Error in LIME Query-Authorization object C_Lime_Loc  cannot be checked..

Similar Messages

• Error in Transport of Authorization Object

  Hi,
  I have created a authorization object in my development and transported it to testing. In the transport log I can see that it was succesfully imported but I am not able to see the Authorization object in SU21 of testing system but I tried to see that Authorization object through SUIM and able to see that object.
  I tried to create a sample role and assign this authorization object manually to that role but not able to do that.
  Can any one help me in this issue.

  Hi Martin,
  Thanks for the reply
  Yes I forgot to transport Authorization class. I have done that now and able to access the Authorization object.
  Can you please let me know the complete process whether we have to transport only Authorization class...
  Then the Authorization object will be transported on its own..
  Thanks in advance

• Authorization object in procurement that checks user role

  Hi Experts,
     Please let me know if we have any standard authorization objects in the transactions PO or PR that checks the SAP User role. Authorization check can be done by sap role, we are not botherd checking on company code, purchase group and so on, Is there any standard procedure to find out that or any function module available to check that by passing user role.  << removed >>
  Cheers
  Mohan
  Edited by: Rob Burbank on Feb 19, 2010 12:24 PM

  easiest way to find all authorization objects is to execute SU24.
  There you enter the transaction code for which you want find the authorization objects.

• Authorization Object for Sale Organization check

  Hello all,
  I have create a Z Report.Now the requirement is that only certain users belonging to a particular Sales Organization can run that report.
  Which standard Authorization Objects can be used for this case.
  regards,
  Ujjwal Kumar

  P577815 wrote:>
  > Hey,
  > Thanx for your reply....)
  > Actly new to abap thats y not much idea.Instead of your Auth Obj,can i use V_KNA1_VKO.
  Hello,
  But V_KNA1_VKO also has these params:
  VTWEG      Distribution Channel
  SPART      Division
  V_VBRK_VKO also has only Sales Org(VKORG). I think that suits your req.
  But before deciding on the Auth. Obj please read the documentation & check that it suits your req.
  BR,
  Suhas

• Authorization object to display BSP check boxes

  Hello,
  I'm trying to find the authorization object so as to display the BSP check boxes. Because I can display BSP properly (I've BSP_APPL) but not the BSP check boxes. The user having all the autorizations, can see the cheks boxes ok.
  Please, can you help me?
  Thank you

  I'ts not a authorization object, just portal authorization. I'm going to open a new thread.

• Cannot find authorization objects

  Hi Experts,
  Im trying to configure SAP Integration kit for BO and while I am trying to configure my SAP account to use the required authorization objects I cannot find the following:
  ZCNTADMCES
  ZCNTADMJOB
  ZCNTADMRPT
  Thank you
  Andreas Kirtou

  Yes you are right.
  I accidentally missed transports
  Content Administration transport (K900579.r21 and R900579.r21)
  Personalization transport (K900580.r21 and R900580.r21)
  MDX Query Connectivity transport (K900581.r21 and R900581.r21)
  ODS Connectivity transport (K900582.r21 and R900582.r21)
  Thanks a lot

• Authorization Object parameters error

  In my program, I used Authorization object M_MATE_VKO
  My program checked using
  VKORG , ACTVT = "03" , VTWEG = '*'
  My User had been assigned with M1 - M7 (M1 to M7) for VTWEG.
  User not authorized, SU53 shows it required "*" for VTWEG
  Now, I modified the checks to
  VKORG , ACTVT = "03" , VTWEG = " "
  VTWEG is now a BLANK.
  User still not authorized, SU53 shows it required "-" for VTWEG (hyphen is this case)
  What should I do to allow "No checks" on VTWEG?
  Should I just used only VKORG and ACTVT with the objects which state 3 parameters?
  How do I code in order to allow User with the appropriate authorization to pass thru?
  Thanks
  bye

  Hi,
  If you don't want to check a value against VTWEG either take it out of the statement or use VTWEG = DUMMY.
  Regards,
  Nick

• "Some of the object names cannot be shown in their user-friendly form"

  Error states:
  "Some of the object names cannot be shown in their user-friendly form. This can happen if the object is from an external domain and that domain is not available to translate the object's name"
  We are receiving this error when we click on a group with ADUC and the members of that group were added from the trusted domain.  Domain A has a one way non transitive trust wtih domain B that is in place and active.
  We have checked every possible setting and configuration and cannot resolve this problem.  Domain A has Windows 2008 R2, domain B is 2003.  Domain A is at a windows 2008 functional leve, domain b is at a 2003 functional level.
  YOu can add account from domain B into domain A , but they immediately turn to SIDS once you hit "apply".
  Validated trust on both ends
  triple checked DNS and see no issues
  checked policies
  dcdiag returns no errors
  Could this be a bug with having a trusted domain on 2003 and the non-trusted domain on 2008 R2?

  Hi,
  This error occurs if:
  (1) the other domain is not available (meaning, not connected or name
  resolution is bad, etc)
  (2) the object in the other domain has been deleted
  (3) Broken secure channel
  Please refer to the below link:
  http://us.generation-nt.com/answer/objects-names-translation-help-77158972.html
  Regards,
  Yan Li
  If you have any feedback on our support, please click
  here
  Cataleya Li
  TechNet Community Support

• The enhancement object ENHS  cannot be read

  Hi Genius,
  When i am trying to create an enhancemant point in ECC 6.0, I am getting the below error message.
  The enhancement object ENHS  cannot be read.
  Exception of class CX_ENH_IO_ERROR.
  Source plug-in is not getting created.
  Anyone can help in this.
  Thanks in advance,
  Nithya

  Hi Nithya.
  I would like to suggest my opinion, as it is similar to your case.
  [SDN - Reference - Error Description - The enhancement object ENHS cannot be read - Exception of class CX_ENH_IO_ERROR|Enhancement Framework and Support Packs SAPKB70011-13;
  [SDN - Reference - Error Description - The enhancement object ENHS cannot be read|The enhancement object ENHS  cannot be read;
  Hope that's usefull.
  Good Luck & Regards.
  Harsh Dave

• Authorization object with no authorization field

  Hi Experts,
  I have created authorization object with no field checking.
  This is possible? Because i want to create this auth object for conversion only, and its not needed field checking.
  Please advice.

  Hi
  See this and do accordingly
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
  If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
  This means you have to allocate an authorization object in the definition of the transaction.
  For example:
  program an AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT <authorization object>
  ID <authority field 1> FIELD <field value 1>.
  ID <authority field 2> FIELD <field value 2>.
  ID <authority-field n> FIELD <field value n>.
  The OBJECT parameter specifies the authorization object.
  The ID parameter specifies an authorization field (in the authorization object).
  The FIELD parameter specifies a value for the authorization field.
  The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
  You program the authorization check using the ABAP statement AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
  ID 'ACTVT' FIELD '02'
  ID 'CUSTTYPE' FIELD 'B'.
  IF SY-SUBRC <> 0.
  MESSAGE E...
  ENDIF.
  'S_TRVL_BKS' is a auth. object
  ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
  The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
  This Authorization concept is somewhat linked with BASIS people.
  As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a  profile and that profile in turn attached to a particular user.
  Take the help of the basis Guy and create and use.
  Regards
  Anji

• Infoset Query Authorization

  Hi guys,
  I've created some infoset queries, and assigned those queries to specific user group. My purpose is to let only specific user group (e.g. Accounts User Group, to access only relevant queries)
  But later I found out, those users can actually switch to another group (at SQ01 -> Other User Group), and access those queries that they shouldnt be accessing.
  May I know if there's any way to prohibit this switch of group? Or is there any authorization that can be set?
  All ideas are appreciated. Thanks ^^

  Hi TY Ng,
  By including the InfoSet query in a role, you ensure that the InfoSet query is started with an InfoSet (and a query), and can therefore be easily used for appropriate reporting within the role.
  The basis for this is the assignment of user groups to roles, the option of calling the InfoSet query from different roles, and, in doing so, noting the specified context for this role.
  You assign user groups and InfoSets with transaction SQ10. You can also create and manage menu entries for the InfoSet query with this transaction.
  In order to include the InfoSet query in a role, you have to assign user groups first to the role and subsequently to one or more InfoSets.
  Check
  Please check administrator authorization for the SAP Query (authorization object S_Query, field ACTVT, value 23).
  Check whether the correct work area is set before you reassign user groups. If you call the role administration by using transaction SQ02 (see above), the work area set in transaction SQ02 is transferred.
  Hope you get some help
  Atul

• FIM MA Export errors. There is an error executing a web service object creation.

  While checking for the permission, we have figured that the Built-In Synchronization account is being deleted by an Expiration Workflow.
  FIM MA Export errors. There is an error executing a web service object creation.
  While checking for the permission, we have figured that the Built-in Synchronization account was deleted by an Expiration Workflow
  Is there a way to restore. Thanks.

  I would re-run FIM setup - I think it can re-create this account
  If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

• Authorization object for parameter transactions

  Hi all,
  I'm trying to restrict transaction VL10h for shipping point,this transaction is a parameter transaction and is not controlled by an authorization object directly.when I run a trace , transaction Vl10x shows up. The authorization object that is being checked is V_LIKP_VST.
  Note : The requirement is when the user executes transaction VL10h he/she should be able to display only those shipping points they are authorized to.
  Please advice.
  Thanks,
  Mohan.

  Hi Mohan,
  For transaction VL10H you can specify values for the following fields in authorization object V_LIKP_VST:
  -Activity:
  01     Create or generate
  02     Change
  03     Display
  04     Print, edit messages
  18     Deliveries from coll. proc.
  24     Archive
  25     Reload
  85     Reverse
  -Shipping point: Here you must set the restriction for each group of users that are allowed for the maintenance of the shipping points that are used for delivery processing.
  You can restrict the access through these fields.
  Regards,
  Leandro

• Authorization objects in PM notification

  Hello all,
  I would like to check if there is any possiblity to prohibit changing the line items of activities in PM notification thru security with authorization objects. I did checked with standard default objects and does not see anything related to activities.
  Basically I want to restrict changing the line items of activities
  Mahee

  Thanks fro your responses guys. I am not pretty sure SHD0 should work for me as it might totally disabled the entire line items before giving the input itself if I am correct. Basically I want to input the data first in activity tab and then upon save..it should be grayed out only for that line item so that nobody could change it.
  Pete - Will the mentioned user exit will work for this ?
  I am also trying to think about change log option to track the changes. But I could NOT able to see the values populated in old value and new value in change log...is there any config to be made ? If I got this, I would go with this option rather blocking it..as we always have a track that who made the changes to it.
  Mahee
  Edited by: maheee on Feb 16, 2011 7:51 PM

• PT60 the field Personnel Area( PERSA ) of the authorization object P_ORGIN

  Hi,
  When running transaction PT60 the field Personnel Area( PERSA ) of the authorization object P_ORGIN is not checked.
  I have run SU24 ,the objects are there with chech indicator of authorization object = "CHECK".
  What can I do about it ? Is there any note to fix this ?
  thanks!
  Olivia Yang

  Hi,
  In object P_ORGIN what you need to check for authorisation is it on Personnel area or PSA.Actually we have org.key for authorisation which is define in P_ORGIN.If you can define org. key as PA/PSA/EG/ESG you can check the authorisation for specific users.
  Regards,
  Snita