CRM 5.2 UI Authorization Object- sy-subrc= 12

Hi,
Iam working in CRM 5.2 UI, I have created a custom authorization object for my IC application. Now when i use/check them for authority to enable/disable my buttons in the UI, iam getting sy-subrc = 12 .
How can i get over this problem. Please provide me with a solution. Points would be rewarded surely.
Thanks & Best Regards,
Harish P M

Closing as it was not replied.

Similar Messages

  • How to use CRM authorization object.

    Hi All,
    I have a specific requirement to restrict user while he/she tries to save a record. It appears that if that restrictions are implemented the save logic for an entity has to be changed because there are some validation regarding relationship management in SAP system. SO I need to bypass that validation to allow some users of specific(Marketting) role to save the entity record bypassing that validation. here I am planning to use the CRM authorization objects. But dont know how to use these and which authorization object to refer.
    Please let me know if you guys have any idea.
    Regards,
    Bikramjit.

    Hi Bikramjit.,
    You might need to create a Custom authorization object and then use it. Else you can create one Z table and maintain the User ID of all users. The mainatin one field with flag and set it to X for the user that are aloowed to save the transaction.
    Also once you maintain the table, generate the table maintenance so that it becomes easier for future use.
    Hope this helps

  • What is the transaction to see the Authorization objects in the CRM system?

    Hello Guys,
    Please let me know transaction code to see the Authorization objects in the CRM System?
    Thanks in advance.
    Regards,
    Vinay

    Hi Nagur,
    With T.Code SU21 you can see the Authorization objects in the CRM System. If you want to see Authorizaion object for a particular Transaction Code then the T.Code is SU24
    Thanks & Regards
    Shiva Vekat

  • Authorizations in CRM 2007 - How to check missing authorization objects?

    Hi,
    In our project we are currently busy with the set up of authorizations.
    I did create the necessary PFCG and Business roles.
    For the PFCG roles, I did create all of them by copy of the standard SAP_CRM_UIU_FRAMEWORK so that the user can  access to the web layout.
    Now I need to give authorizations for other CRM objects, my question is: How can I see which objects are missing to displaying or creating activities in the new WEB Layout?
    In the old days we used the SU53 to check the authorization objects that were missing, how can we do it now in this new release? I tried it and didn't worked out.
    Thx
    Regards
    Hugo

    Hi,
    For report CRMD_UI_ROLE_PREPARE you have to input a business role - not a PFCG role. Are you doing that?
    Are you getting no results at all in ST01 or are all results just with return code 0?
    You have to remember to set a filter for your user in ST01 before activating the trace. Another thing to check is if you are using several application servers. I would imagine the trace has to be activated on the same application server as the Web UI. You can change the application sever in SM51.
    /Anders

  • Mass update to FILENAME field in S_DATASET authorization object

    We are migrating to a new fileserver with a new hostname, and so I've been asked to update about 1900 instances of the S_DATASET authorization object for the new FILENAME value.  I'd like to do this programmatically if possible.
    What I've learned so far is that I need to update the value in table USR12, but the value is encoded.  When I look at the table in SE16, I do not see the encoded value field.  The value does show in UST12, but I'm told this is an unreliable table.
    So I'd like to know..
    1. How can I look at the value if not in SE16?
    2. Is there an API I can use to encode/decode the value?  If not, where is the specification on how to build it?
    If this is better addressed in a different forum, which one should I try next?
    Thanks,
    Dan

    Hi there,
    Okay I started a few tests and made a bit of progress, but am running into the problem that if I don't check the authority first using the FM and want to test what happens when the user is not authorized, then the bugger dumps (as expected and mentioned in the note)...
    But the behaviour as you have described:
    >
    > Path                   Saveflag  Fs_noread Fs_nowrite Fs_Brgru
    > =============================================================
    > *                                 X         X            DUMY
    > /temp/FI/..                       X         X            DUMY
    > /temp/FI               X                                 FIFI
    >
    ... is correct, and I found something interesting in the F1 on the spth-path field which explains this.
    > Caution:
    > - If you enter paths generically in the table SPTH, the most precise specification counts.
    > - If you select the no-read or no-write fields in the table SPTH, this overrides the authorization group.
    So, the DUMY is not needed as the check does not use it in those cases, and "/temp/FI/.." is anyway more specific than "*" so the system would have used it for DUMY anyway. But that is irrelevant... because if the begru field is empty in the FM, then the check is not performed.
    So, the only check which is effective to protect the path, is:
    Path                   Saveflag  Fs_noread Fs_nowrite Fs_Brgru
    =============================================================
    /temp/FI               X                                           FIFI
    ... and the "fs_noread" and "fs_nowrite" flags should be understood as "no protectable authority to read" and "no protectable authority to write" and not the activity field which the authority is being checked against. This is coming from the S_DATASET check (which is already known at that time to the function module).
    Using these flags, you can leave the entries in the table without having to delete them if you want to turn them off and on temporarily. Perhaps an "active / inactive" switch would have been clearer...
    form CHECK_PERMISSION using ISPTH_HEAD type SPTH
                                MODE       type CLIKE
                                SUBRC      type SY-SUBRC.
    data: ACTIVITY like AUTHB-ACTVT.
       SUBRC = 0.
       case MODE.
         when 'R'.
              ACTIVITY = '03'.
         when 'W'.
              ACTIVITY = '02'.
         when 'D'.
              ACTIVITY = '02'.
       endcase.
       if ISPTH_HEAD-FS_BRGRU <> SPACE.  "Here it is... for BEGRU checks there must be a value...
          authority-check object 'S_PATH'
              id  'FS_BRGRU' field ISPTH_HEAD-FS_BRGRU
              id  'ACTVT'    field ACTIVITY.
           if SY-SUBRC <> 0.
              SUBRC = 3.
           endif.
       endif.
    endform.
    Cheers,
    Julius

  • Issue on authorization object

    hi all,
      in me52n transaction, in account assignment tab there is field called costcenter. its  field name is kostl and strucutre is cobl. now i have requirement to create an authorization object on this costcenter. that is for example , if i try to make any changes in the cost center field it should allow me to do it. but if some others are using it should not allow them to make any changes. plz let me know the solution how to do step by step. points will be awarded . this is urgent requirement. plz reply fast.
    thanking u in advance,
    a.srinivas

    Hi deniz,
    Use this to set up the autherisation object
          AUTHORITY-CHECK OBJECT '<objectname>'
                          ID 'ID FIELD SY-UNAME.
          IF SY-SUBRC NE 0.
            MESSAGE S999 WITH 'You are not Authorised to change entries'.
            EXIT.
          ENDIF.
    Inform the Basis team to assign the role only to ur id...so that no other person wil u autherized
    Award points if useful
    Regards
    Gowri

  • BP Authorization Object

    Hi,
    I have the necessary CRM authorizations to create Business Partners of type person in roles such as employee, contact person, general using the BP transaction.
    I have now activated the role 'Internet User'. While I can see this role in the 'Create in Role' dropdown on the BP creation screen, I cannot create a BP of type person in this role.
    I get the error message: "You are not authorized to maintain user data".
    Are there any additional authorizations that I require to be able to assign this role to a business partner?
    Thank you,

    But you could assign different values of B_BUPA_FDG authorization object for different authorization profiles. For example:
    Profile 1: B_BUPA_FDG
    Values:    FLDGR= FLDGR1  (Defined in IMG)
               ACTVT= Display
    Profile 2: B_BUPA_FDG
    Values:    FLDGR= FLDGR1  (Defined in IMG)
               ACTVT= Change
    User Group 1 -> Profile1
    User Group 2 -> Profile2
    However probably the best solution for your requirements will be the GuiXT Tool.
    You can find more information about this tool in <a href="http://www.synactive.com">http://www.synactive.com</a>. You will be able to assign different scripts to different user groups.
    Message was edited by: Javier Merino Vivar

  • CRM 7.0 BP Authorizations

    Hi Guru's
    In CRM 7.0 WEb UI I want to restrict users access to a Maintain or Display BP's
    I want to be able to restrict based on:
    BP Type                     (Person, Org, Group)
    BP Partner Type       
    Is there standard authority objects I can use for this, or must I develop custom.
    Many Thanks in advance
    Panduranga

    Take a look at the following authorization objects:
    - B_BUPA_CRI
    - B_BUPA_FDG
    - B_BUPA_GRP
    - B_BUPA_RLT
    - B_BUPA_BZT
    Regards.

  • How to use Standard Authorization Object 'M_MATE_WRK'  in SE38?

    Hi all,
    We have developed one program which calculates the commercial price of the material   
      and update the same in the material master.
    Now we want to implement authorization checks at Plant Level.
    For this purpose I am Using 'M_MATE_WRK' which is standard authorization object.
    But in my Program when I am checking for it, its giving the sy-subrc value as 0.
    This indicates that either it is successful or the object is not active for this particular  program. In my case I know that its the second case only.
    So now somewhere i need to 'Check' this object for this particular Program.
    I have checked SU22 , SU24 but couldn't figure out where should i do the respective  setting.
    I am working on ECC 6.0
    Please help me on this.
    Bare with me if i am asking a silly question.

    Hello All,
    The Problem is resolved now.
    Actually it was the first case only.
    When i created the new user id and checked i realized that its working fine and there was
    some mistake while checking previously.
    Anyways thanks for ur reply.

  • Authorization object for plant on selection-screen

    Hi All,
    I need to cehck the authorization object for plant on sleection screen..the palnt is select-options.
    I have written the code
    Declaration of local constants.
      CONSTANTS : lc_i(1)  TYPE c VALUE 'I',
                  lc_eq(2) TYPE c VALUE 'EQ'.
      REFRESH : r_werks.
      LOOP AT s_werks.
        IF s_werks-low IS NOT INITIAL.
          AUTHORITY-CHECK OBJECT 'M_MATE_WRK'                "Check if the user has autorization for the plant.
                               ID 'ACTVT' FIELD '03'
                               ID 'WERKS' FIELD s_werks-low.
          IF sy-subrc NE 0.
            r_werks-sign   = lc_i.
            r_werks-option = lc_eq.
            r_werks-low    = s_werks-low.
            APPEND r_werks.
          ENDIF.
        ENDIF.
      ENDLOOP.
      LOOP AT s_werks.
        IF s_werks-high IS NOT INITIAL.
          AUTHORITY-CHECK OBJECT 'M_MATE_WRK'                "Check if the user has autorization for the plant.
                               ID 'ACTVT' FIELD '03'
                               ID 'WERKS' FIELD s_werks-high.
          IF sy-subrc NE 0.
            r_werks-sign   = lc_i.
            r_werks-option = lc_eq.
            r_werks-low    = s_werks-high.
            APPEND r_werks.
          ENDIF.
        ENDIF.
      ENDLOOP.
    My doubt is will the authorization will check the plants in between 1001 and 2001..suppose i have pplants 1001,1002,1003,1004,2001..Now will the above code will check for all the plants or only 1001 and 2001 if i specify in the select-options.
    Regards,
    raj

    Hi Raj
    First no need to LOOP AT s_werks and check s_werks-high as it will always be present only once in the table s_werks.
    Do this
    SELECT werks FROM t001w INTO li_werks
    WHERE werks IN s_werks.
    LOOP AT li_werks.
    *check your authority thing here and fill the range
    ENDLOOP.
    Pushpraj

  • Authorization object coding in ABAP report

    Hi,
    I am working on a report. The output of the report is details regarding vendor based on purchasing organization. When user executes the reports, they should be only able to see details if they are authorized to (create, change and display) for the purchasing org of vendor.
    The authrorization object by SAP security team is 'M_LFM1_EKO' for standard access to vendors (via MK01, MK02 AND MK03).
    How can I use same authorization object to do check in my program for the user in ABAP so that if user is not authroized he will not be able to see details during output for those vendor.
    Regards,
    Tgshah.

    Hi ,
    Basically you need to call Authority-check using the pattern option and then pass the object name and field name .If the user has been assigned that object in his profile sy-subrc will succed otherwise fail .
    AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'
             ID 'ACTVT' FIELD '1/2/3'
             ID 'EKORG' FIELD 'value of purchase organization'.
    IF sy-subrc eq 0 .
    WRITE :'authorization' .
    ELSE .
      WRITE 'no authorization' .
    ENDIF.
    The below lonk explains it more ...
    [http://help.sap.com/saphelp_40b/helpdata/fr/d4/e02c7dd435d1118b3f0060b03ca329/content.htm]
    Thank you .
    Anjaneya .

  • USE Standard Authorization object in Z Program

    Hi Experts,
    I have already checked other threads regarding this but could not resolve my problem.
    I have created a Z program to update Material Master. I need to use the Authorization object  M_MATE_STA in my program for performing authorization check. Please help me how can I do that?
    Thanks

    hI,
       below is a similar code...
    CONSTANTS:  lc_authobj  TYPE char15 VALUE 'F_BKPF_BUK',
    AUTHORITY-CHECK OBJECT lc_authobj
               ID lc_id_bukrs FIELD v_bukrs
               ID lc_id_actvt FIELD lc_activity.
      IF sy-subrc NE 0.
      ENDIF.
    Amol

  • Authorization object not to allow certain user to enter sloc PO

    Dear All,
    i have manage to go su21 to create under mm purchasing authorization object called Y_BEST_LOC with Acty and LGORT field. other than that i have insert check item under program RM06ENHI. after that i go to su24 to assign the transaction code check for me21 and me22. under field value for me21, my new object i want to assign value (interval) = $LGORT, but don;t know how so i leave it blank.
    Come to user profile i adding this object into the authorization to check, and put in only allow for 0001 and 0002 location. But the user still can save the PO when choose 0004 without error. I want to know missing step that should be done to prevent certain user to order under 0004 storage location.
    Kindly suggest and guide me. thanks in advance
    Regards
    Aishah

    ME21/ME21N doesn't even check if the material is extended to the storage location entered in the PO. I don't think what you did is enough to restrict users per storage location, you need to find a user exit or BAdi and do the authorization check in the your custom code
    AUTHORITY-CHECK OBJECT 'Y_BEST_LOC'
             ID 'ACTVT' FIELD '01'  "Create
             ID 'LGORT' FIELD '0002'. "Storage Location 0002
    IF SY-SUBRC = 0.
    " User has authorization
    ELSE.
    message 'Not authorized for storage location' type E
    ENDIF.
    You may have to use the following Business Add-in (TCode SE18)
    ME_CHECK_ALL_ITEMS                    :  Run Through Items Again in the Event of Changes in EKKO

  • Authorization Object for Marketing Attributes

    Hi Experts,
    We are working with CRM 2007 and use in BP Marketing Attributes. Does someone know if there are any authorization objects for Marketing Attributes? We would like to restrict some of users to see some Attribute sets!
    Thank you in advance,
    Roula

    Hi Roula,
    Thank you so much for awarding points.
    Please note that in Transaction PFCG you have to assign the appropriate three digit attribute set key under the authorization group BGKRL to the authorization object C_KLAH_BKL for assigning attribute sets and to the authorization object C_KLAH_BKP for editing attribute sets.
    Please have a look at the Note in the bottom of the page at the following link for further information.
    http://help.sap.com/saphelp_crm60/helpdata/en/46/3517cc86e01421e10000000a1553f6/frameset.htm
    Regards,
    Deepak

  • Authorization Object for Update Function Module

    Hi
    I have a Update Function Module and that FM should be executed based on the Authorization Object .
    I had created a Auth Object with Proper roled assigned to user and i also  did the following
    AUTHORITY-CHECK OBJECT <Obj Name>
               ID 'ACTVT' FIELD '38'.
    If Sy-subrc EQ 0.
    <Process the following>
    End IF.
    But the Auth Object is not working correctly like in the ebugging eventhough my role is not assigned to this Auth Object
    it is giving me sy-subrc as 0 (but in my case it must be not be zero.)
    Is it anything like Auth Object wont work on Update function Module or else is there any different approach we need to follow
    to acheive the functionality .
    Kindly share the inputs
    K.Nadesh Kumar

    Hi
    The issue is resolved
    K.Nadesh Kumar

Maybe you are looking for

  • HT4241 Can I connect audio to the TV for later model MacBook Pros?

    I have a mid-2009 MacBook Pro and I got an HDMI mini Displayport to HDMI Adapter, but the audio doesn't transfer. Any idea if I need a different cord/cable etc?

  • Async- Sync without using BPM

    Hi experts, could you please suggest if is it possible to implement asyn sync scenario without using BPM. If answer is yes then how to go about it My Scenario is : File ->RFC ->File thanks in advance francis

  • Oracle Standard Manager Hang

    Good Day every One , Am working on Oracle Application 12.1.3 And Database 1.2.0.3 And OS RedHat 6.1 I had this problem my standard manager have too many pending request and there is no one can see the output of the oracle requests because all of them

  • Display Not As Bright??

    Hey, I got my macbook in like april, and although i haven't noticed it when i've been using it, my brother recently got the same macbook as mine(black) same specs too 2.4ghz, 2g of ram, 250HD and so far. Last night I had them side by side because i w

  • Can a host help me?

    I am very new to apple and the apple discussion board but with that being stated, I am feeling my way around and I enjoy reading and replying to the apple discussion boards. Today I posted a question that may or may not have been apple related but be