ChaRm Authorizations  tracing LL_TGT

Similar Messages

• ChaRM - Authorization for RELEASE_ALL

  Hi experts
  In a Normal Correction scenario when the tester confirms positive test results he does set status to "consolidated" / E0009.
  In the background ppf action RELEASE_ALL gets triggered which releases the transport in developement system.
  Does anybody know what exact auth.object(s) is required to perform this action?
  ST01 and SU53 both do not show anything useful.
  Quick response is highly appreciated.
  Thanks!
  Regards,
  Chris

  OK, I got what I have been looking for.
  It's object B_SMAN_WPL. But I think there is a bug.
  If you open the search help (F4) the system shows a list of task plans. When you select one and press the green hook you will get an error message. Now after adding the name manually (for instance M000001212) you can save that value without a prob.
  But when it comes to releasing the transport requests at a later point within your ChaRM scenario you will get an authorization issue and no transports will be released since you got no permissions to any task plan. Surprise surprise...
  My colleague called it a feature but I think he does not tell the truth....

• CHARM Authorization issue

  Hi ,
  We have implemented CHARM.
  In our scenario we have custom partner function like SME who is part of every Change Request.
  The issue when they try to change the priority of the ticket to 1 or 2. and pop saying that you dont have authorization to set priority as 1 or 2 is displayed.
  Even if a person is not part of change request same error is displayed but they can changed the priority between 3 and 4.
  Please advice where to check this configuration.
  Regards
  Abhishek

  Hello Abhishek,,
  Check authorizaitons for boject b_userstat and B_USERST_T  B_USERST_T - SAP Solution Manager - Security and Authorizations - SCN Wiki B_USERSTAT - SAP Solution Manager - Security and Authorizations - SCN Wiki
  BR,
  K.

• ChaRM - Authorization Object to show documents in CRM_DNO_MONITOR

  Hi folks,
  does anyone know which auth. object or other prerequisite is needed to show documents in transaction CRM_DNO_MONITOR?
  To our needs the SAP ChaRM default roles do not fit. So I am building roles from scratch (basically).
  Auth. trace via ST01 did not show anything relevant when executing tx: CRM_DNO_MONITOR.
  Sol Man 7.0, ST400-0017, BBPCRM500-0012
  Any help is appreciated.
  Thanks in advance.
  Edited by: Christian Kaunzner on Mar 9, 2009 10:28 AM

  Hi,
  I would still recommend to use SAP Standard roles as backbone and build on with your custom roles. Make a copy of standard roles. Creating from scratch would again have the same auth. objects that are available in standard roles.
  >
  Christian Kaunzner wrote:
  > To our needs the SAP ChaRM default roles do not fit. So I am building roles from scratch (basically).
  Can you let us know, how you want your roles to be defined?
  Feel free to revert back.
  -=-Ragu

• CHARM: two Change Managers in an solution manager -  SDMN user statuses

  Hi to all
  I'm trying to handle two change Managers in the one CHARM client , each of them has own project and own system landscape for which he is responsible. I'm trying to restrict them, with well known charm authorizations of Change Manager,  in a way that each of them  should be able to handle just his own project and project assigned  SDMN transaction type.   
  So far I've managed to restrict Change Manager to just one Task list with the  authorisations object B_SMAN_WPL  but this authorizations object is related just to the SDMN Task list but  not to the User statuses of the SDMN transactions type!!
  If you will restrict Change Manager role  just to one task list (for example M*11)  with the above auth.  object (B_SMAN_WPL) it will be able to handle just this task through the SDMN drop down actions  task "Go To Task List" no others task list should be usable. So in this case your Change Manager is restricted to just one Task list. Thanks to "B_SMAN_WPL"!!
  But
  ....if the  same Change Manager should go to edit  the new SDMN transactions (for example with the task list M*22) , Change Manager should not be able to edit/change, the Task list itself (he is restricted by B_SMAN_WPL ), but it should be able to change User Status of corresponding  SDMN! - To Move phases back and forth!?? How Come?
  How can  we  restrict Change manager to be able to handle just SDMN - which belongs to the certain project that is defined inside of authorization object S_PROJ_GEN.?
  waiting for SDN response )

  I've just returned from the Hyperion conference here in South Africa. In one of the papers presented a BI consultant was using dynamically updated MaxL scripts to update dimensions and members within them. She had developed a VB front-end with MS Excel as the back-end. She was using the excel to pass parameters to the MaxL scripts and so controlling what was being updated on the model. The VB front end only allowed certain dimensions to be updated.Regards,Fraser

• BSP authorization

  HI
  I want to display one Link in BSP page for one user/role ,and want to hide the same link for other users/roles.
  Please tell me the way or code for this because i am new to BSPs.
  Sachin

  Hi
  I have a similar problem. Created a user in SAP CRM Backend. Assigned and transferred role and user assignment from EP to SAP, then followed by WP3R. Then when I login to EP with this user, it gives me an 500 SAP Internal Server Error... RABAX_STATE.
  Is this linked to an authorization problem??
  Question : In a transfer of role from EP to SAP with the authorization tracing activated, shouldnt the backend system generate ALL the necessary authorization objects necessary for the user to access the iViews in EP??

• Restrict Business Content Activation

  Does anyone know of a way to restrict business content activation while still allowing developers to maintain objects in BW 7.0?  I ran a trace while someone was activating an InfoObject and didn't see anything that I could use to achieve this level of control.  If I remove the S_RS_ADMWB Maintenance (ACTVT=23) authorization for INFOOBJECT, then that stops the activation; however, we want our developers to be able to maintain existing InfoObjects.  We just don't want most to be able to activate business content.
  Thanks,
  Gail

  Thanks for your response, Raghu. 
  We have our own SAP development team at my company and don't typically use many consultants.  It has always been our philosophy to allow our SAP developers to have comparable access across all our SAP development environments (e.g., ECC development, BW development, etc.) for cross-training purposes.  But in reality, only a handful of our developers are very knowledgeable in our BW environment; we call them our "BW Administrators".  These BW Administrators have concerns that one of the other developers who has played around in the BW environment but isn't all that knowledgeable might activate business content without realizing the implications of what they're doing.  We would like for all of our developers to have RSA1 etc. so they can learn more about BW; however, per request of our BW Administrators, we want to restrict them such that they can't activate business content.  But as you said (and per authorization tracing that I've done), there doesn't appear to be a way to restrict them from activating business content without also restricting them in other areas where we don't want them restricted.  I guess we'll have to rely on administrative controls (i.e., training).
  Gail

• Maintenance cycle linking to change request

  hi all,
  we have copied std change request sdcr to zdcr and have modifed it by adding action and conditions to it. please advice on the following:
  -  when creating a followon document, i am not getting a pop up window asking for selection of maintanance cycle. whereas i am getting the pop up window for standard change reuqest. am i missing something here.
  Points will be awarded for helpful answers.
  regards,
  imran

  Hello Imran,
  As far as the maintenance cycle and my knowledge concern, this maintenance cycle pop up should come when Change Manager (user in ChaRM) authorizes the Change request Document created by Service Desk Employee provided the required authorizations are given to Change Manager. Please let me know the authorizations for Change Manager in your system. If it is a sandbox or development system, you can try assigning the sap_all to change manager and check whether maintenance cycle pop up coming or not.
  Hope it helps.
  Regards,
  Satish.

• No administration authorization in Change and Transport System in CHARM

  Hi guys,
  I am currently working for CHARM implementation for ECC 6.0
  now my problem i created an urgent correction  and i released the transport request successfully, but when i try to execute the Pass correction test action it is saying that No import into test system has taken place yet. then i went to task plan and checked there in quality system it is saying No administration authorization in Change and Transport System.
  So i asked my basis team to assign the S_TMW_IMPORT profile to user TSADM in 000 client of quality system and additinally our basis team has assigned S_CTS_ADMI. authorization object to TSADM user ID in 000 client of quality system. But SAP has suggested to assign S_CTS_IMPALL and S_CTS_IMPSGL authorization profile to S_CTS_ADMI.
  But the problem is S_CTS_IMPALL  and S_CTS_IMPSGL authorization profile is not available in 000 client of quality system.
  Kindly give your valuable inputs as early as possible. the solution provided by anybody will be rewarded with points.
  Thanks&Regards
  Raju

  can you try assigning the below profiles to that ID.
  S_TMW_OPERA     
  Operator in CTS (All Transport Authorizations)
  S_CTS_ALL     
  Transport system: All authorizations
  S_CTS_DEVELO     
  WBO: Profile for developers in P systems (incl. tasks)
  I too have checked and i did not come across the profiles nor objects S_CTS_IMPALL and S_CTS_IMPSGL .
  Where did u get the message that they have to be imported ?
  Hope it helps.
  Award points for the replies that are helpful to you.
  Rgds,
  Sri

• ChaRM Process Flow and user authorizations

  Hello!
  I configured ChaRM functionality within SAP Solution Manager 4.0 (SP 13).
  I have the following question about the appropriate authorizations in CharM:
  <b>- What are the steps and made by whom?</b>
  (from create a service Desk message in satelite system to create, approve and process Change Request e.g. urgent correction in SAP Solution Manager)
  - <b>How is responsible for the creation of a change request e.g. urgent correction?</b>
  (SAP_SOCM_REQUESTER
  SAP_CM_ADMINISTRATOR_COMP
  SAP_CM_DEVELOPER_COMP)
  - <b>Does some documentation exist describing the assignment of authorization roles (e.g.SAP_CM_ADMINISTRATOR_COMP)to the tasks in ChaRM?</b>
  E.g. for Requester, Approve person, Developer, End User,..
  Thank you very much!
  regards
  Thom

  Hi Sid,
  There is a concept called transport of copies (ToCs) which will help you in this situation.
  Transport of copies can move the changes to TEST environment when ChaRM project is "in development".
  Transport of copies can move chang only to next system i.e. TEST and cannot move further to production system.
  Developers can test and revert back the change untill test is successful without any effect on the flow of the change documents. Once development is as per requirement, regular transport request can be released from D -> Q -> P.
  Thanks,
  Ambarish

• Documentation for SolMan / ChaRM Security Rolls / Authorizations

  Good Day;
  I am currently setting up all the roles / authorizations for the different areas within Solution Manager / ChaRM.
  I have been looking for a u201Cdetailedu201D document on all the security authorizations for Solution Manager / ChaRM. So far the only document I am able to find is the Security Guide for SAP Solution Manager 4.0 as of SP 15.
  If there are more detailed documents, would someone point me in the right direction.
  Regards
  Don

  Thanks Roel;
  I am looking at user role authorizations.
  The first thing I want to setup is the Team leader roles.
  I need the team leader to have the ability to do the following
  1.Create Issues
  2.Create change requests
  3.Change the status of a change request to u201CIn Developmentu201D
  4.Create transports and tasks
  5.Release transports
  The Team leader will not have the authorization to u201Capprove u201C change requestsu201D 
  Thanks Again
  Regards
  Don

• Security Authorizations in SolMan / ChaRM

  Good Day All;
  I am trying to get a handle on the security settings within Solution Manager / ChaRM.
  Would some be so kind as to point me in the direction of some documentation on this subject.
  Regards
  Don.

  Thanks Roel;
  I am looking at user role authorizations.
  The first thing I want to setup is the Team leader roles.
  I need the team leader to have the ability to do the following
  1.Create Issues
  2.Create change requests
  3.Change the status of a change request to u201CIn Developmentu201D
  4.Create transports and tasks
  5.Release transports
  The Team leader will not have the authorization to u201Capprove u201C change requestsu201D 
  Thanks Again
  Regards
  Don

• ChaRM Import Authorizations

  Hello!
  To preface, I am recently out of college, and am relatively new to SAP/Security.  I ask that any replies explain not only the what, but the why, so that I may gain a better understanding.  Thanks!
  Our security team is looking to put some restriction on importing corrections into production systems.  Basicially, we've been using a custom version of SAP_CM_ADMINISTRATOR_COMP.  We would like to continue using this base composite, but remove the abliity import the correction into production (and leave this authority to a select group of people).  All of the other authorizations should remain.
  What roles/objects could one look to restrict/remove to achieve this?  Has anybody implemented a similar customization?
  Thanks in advance!

  Hi,
  make it easy, CHARM is completely role based. as per this, I could say import of TR to production done either by IT Operator or Project Manager.
  Hence instead of assigning the COMP role assing the appropriate role to the relevant person like below
  SAP_SOCM_IT_OPERATOR  Import corrections into the production system
  SAP_SOCM_PRODUCTION_MANAGER  Import corrections into the production system
  SAP_CM_SMAN_PRODUCTIONMANAGER  Accept imports into the production system
  check here more http://help.sap.com/saphelp_sm32/helpdata/en/45/cb27429d16db2ce10000000a1550b0/content.htm
  Let me know is that answer your query.
  Thanks.
  Jansi

• Authorization of ChaRM based on Ibase

  Hi All,
  we have two landscape wherein the action profiles, transaction type everything is the same. the only difference is the Ibase and maintenance cycle.
  without Authorizations it iw working fine.
  Now coming to the Authorization part many of the users are same for both the landscapes. The change manager in one project is developer in another project.
  So it was decided to restrict the users based on Ibase. But I was not able to find any authorization object related to Ibase in standard roles.
  Kindly advice wht might be the best solution for the given Requirement.
  Thanks in advance for the help.
  Regards,
  Subhashini.

  Hi Christian,
  The object B_NOTIF_IB is not filtering the users based on IBase. Actually the authorisation object allows us to change the Ibase components.
  Is there any other object other than this that can be used for the given requirement.
  kindly advice in this regard.
  Regards,
  Subhashini.

• SolMan 4.0 CHaRM / CRMD_ORDER: Authorize Change Request by CALL TRANSACTION

  After creating a Change Request I need to execute the <b>action "Authorize"</b> by some kind of CALL TRANSACTION but until now I have not found a solution for this. There are a few forum questions similar to this one but all I've seen are still not answered.
  The problem is caused by the <b>Toolbar Control</b> in screen "Edit: Normal Correction nnn": the dropdown and select actions are not recorded by the Batch Input Recorder and are not executed, the following function code "SAVE" therefore does not work as needed (thus creating the CRM service process and Task List).
  To find out what the <b>event handling</b> really does in order to make SAVE work is handicapted by this: I have not been successful in debugging the execution of the event handler.
  Before I start to search for more details (which might turn out as a very time consuming advanture) I would like to ask for some help of you. If you have any idea on how to solve the problem, sharing your expertise would be appreciated. Thank you.

  No further interest in this topic