termination type was: RABAX_STATE
  The ABAP call stack was:
  Method: PARSE_XML_SCHEMA of program CL_WD_ADOBE_SERVICES==========CP
  Method: GET_SCHEMA_VERSION of program CL_WD_ADOBE_SERVICES==========CP
  Method: CONSTRUCTOR of program CL_WD_ADOBE_SERVICES==========CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/LADOBE==================CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/LADOBE==================CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L7STANDARD==============CP
  Method: IF_WDR_VIEW_ELEMENT_ADAPTER~SET_CONTENT of program /1WDA/L8STANDARD==============CP
  any input appreciated.
  cheers
  tom

  Hi Tom,
  When you are familiar with authorizations in PFCG trabsaction you are finaliar with S_DEVELOP if not ask the authorization team on your project.
  Basically this authorization object handles the read/write etc authorization related to devlopment objects. If you implement Adobe forms you will probably develop your own forms or at least copy the SAP forms to customer namespace.
  For Adobe you will therefore have 2 custom development objects (1 for the form and 1 for the interface that is automatically generated). The end-user shoulf have at least READ access to these objects. If not the portal will trow an error on this.
  To determine the tech names of the objects find the form and related interface in transaction SFP. These should be inserted in the object S_DEVELOP in the role for the end users.
  You may want to consider to put the value Z* in the object which will give authorization for all the custom developed objects.
  If you can't find the object reply again and i will send a screenshot.
  Finally, make use of the splended transaction ST01!! It will make your life a lot more easy in portal! It traces all the authorizations needed and missing for any user you specify. After activating the trace and running a portal scenario the log will tell you want went OK and what not on an authorization object level.
  Good luck,
  Thomas
  ps. Thanks for the appreciation you gave in my other thread. Now we have the answers in both threads as well. Take Care.

• Authorizations problem for Product Hierarchy

  Hi,
  We have a requirement in which we need to restrict authorization for the product hierarchy based on secret products. The material object has an attribute called secret indicator which has Y/N values. We need to restrict the users based on this attribute. The restriction should be such that the users should not even be able to see the nodes for secret materials in the product hierarchy if they are not entitled to it.
  Any pointers ?
  Thanks
  Shailesh

  Can you create two different hierarchies, one with secret nodes and one without? Then you could create an authorization object on the Secret attribute and check the authorization in a user exit.
  You would then use a user-exit variable that is filled automatically (no user input) and fill it depending on the authority check with hierarchy 1 or 2.
  You could also write an ABAP that filters the secret products out of the first query. It is a bit complicated.
  Best regards
    Dirk

• Authorization problem for idoc scenario

  HI,
  Can some one tell me what are the authorizations required to post a custom idoc to R/3 from XI ? I have done a scenario like file->IDOC(custom).When i execute the scenario it is successful in MONI. When i execute the transaction IDX5 in XI, i am seeing the status as No authorization to send IDocs with message type ZMASEMPDETAILSMT....Any help on this will be appreciated.
  Regards,
  Sudheer.

  Hi,
  Please check SAP/ERP
  WE20 navigate to logical system and check the INPUTPARAMETER (ZMASEMPDETAILSMT must be a value there)
  ON XI check WE21 (define a port to your ERP)
  On XI create CC IDOC receiver and point to this port
  Helpful Link:
  https://websmp202.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_OBJECT=011000358700003604082004E
  Daniel

• I can't synchronize my iPod's with my iTunes software (Windows Vista Home Premium) due to problems with the access authorization / rights for this operation

  Hi there,
  I'd like to ask you something:
  I'm trying to synchronize all my iPod's (I have as many as 4 iPods: 2 iPod touch a 8 GB each and 2 iPod classic a 160 GB each) with my iTunes software (Version 11.3.1 which is installed on a Windows PC (Windows Vista Home Premium)). Unfortunately, the iTunes software refuses to run the command "synchronize with the iPod connected" regarding each and every iPod I have. iTunes just declares:
  Synchronizing is impossible because I wouldn't hold the access authorization / rights for this operation.
  I uploaded the songs at issue to my iTunes folder from CD's (all songs are in AAC format now).
  What is this access authorization, why was something like that invented and what can I do to get it?
  How do I have to proceed in detail?
  What would it cost?
  I am brand new here and have never ever made a post in any support community anywhere in the world in my life. Well, and I am not excessively knowledgeable about the particular computer or mac language but I know the very basics or can find out about them.
  Anyways - can you help me please?
  If you can't help me, who can do so?
  It would be nice if you could answer me as soon as possible!
  Thank you guys
  Prying Pedro

  Yes, others have experienced the problem, a simple search of the forums would have revealed that and the simple solution.
  Termporarily disable any security software on the computer.

• Authorization Problem (I am Using Authorization For Custom Forms)

  Hi All,
  I am Using Authorizations To My Forms (I created One Addon For This Addon I am Using Authorization).I created Authorization For My Addon But While Working It Showing Some Errors
  . In My Addon Four Forms are there For  this four forms I am Using Authorization based on usres some screens only super  user can access. normal user he is not a super user he  cliekd on that authorization form it shows one message  Your not a authorized user to permitted this operation in this message box we have two butons one is ok button and one is Authorized by another user . When i clicked on Ok Button  I am getting error Internal error (-10) occured [131-183]. Please give me Your Valable Suggestion.
  I am waiting for  your Reply.
  Thanks & Regards
  Naresh

  I am using Sap Authorizations For My Custom Form  See The Code Also U Can Get Clear Idea
  Private Sub CustomAuthorization()
          Dim li_RetVal As Integer
          Dim pUserPer As SAPbobsCOM.UserPermissionTree
          Try
              pUserPer = Me.SBO_Company.GetBusinessObject(SAPbobsCOM.BoObjectTypes.oUserPermissionTree)
              'Purchase Indent
              If pUserPer.GetByKey("NHCL_PM") = False Then
                  pUserPer.PermissionID = "NHCL_PM"
                  pUserPer.Name = "Purchase Module"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  li_RetVal = pUserPer.Add()
              End If
              'Purchase Indent ->New Purchase Indent
              If pUserPer.GetByKey("NHCL_PM_NPI") = False Then
                  pUserPer.PermissionID = "NHCL_PM_NPI"
                  pUserPer.Name = "New Purchase Indent"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  pUserPer.ParentID = "NHCL_PM"
                  pUserPer.UserPermissionForms.FormType = "2000010002"
                  li_RetVal = pUserPer.Add()
              End If
              'Purchase Indent->View For Approval
              If pUserPer.GetByKey("NHCL_PM_VIE") = False Then
                  pUserPer.PermissionID = "NHCL_PM_VIE"
                  pUserPer.Name = "View For Approval"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  pUserPer.ParentID = "NHCL_PM"
                  pUserPer.UserPermissionForms.FormType = "2000010003"
                  li_RetVal = pUserPer.Add()
              End If
              'Purchase Indent ->Selection For RFQ
              If pUserPer.GetByKey("NHCL_PM_SEC") = False Then
                  pUserPer.PermissionID = "NHCL_PM_SEC"
                  pUserPer.Name = "Selection For RFQ"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  pUserPer.ParentID = "NHCL_PM"
                  pUserPer.UserPermissionForms.FormType = "2000010006"
                  li_RetVal = pUserPer.Add()
              End If
              'Purchase Indent ->Purchase Quotation
              If pUserPer.GetByKey("NHCL_PM_PUR") = False Then
                  pUserPer.PermissionID = "NHCL_PM_PUR"
                  pUserPer.Name = "Purchase Quotation"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  pUserPer.ParentID = "NHCL_PM"
                  pUserPer.UserPermissionForms.FormType = "2000010007"
                  li_RetVal = pUserPer.Add()
              End If
              'Purchase Indent ->Final Quotation
              If pUserPer.GetByKey("NHCL_PM_FIN") = False Then
                  pUserPer.PermissionID = "NHCL_PM_FIN"
                  pUserPer.Name = "Final Quotation"
                  pUserPer.Options = SAPbobsCOM.BoUPTOptions.bou_FullNone
                  pUserPer.ParentID = "NHCL_PM"
                  pUserPer.UserPermissionForms.FormType = "2000010008"
                  li_RetVal = pUserPer.Add()
              End If
          Catch ex As Exception
              Dim ErrCode As Long
              Dim ErrMsg As String
              Me.SBO_Company.GetLastError(ErrCode, ErrMsg)
              Me.SBO_Application.StatusBar.SetText("Authorization Problem" & ErrCode & li_RetVal, SAPbouiCOM.BoMessageTime.bmt_Short)
          End Try
      End Sub

• Custom authorization provider for WL7 problem (not getting all parameters from ContextHandler)

  I'm implementing a custom authorization provider for WebLogic 7.
  In my Access Decision isAccessAllowed method I need to check values of
  the parameters passed to an EJB method. Now, if an EJB method I have
  two parameters of the same type, for example int, when I get
  ContextElement array from ContextHandler and iterate through it to get
  names and values of the parameters I get the same value (value of the
  first int parameter) from both ContextElement's.
  Here is the code:
  String [] names = ch.getNames();
  for (int i = 0; i < names.length; i++)
  String name = names;
  System.out.println("name = " + name);//here it gets array of
  Strings, which contains two parameter names: "int","int",
  which are the types of EJB method parameters
  ContextElement[] ces= ch.getValues(names);
  for (int j = 0; j < ces.length; j++)
       ContextElement ce = ces[j];
       System.out.println(ce.getName()+ " = " + ce.getValue());
  //here if the value of the first int was 2 and the second 0,
  it would get 2 from both ContextElements (each of ContextElements will
  have name "int"
  If I try this with method parameters of different types, for example
  int with value 2 and long with value 0, then this code work fine -
  first ContextEleement has name int and value 2 and the second has name
  long and value 0.
  Thanks,
  -Oleg Kozlov.

  I'm implementing a custom authorization provider for WebLogic 7.
  In my Access Decision isAccessAllowed method I need to check values of
  the parameters passed to an EJB method. Now, if an EJB method I have
  two parameters of the same type, for example int, when I get
  ContextElement array from ContextHandler and iterate through it to get
  names and values of the parameters I get the same value (value of the
  first int parameter) from both ContextElement's.
  Here is the code:
  String [] names = ch.getNames();
  for (int i = 0; i < names.length; i++)
  String name = names;
  System.out.println("name = " + name);//here it gets array of
  Strings, which contains two parameter names: "int","int",
  which are the types of EJB method parameters
  ContextElement[] ces= ch.getValues(names);
  for (int j = 0; j < ces.length; j++)
       ContextElement ce = ces[j];
       System.out.println(ce.getName()+ " = " + ce.getValue());
  //here if the value of the first int was 2 and the second 0,
  it would get 2 from both ContextElements (each of ContextElements will
  have name "int"
  If I try this with method parameters of different types, for example
  int with value 2 and long with value 0, then this code work fine -
  first ContextEleement has name int and value 2 and the second has name
  long and value 0.
  Thanks,
  -Oleg Kozlov.

• How to get all authorization objects for a certain authorization profile

  Hi ABAP experts,
  I have the following problem: for a certain authorization profile of a role (created with transaction PFCG) I would like to get all contained authorization objects: e.g. for the contained object PLOG I would like to know/read all corresponding parameter values.
  So:
  - where are these values stored (dictionary table)?
  - is there already a FM or a report to read all authoriation values for a certain authorization profile?
  Thanks in advance.
  Best regards,
  Oliver

  Hi,
  check the following it might useful for you:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a92195a9-0b01-0010-909c-f330ea4a585c
  if helpful reward points are appreciated

• Authorization Group for G/L Account

  Hi,
  What?
  - I wish to restrict the 'posting' of a G/L account to be done by certain users only
  How?
  - What I have done was...
  a) From FS00, I have added a free-text (BANK) into the Authorization Group for a G/L account
  b) From PFCG, a new role was created to allow these 2 Authorization Objects, F_BKPF_BES and F_SKA1_BES
  c) 'BANK' was entered for the Authorization Group for both these 2 Authorization Objects
  d) From there, I have assigned this new role to the user that I wish to allow Posting of the G/L account
  Problem?
  - Other users still can do Posting for this G/L account
  - Any steps which I have missed out here or done wrongly?
  Thanks,
  Brandon

  Hi,
  Some other roles of the users may override and cause the users to post against this GL account.
  Check all the roles relevant for the restricted users. 
  Use SUIM t-code to find if the auth object mentioned above is included in any other role.
  If it be, restrict that again.
  Generally if one role as no restriction against this auth and not all, this issue tends to happen.
  Regards,
  Sridevi

• Analysis Authorization Problem

  Hy, i have create a Analysis Authorization object ZCOMPCODE with 0COMPCODE as characteristic.
  So i assign this object to a users and i create a variable to filter 0COMPCODE with processing type "authorization".
  The problem is that when execute the BEx query i receive the message : No authorization.
  When assign 0BI_ALL to user the ZCOMPCODE has not effect but the query run correctly.
  How can i resolve this serious problem?
  Regards,
  Andrea Maraviglia

  Dear Andrea,
  When you have a problem with authorization data access, may be you need check the following stuff:
  1 All InfoObjects are relevant authorization (see Business Explorer the check box authorization relevant for each InfoObject Tcode RSD1) which these are part of InfoProvider where query request data. It is very important, because you have to include all of this InfoObject (Characteristic) in your analysis authorization.
  2. Remember add the standard characteristic. 0TCAACTVT (3 value), 0TCAIPROV (InfoProvider Tech Name), 0TCAVALID (* value).
  3. In each characteristic relevant authorization, I suggest that add the colon “:” value to avoid problem with variable authorization in the query.
  4. Furthermore, the user need one role for standard object authorization: 
  . S_RS_COMP (Activities 03, 16)
  . S_RS_COMP1 (Query owner)
  . S_RFC (BEx Analyzer or BEx Browser only)
  . S_TCODE (RRMX for BEx Analyzer)
  I hope that can help you!
  Luis

• Authorization object for running a report in background

  Good day experts,
  I tried running a report in background, I choose immediately so that it doesn't have to be scheduled. But when I checked it in my own jobs, It remains at scheduled status. When I tried it on my admin account, It works and with status finished. It seems to be an authorization problem. What object could I be missing with my user account? I tried S_TCODE SMX and SP02 but still not working.
  Thanks in advance!

  Hi karshbax,
  What you're looking for is authorization object S_BTCH_JOB. You need authorization for field JOBACTION = RELE.
  In future use transaction SU53. It shows last error authorization error, so if this is authorization problem then after try of manual releasing of job you'll find in SU53 precise info what went wrong.
  Best Regards
  Marcin Cholewczuk

• How I fixed my authorization problem

  There have been many posts on the authorization problem that has cropped up since the latest update of iTunes, and there doesn't seem to be universal cure. I fought it myself for a couple of weeks, and recently fixed it on my PowerBook and thought I would share it with others.
  The common theme here seems to be that it affects people who have had more than one account in iTunes. For the record, I have NEVER purchased music from the iTMS using a different account, so I was confused as to why this was happening to me.
  I have two Macs in play here: an older eMac at home and a PowerBook G4. My initial iTunes library started on the eMac, and then I moved it to my PowerBook a little over a year ago when I bought it. I purchased music from the iTMS on both Macs, using the exact same account.
  When I upgraded iTunes on my PowerBook, I reauthorized using my only account, and the music that I had purchased since I transfered my library worked just fine. The music that I had purchased on my eMac simply would not authorize!
  It dawned on me yesterday that I setup a .mac account on my PowerBook several months ago, although I never used it in the iTMS and I never used it on the eMac at home. I also realized that I had NOT run iTunes on the eMac since the most recent upgrade.
  I installed the iTunes upgrade on my eMac, and proceeded to authorize it with my only known iTMS account. No issues, and all purchased music was auhtorized, including songs that would not play on my PowerBook.
  On my PowerBook, I decided to authorize using my .mac username and password, even though I have NEVER used it to purchase music. I didn't even own that account when the music files in question were purchased. As I suspected though, the authorization went through and I can now play all of my purchased music from iTMS.
  When I try to step through this logically, it makes my head hurt. There is definitely a major problem with Apple's DRM authorization relationship somewhere, as there should be no reason at ALL for any of my music to require my .mac account.
  I don't know if this will help anyone, but if you're struggling with it and you have a .mac account, give it a shot and it might work.

  The fact that you saw no glitches while running Logic before applying the update means almost nothing because that uses only a small subset of system resources. Far more significant is that Safe Mode restored some missing functionality: because it disables non-essential items like user fonts, third party drivers, & so on, it points to problems in those areas.
  Equally significant, the fact that there are relatively few reports of post-update problems among the several million Snow Leopard users points away from the update itself as the cause of your problems.
  Separate & apart from that, it so happens that I'm a sound engineer/system designer/board operator with nearly 40 years of professional touring experience. FWIW, I never have & never will update the software of any system I must rely on professionally (whether it is running on a Mac, a PC, or dedicated hardware) unless & until I can thoroughly test it first and I have a trustworthy backup/recursion strategy to fall back on in case of problems.
  I strongly suggest you learn from your unpleasant experience & do the same. I have had far fewer problems with Macs than with PC's, but nothing is 100% reliable to begin with. Changing the OS software part way through the tour is just asking for trouble, no matter how reliable that has been in the past. Even if the budget allows for nothing better than a stack of burned CD's & a couple of consumer grade CD players, no professional tour can afford to be without some fallback strategy in place. That should be self-evident & require no warning from Apple or anybody else.

• TS1811 Hi!! I am a user of i Pod 5g 32GB....I got the same problem for which the solution is given above....but the thing is that.......in my laptop I have a windows operating system....that is windows 7....so can you explain how to do settings in Windows

  Hi!! I am a user of i Pod 5g 32GB....I got the same problem for which the solution is given above  "
  iTunes for Mac reports error -50 when trying to authorize iTunes Store purchases
  "....but the thing is that.......in my laptop I have a windows operating system....that is windows 7....so can you explain how to do settings in Windows 4 same

  Archived - iTunes for Mac reports error -50 when trying to authorize iTunes Store purchases
  Products Affected
  iTunes 7 for Mac, iTunes 8 for Mac, iTunes 9 for Mac
  This article has been archived and is no longer updated by Apple. 
  Symptoms
  After installing the Mac OS X 10.4.9 Update, iTunes may be unable to properly authorize your computer to play your iTunes Store purchases.
  Resolution
  The following steps will delete your network preferences. Most broadband connections do not require any special settings to connect, but if your connection does or if you are not sure, please contact your ISP or network administrator for further assistance.
  Important: You must be logged in as an Administrator.
  Click the Finder icon in the Dock.
  Choose Go to Folder from the Go menu.
  Type /Library/Preferences/SystemConfiguration
  Click Go.
  In the Finder window, locate the file named NetworkInterfaces.plist.
  Drag this file to the Trash.
  Restart the computer.
  Once your computer has restarted. You will not be able to connect to the Internet. Now you will need to refresh your network settings to be able to connect again.
  Choose System Preferences from the Apple menu.
  Choose Network from the View menu.
  To refresh your network settings, from the Location pop-up menu, choose New Location.
  Type a name for your location and click OK.
  Click the Apply Now at the bottom right to accept the changes.
  If your network connection requires any special settings, you will need to put them back in at this point. Once you have made these changes you should be able to connect to the Internet again and authorize your computer to play your iTunes Store purchases.

• Authorization problem when using the Transaction Launcher

  Hi All,
  We have an authorization problem when we call a transaction (EL37) in ECC from the IC Web Client.
  We believe that we have done all the necessary customizing in CRM and when we press the link in the Navigation Bar we are asked to logon to our ECC system. After logging on, we get an error message saying that "You do not have authorization for transaction EL37". If I then enter the transaction directly in the white command field in top of the ECC screen, then I have no problem calling the transaction.
  My user has SAP_ALL, so it shouldn't be a problem with the authorizations. Maybe it has something to do with the transaction IC_LTXE? I have also tried to add this transaction to my user profile, but that didn't help.
  Does anyone have a suggestion for how to fix this problem?
  Kind Regards,
  Gitte.

  Hi,
  I have found the solution for the problem myself. The transation code in the Transation Launcher Wizard must be written in capitals! We had entered 'el37' and have now changed it to 'EL37'.
  Best Regards,
  Gitte.