F-32 Tcode Authorization
Dear Sir,
For F-32 Tcode Authorization.
I Require the control to be available on PROFIT CENTER. specifically Dummy Profit Center.
I request you to kindly guide me as such a control can be made available .
With Thanks and Regards
Suman A
Read some documentation
- [Creating a Customer-Specific Authorization Object|http://help.sap.com/saphelp_47x200/helpdata/en/9e/74ba3bd14a6a6ae10000000a114084/frameset.htm]
- [Validations, Substitutions, and Rules|http://help.sap.com/saphelp_47x200/helpdata/en/9e/74ba3bd14a6a6ae10000000a114084/frameset.htm] and [Validation|http://help.sap.com/saphelp_erp60/helpdata/en/eb/13795543c411d1896f0000e8322d00/frameset.htm] in [Profit Center Accounting (EC-PCA)|http://help.sap.com/saphelp_erp60/helpdata/en/eb/13706b43c411d1896f0000e8322d00/frameset.htm]
Regards,
Raymond
Similar Messages
-
Custom Tcode Authorization Error
Dear Security Gurus,
We are getting an authorization while testing Custom Tcode. This tcode is used for Uploading data.
The authorization error shows missing Activity field value and a field called Operating Concern.
The SU53 and the Trace(ST01) show the same error even though the role that is assigned to the user has exactly the required values.
Also Authority Check in the Program of the tcode is maintained for only the Activity field and Operating Concern field.
Hence we are unable to figure out why the auth. issue occurs even though the role assigned to the user has the missing values
Please let me know how I can resolve this authorization issue.
Regards,
ArjunHi ,
Below is the Authority check section of the tcode :
START-OF-SELECTION
PERFORM F_AUTHORIZATION_CHECK
AUTHORITY-CHECK OBJECT 'YTIPRC01' ID 'CEERKRS' FIELD P_ERKRS ID 'ACTVT' FIELD '01'
PERFORM UPLOAD_DATA
CALL FUNCTION 'GUI_UPLOAD'
AUTHORITY-CHECK OBJECT 'S_GUI' ID 'ACTVT' FIELD '60'
Even though I have the ACTVT value 01 and the corresponding CEEKRS (Operating Cncern ) Value in the role I still get the error.
Thanks,
Arjun -
BDC without tcode authorization
Dear Freinds,
how to run bdc program at end user end who dont have tcode (MM02)authorization ,please give me the function or or abap code or ay other way so tht i can bypass this authorization check process.
Thanks NaveenHi,
Simply create a program and use inside CALL TRANSACTION tcode USING bdc_tab . This overcomes authority checks as long as it is configured to do so. Check transaction SE97 where you can switch that off (by default it is off). Then the user, who is not allowed to enter MM02 mormally, will be able to run this program and access tcode without authority check.
Regards
Marcin -
Tcode authorization without any role or profile
Hi Experts ,
Can you please suggest on authorization issue , if observed that one Tcode not given in to any roles or profile but some user still using this authorization.
When I checked role and profile for such user using the SUIM still it shows no data.
So is there any other way to assign direct Tcode without using any role or profile.
Thanks in advance .not sure how you are using SUIM to check, just to be sure, use the complex selection method or the authorization values method. the by transaction method only check for transactions that were added via the menu.
look for object= S_TCODE, value=(the transaction code)
SUIM will then calculate if the transaction code was added manually and as part of a wild card or a range.
i.e. if the transaction was MM02 it will be accessible if the S_TCODE had
wild card value M*, MM*, MM0* or
range value A*-Z*
Otherwise, it is possible that it was called indirectly and the BADI does not perform a S_TCODE check. -
Transaction Launcher - TCode Authorization Issue for ERP transaction
We are trying to implement an ERP transaction in the CRM WebUI via the transaction Launcher. Everything has been set up properly and the transaction appears in the nav bar. I am running it to launch a new window. When i click on it, a new window pops up, with transaction IC_LTXE and an error saying
*"You do not have authorization to view transaction ZSD_IC".*
Everything seems to be set up properly and we can access the transaction with the same user id in ERP. He has SAP_ALL.
Does this have anything to do with IC_LTXE? Is there anything special i need to do to assign proper authorization to this user.
Thanks,
jeremyHello Jeremy,
We are trying to execute R/3 transaction from Transaction Launcher but we are facing problems.
In order to execute transactions from TL we have copied object TSTC to ZTSTC in both systems and use the method Execute to be used from Transaction Launcher customizing. Then we have customized T. Launcher in order to get two links, one to R3 transaction (using the object ZTSTC, method execute and XD03 as value parameter) and one to CRM transaction (using the object ZTSTC, method execute and CRMD_MKTDS as value parameter).
When we execute the TL link to CRM, transaction works properly through ITS, but executing the link to R3 transaction we receive the following popup message:u2018Logged Off Successfully. You have been logged off from SAP NetWeaver Application Server.u2019 the screen gets in blank and no further actions are executed.
In order to correct the fail we have implemented these notes, but the problem still remains.
0001224663 Launch of Front Office with Transaction Launcher fails
0001263716 Launching Front Office Process using Transaction Launcher
Based on your experience could you help us to get the right configuration to reach R/3 transaction through Transaction Launcher.
Thank you very much in advance.
Best regards. -
Hi experts,
I have one small but a bit complicated requirement.
We are dealing with shipment(VT02N) and delivery(VL32N). First we are displaying a report in which delivery and shipment related to that delivery are displayed. Now there are four case: -
Case 1: -
Delivery A is open in edit mode and another user tries to open the same delivery in edit mode. User will get message that delivery "Delivery A" is under processing by another user and display delivery in . It is working fine.
Case 2: -
Shipment A is open in edit mode and another user tries to open the same shipment in edit mode. User will get message that delivery "Shipment A" is under processing by another user. It is also working fine.
Case 3: -
Delivery A is open in edit mode and another user tries to open the shipment related to this delivery in edit mode. User should get message that delivery "Delivery A" related to shipment "Shipment A" is under processing by another user. This is where I need help.
Case 4: -
Shipment A is open in edit mode and another user tries to open the delivery related to this shipment in edit mode. User should get message that shipment "Shipment A" related to delivery "Delivery A" is under processing by another user. This is where I also need help.
Can any one please help me that which function module and what line of codes can help me?
Thanks
SiddarthI got no resolution from forum but one of my senior team member resolved it.
-
List of new tcodes in BI 7.0
Hello All,
we are planning to upgrade from BW3.5 to BI 7.0 , i want to know list of new tcodes which will be coming to BI envoirnment,
please tell me know what all are new tcodes, authorization objects,fields are coming to BI7.0 also i have run SU25 but i can not find RSECADMIN in any roles , please suggest where can i find all the new tcodes .
Thanks
DKHi DK,
please go through the links.
Re: TCodes and Tables
TCODE's in BI 7.0
Authorization - BI 7.0
Hope this helps u.
Thanks,
Sai Chand -
No authorization for changing Customer Centrally- Idoc in Error Status 51
Hi Experts,
We are implementing MDM for one of the client.
The client runs a modification scenario in MDM for Customer Master.
He modifies a customer record in MDM and this record is transfered from MDM to ECC via PI through Idocs.
We are using standard Idocs for Customer Master which is DEBMDM
There are 2 Idoc's generated in ECC by PI from DEBMDM as DEBMAS and ADRMAS.
ADRMAS Idoc is succesfull in ECC and the corresponding record is modified.
Now the issue is that the corresponding DEBMAS Idoc goes into Error 51.
The Error details is as below:
No authorization for changing vendor Centrally
Message no. F2326
System Response
You cannot access the requested data.
Procedure for System Administration
If necessary, include an entry in the user's authorization profile for
the authorization object and parameters specified below.
Authorization object:
o F_KNA1_APP
Parameters:
o Activity: 02
o Application authorization : *
We gave the respective authorization object to the RFC User ID used in PI RFC created to connect to ECC.
Also we have given the user id Tcode authorization like XD01/02/03.
But this error still persists.
Request to throw some light on this.
Cheers
DhwaniCheck these threads
[Re: IDOC STATUS - 51 " IDOC HAS TEST STATUS|IDOC STATUS - 51 " IDOC HAS TEST STATUS";
[Error Inbound IDoc - Status 51|Error Inbound IDoc - Status 51;
thanks
G. Lakshmipathi -
5.2 -- GOTO SE16 and enter TSTC for TABLE NAME. TCODE FIELD /VIRSA*
Should the following tcodes work? If so, how do I troubleshoot the ones that don't work? If not, how do they get configured to work? Can someone provide a link for documentation?
TCODE TTEXT
/VIRSA/ALERTGEN Activity Monitoring
/VIRSA/MICCONFIG Virsa MIC User mapping Configuration
/VIRSA/ORGUSRMAPPING Maintain ORGUSERS table
/VIRSA/RE_DNLDROLES Role Expert 4.0
/VIRSA/VFAT Firefighter
/VIRSA/VRMT Role Expert
/VIRSA/ZMGMTRPT Management Report Graphical View
/VIRSA/ZRTCNFG Risk Terminator Configuration
/VIRSA/ZRTDELLOCK Delete Role Lock
/VIRSA/ZRTRGLOG Risk Terminator Role Generation Log
/VIRSA/ZVFAT_U02 FirefightId Log summary
/VIRSA/ZVFAT_U03 Reason/Activity report
/VIRSA/ZVFAT_U04 FirefightId Transaction Usage
/VIRSA/ZVFAT_U05 Invalid Firefighter Ids/Owners/Cntrl
/VIRSA/ZVFAT_U06 SOD Conflicts in Firefighter
/VIRSA/ZVFAT_U07 Data Migration from Master to Text
/VIRSA/ZVFAT_V01 Log Report
/VIRSA/ZVFAT_V02 Log Report
/VIRSA/ZVRAT SAP Compliance Calibrator
/VIRSA/ZVRATBAK1 Update data for Mgmt Graphical View
/VIRSA/ZVRAT_C01 Security & Controls Policies
/VIRSA/ZVRAT_COVN Conversion of CC tables, Old to New
/VIRSA/ZVRAT_D01 Download Spool Requests by Job Name
/VIRSA/ZVRAT_L01 Conversion Utility for CC Text Table
/VIRSA/ZVRAT_L02 Conversion Utility for Long Texts
/VIRSA/ZVRAT_M01 Upload/Download CC tables
/VIRSA/ZVRAT_M02 Where Used list of Mit. Control Id/M
/VIRSA/ZVRAT_M03 Analyze disabled SOD TCode & Object
/VIRSA/ZVRAT_M04 Optimizer for SOD Data Table
/VIRSA/ZVRAT_M05 Where Used list of Control Id/Monit
/VIRSA/ZVRAT_MG1 Management Cockpit
/VIRSA/ZVRAT_P01 Display changes to Profiles
/VIRSA/ZVRAT_R01 Count authorizations in roles
/VIRSA/ZVRAT_RB2 Rule Architect
/VIRSA/ZVRAT_RB3 Rule Architect Conversion
/VIRSA/ZVRAT_S01 Monitor Conflicts & Critical Trans.
/VIRSA/ZVRAT_S021 Monitor Conflicts & Critical Trans.
/VIRSA/ZVRAT_S03 Download Objects for Tcodes
/VIRSA/ZVRAT_S04 SOD Conflicts for TCodes and Objects
/VIRSA/ZVRAT_S05 SOD Rule Wizard
/VIRSA/ZVRAT_S06 SOD Rule Validation Tool
/VIRSA/ZVRAT_S07 Non Reference Report
/VIRSA/ZVRAT_S08 User Access Report
/VIRSA/ZVRAT_S09 Comparing diffrent SOD Matrices
/VIRSA/ZVRAT_S10 Tcodes by Roles/Profiles, never exec
/VIRSA/ZVRAT_S11 Authorization object by Roles/Profs
/VIRSA/ZVRAT_S12 Transactions executed by Users
/VIRSA/ZVRAT_S13 Comparing Critical Tcode Matrices
/VIRSA/ZVRAT_S14 Comparing SOD Authorization Matrices
/VIRSA/ZVRAT_S15 Compare Sod Tcode & Authorization
/VIRSA/ZVRAT_S16 Comp.Calibrator Data Maintenance
/VIRSA/ZVRAT_U01 Count authorizations for Users
/VIRSA/ZVRAT_U02 Analysis of called trans in Cus.code
/VIRSA/ZVRAT_U03 Management Report
/VIRSA/ZVRAT_U05 Expired and Expiring Roles for Users
/VIRSA/ZVRMT_U01 Check Role Status
/VIRSA/ZVRMT_U02 Check Tcodes in Menu & Authorization
/VIRSA/ZVRMT_U03 Compare Users Roles
/VIRSA/ZVRMT_U04 List roles assigned to a user
/VIRSA/ZVRMT_U05 Where used list for roles
/VIRSA/ZVRMT_U06 List roles and transactions
/VIRSA/ZVRMT_U07 Create/Modify Derived Roles
/VIRSA/ZVRMT_U08 Analysis of Owners Roles and UsersHi Greg,
Most of the TCodes work but they are not being used. Which products do you currently have? Most of these tcodes are obsolete as they were part of old Virsa products. Here is the explanation:
-> At the start, Virsa had five different products namely Compliance Calibrator (CC), Fire Fighter (FF), Role Expert (RE), Risk Terminator (RT) and Access Enforcer (AE). Except AE, all other products were developed into SAP R/3 using ABAP so the transaction you see are coming from those four products. As of now, CC and RE has been moved to Java (same as AE) but RT and FF still reside in ABAP side.
-> You should be able to configure Tcodes related to FF and RT. You do not need to configure Tcodes for CC and RE.
-> You must be wondering how did you get all these Tcodes? Through the RTA (Real Time Agent) you have installed for GRC AC 5.2 in your SAP backend system. Even though, AC 5.2 does not need full blown products in the back-end, RTA still contains all of those products.
-> To start using these products, you will have activate BC sets. I do not recommend you to use CC and RE, if you are already using those products via Web front-end. FF and RT has some pretty good features.
-> Please follow AC 5.2 configuration guide to configure FF and RT.
If you don't want to use any of these, don't bother. These tcodes don't affect anything in your system.
Regards,
Alpesh -
Maintain Authorization for Master Data
Hi Experts,
We are implementing PM Module to our client now i want to know.Is there is any relation of PM Team to Maintain Authorization for Master DataPFCG Transaction Code.I want to know for creating the Role for PM Users how the PM team provide the support.
Regards,
KavvyaYes, we play a greater role in getting the roles defined. We practically don't do it, the basis team gets it done. But, all the list of tcodes per role, authorization objects are to be listed by us. Check with your seniors, you should see the authorization matrix made during the implementation.
This sheet lists all the roles to be assigned along with tcodes, authorization objects and list of the users, who will be assigned these roles. Maintenance engineer and Maintenance manager will obviously be two different roles. It again depends on the size and the way the company works and wants authorization.
Regards,
Ketul -
Authorization check during logon
hi,
please help me to find out the answer.. which authorization object is checked first when a user log in to a sap system?Hi Adri,
While logging no authorization are checked against your ID,but your Authorization are copied in user buffer.
When you execute tcode authorization are check from this buffer.
If you don't assign any authorization i.e role to user, user is able to login but cannot execute any tcode.
This justified it.
Try it out.
Hope this helps -
Authorization needed for executing f.05-urgent
Dear expert,
What tcode/authorization must be had for person to executed f.05?
Please advice.
Thank youhi Putri,
the solution I suggested has to work for each kind of auth issue. Pls. give it a try. Start the transaction, do the posting and wherever you get the message that an auth. check failed, just try /nsu53. It will tell you what is missing (either transaction or org. element or whatever). if nothing is missing, than the issue is not related to auth. So simple.
You are right: F-05 starts FB01, so if a user wants to start F-05 he needs auth for FBB1 as well, but if he has not, the transaction will stop immediately with error message about the missing auth.
ec -
Hi experts,
i need to know which table is stored tcode and user name or is there a function that whether user have autorazation to run tcode. i have a tcode list program and if user double click tcode field, tcode runs. But it doesn't check tcode authorization.
how can i do it.
Thanks.Hi,
You can use function module 'AUTHORITY_CHECK_TCODE' to check if the user has access to the transaction.
Sujay -
Release strategy for sales docs.
dear all,
we have a process in sales ,that we create scheduling agreement or sales order .It will have to be released by 4 different people with different levels .Once released documents should not be modified by anyone except amendment procedure.
Pls suggest as to how to achieve this ...
thanks
shankarThis release procedure is not available in SAP for sales .
you can create Z*tcodes for this, for 4 diff ppl or levels
maintain the delivery block in sales order ( which will trigger directly from sales doc type)
in create sales order - made this "display mode"- by using transaction variant.
Now create
Z*
Tcode- ZLVL-1 -
a-Waiting for approval
b-approved level-1 - in this level, he can access only these 2 fields either a or b.
Tcode: ZLVL-2
c-approved level-2
similarly next 2 levels.
d- approved level-3
e-approved level-4
Give tcode authorization only for respective levels-
eg:level 1- ZLVL-1 n so on,
Now in sales order , userexit, write a logic
if the "delivery block " - approved Level-4 (E),
then , allow to save the sales order
or else trigger error mssg as " Not yet approved, cant save the document"-
hope it helps, without development i dont think its possible. -
How to remove SPRO from SAP_ALL profile
Hi Friends,
Since my client needs access to SAP but we dont want to give them SPRO Tcode authorization.
So i would like to have your advice on that so as wht to be done and how can we create a profile without SPRO Tcode.
Regards
AyushAyush Johri wrote:
> I think its not that difficult, although i dont know this. but i have heard people saying that they have made SAP_ALL profile without SPRO...
It is easy to copy SAP_ALL and create a role without SPRO
This will not stop people from accessing the functions behind SPRO for the reasons posted before.
Lots of people claim they create a SAP_ALL without SPRO, I will bet £1000 (I know it's worth many euro's at the moment) that 90%+ of those roles which people think have SPRO removed will not stop people accessing config.
Ask yourself this question....
If you build a house do you:
1. Buy a giant piece of rock and cut holes in it
2. Build it from components - bricks, windows, doors etc
Maybe you are looking for
-
Usually (IE, Firefox 7 and below) if you go along the blue line of a route planned by Google Maps, a small circle appears which can be dragged and dropped to other roads so that the routeplanner changes the route. This is impossible with Fx 8, the ci
-
Photoshop Elements 8 won't install/run properly
I purchased Adobe Photoshop Elements 8 and have tried to install it 3 times now. I contacted cust svc and was told to start a "web case" to avoid the $40 fee for installation assistance and trouble shooting via e-mail. Got a "response" saying that
-
Depreciation Run - Repeat/restart
Hi Experts, I have an AuC asset (setup as investment measure), which was initially setup with depkey LINI (120 useful life). Naturally, after running the AFAB, this asset calculated a depreciation. After the calculation, I changed the of this AuC dep
-
How can I count events during a given time with 2 counters (6025 E)
Hi, How can I count events during a given time (1 sec for example) with 2 counters: what is the best way? how should i configurate both counter? i have done the 1st counter in ev_counter with the gate being the output of the 2nd; and how can i say to
-
hello what ever i want to do in itunes player it want me to authorize my notebook and when i do it , it says your notebook has been authoriz but i get the same error