HELP AUTHORIZATION ISSUE
So I've only ever connected my ipod to my macbook, never to another computer, and I never authorized my ipod with my computer or anything because I would download apps with wifi and i would be fine. I downloaded some music with my ipod the other day though and I authorized my computer and it said i have 2 authorizations with my account? I don't understand why I have two authorizations. Can anyone help explain this to me?
Message was edited by: TKhan91
Hi Vamsi,
SU53 shows us the last failed authorization for a user. However, it might not only be the failed authorization object failed.
Hence, "just to learn" , you can use transaction ST01 to enable and run a trace for particular users. Be sure to use in a test environment first, and with proper filters. (for a particular user only).
Then check-> which auth object is failing.
RC=4 means a object value is failing.
RC=12 means an object is missing!
Check, which tcode is calling that object and this tcode is present in which role. Then.........proceed.
You can check the SAP documentation on running traces on the help portal of SAP. I think you will find the answer yourself by troubleshooting more and may be massaging some test roles here and there!
Likewise, if you are new to security, I would encourage you to start by reading some books on SAP security. Authorizations made easy is a good book to start with.
Let me know if you have any questions
EOD for me :P . take care
Abhishek
Similar Messages
-
Authorization issue - help request
Hi guys,
One of the consultants is having an authorization issue ( He is not abele to run a t-code)
I ask him to run a su53 report and i am not sure how to proceed with this.
Please help.
Here are the details from the SU53 report.
DISPLAY AUTHORIZATION DATA FOR USER VYXXXX
User : VYXXX profile parameter authorization buffering 4
Authorization Object: F_KNA1_GRP
Description
Authorization check failed:
+ Authorization object F_KNA1_GRP Customer Account Group Authorization
Activity 08
Customer Account Group ZM01
Users Authorization Data :
+ Authorization object F_KNA1_GRP Customer Account Group Authorization
Authorization T-PD19002300
Authorization T-UG39000900
Authorization T-UG39001000
Please help me guys what need to be performed.
Regards,
Vamsi.Hi Vamsi,
SU53 shows us the last failed authorization for a user. However, it might not only be the failed authorization object failed.
Hence, "just to learn" , you can use transaction ST01 to enable and run a trace for particular users. Be sure to use in a test environment first, and with proper filters. (for a particular user only).
Then check-> which auth object is failing.
RC=4 means a object value is failing.
RC=12 means an object is missing!
Check, which tcode is calling that object and this tcode is present in which role. Then.........proceed.
You can check the SAP documentation on running traces on the help portal of SAP. I think you will find the answer yourself by troubleshooting more and may be massaging some test roles here and there!
Likewise, if you are new to security, I would encourage you to start by reading some books on SAP security. Authorizations made easy is a good book to start with.
Let me know if you have any questions
EOD for me :P . take care
Abhishek -
Authorization Issues - Apple, please help
There have been several posts regarding users not being able to play their iTunes music due to authorization issues. Solutions have been provided, including the following:
1. Deauthorizing the account several times until the following message appears "This computer was not authorized. To authorize this computer, to play a song or video you have purchased using this account."
2. Deleting the "SC info" folder.
3. Authorizing the music using the original account (File > Get Info).
Nothing seems to be working. I've contacted Apple support, and they have been more than responsive and helpful, but they keep asking me to do the same things over, and over.
Everytime I enter my account authorization info, I get a message indicating that the computer is now authorized...however, the music still won't play.
I have now gone 3 months without being able to solve this issue (I've tried everything in the forums), and I am about to give up. Unfortunately, this also means flushing over $300 down the toilet. I still have all the files, so I am not asking to download them again (they are on my hard drive). I just want a fix...Hi,
For the BW consultant use the following objects :
B_ALE_MAST
S_ADMI_FCD
S_APPL_LOG
S_ARCHIVE
S_BDS_DS
S_BTCH_ADM
S_BTCH_JOB
S_BTCH_NAM
S_CTS_ADMI
S_C_FUNCT
S_DATASET
S_DEVELOP
S_DOKU_AUT
S_FIELDSEL
S_FOBU_MTH
S_GUI
S_IDOCCTRL
S_IDOCDEFT
S_IDOCMONI
S_IDOCPART
S_IDOCPORT
S_LDAP
S_LOG_COM
S_OC_DOC
S_OC_FOLCR
S_OC_ROLE
S_OC_SEND
S_OC_TCD
S_PROGRAM
S_PROJECT
S_QUERY
S_RFC
S_RS_ADMWB
S_RS_COMP
S_RS_FOLD
S_RS_HIER
S_RS_ICUBE
S_RS_IOBJ
S_RS_IOMAD
S_RS_ISET
S_RS_ISOUR
S_RS_ISRCM
S_RS_MPRO
S_RS_ODSO
S_RZL_ADM
S_SCD0
S_SCRP_ACT
S_SCRP_FRM
S_SCRP_GRA
S_SCRP_STY
S_SCRP_TXT
S_SPO_ACT
S_SPO_DEV
S_SPO_PAGE
S_TABU_CLI
S_TABU_DIS
S_TABU_RFC
S_TCODE
S_TMS_ACT
S_TOOLS_EX
S_TRANSLAT
S_TRANSPRT
S_TWB
S_USER_AGR
S_USER_AUT
S_USER_GRP
S_USER_PRO
S_USER_TCD
S_USER_VAL
S_WFAR_OBJ
S_WFAR_PRI
For users :
S_ADMI_FCD
S_BDS_D
S_BDS_DS
S_GUI
S_OLE_CALL
S_RFC
S_RS_COMP1
S_RS_FOLD
S_RS_HIER
S_RS_ICUBE
S_RS_ISET
S_RS_ODSO
S_SPO_DEV
S_TCODE
S_USER_AGR
You also need to give the end user objects to the BW consultant. All of these objects have activities and values that need to be populated.
Cheers,
Kedar -
Variable screen/variant screen authorization issue
HI All,
We have implemented standard Cost Center Overview Report(0SR_C02_Q0002) in BI 7.
We have three selection fields:
1.Company Code which is mandatory
2.My controlling Area which is also mandatory
3.Costcenter which is not mandatory
The requirement we are facing over here is that in the Variable screen/variant screen when I enter a company code, then I need to display dynamically only those "My Controlling Area" values which are assigned to that particular company code and not all. In the same way after selecting the appropriate "My controlling area" value, I need to display only those cost centers in the cost center selection field which are assigned to the selected company code and My controlling area combination and not all.
can anyone guide me on how to go about on this authorization issue at the variable screen itself.
Please treat this issue/requirement on high priority.
Appreciated in advance.
Regards,
raps.Hi,
I think that an alternative to solve your concern could be using Web Application Designer (WAD). In this respect, there are several design options, with different levels of complexity.
As the simplest alternative, you could create a WAD including your query and three Dropdown Boxes: one for Company, a second for Controlling area and another for Cost center. The four mentioned elements should be linked to the same dataprovider so, when you select a company, the options in the other two Dropdown boxes and the information in the query are updated.
In order to enforce mandatory filter selection at Company and Controlling area level, you should set NO_REMOVE_FILTER='X' in both two Dropdown boxes, so that "All values" option -which would mean no filtering- is not offered.
I hope this helps you.
Regards,
Maximiliano -
Authorization issue during Jump
Hi all,
I am faced with an authorization issue when I am jumping from a BW report into an ABAP report in R/3. The particular BW report is built on a Multiprovider and when I jump to the R/3 report it displays a message saying that I have no authorization to display the R/3 report. Now the issue is that when I run the same report on the base infocube and perform the jump there is no problem. It works just fine.
Both the multiprovider and the base infocube have the same authorization objects checked.
Can someone please help?
Regards,
Ashmith RoyPls have a look on the below thread:
Authorization by InfoArea
Regards
Ganesh
*Assign points if this helpful -
Authorization issue - need to know the Role providing this access
Hi,
User is facing an authorization issue below:
"You donot have authorization to display DataSource 2LIS_06_INV, Component MM" and
"You donot have authorization to display DataSource 2LIS_11_VAITM, Component SD"
Kindly let me know what Role is missing from the user's profile?
Thanks and Regards,
Sachin
SAP Security ConsultantHi Murali,
It helped.
I found out the BW Data Support role for the object S_RO_OSOA and when checked it was already in user's profile but the missing part was user Comparision for that role.
I did user comparision and then user is able to view the below DataSources....
Thanks for your help, it triggered to find the root cause.
Thanks
Sachin -
Authorization issue to execute query via analyzer
Dear,
We are experiencing an authorization issue that we can not solve...
We have grant to user the expected objects to execute query (S_RS_COMP & S_RS_COMP1) and the central objects like S_GUI, S_USER_AGR.
When we test in RESCEADMIN, everything is fine. We can execute the query.
When we test it in the analyzer, the variable screen does not pop-up and we get the error message:
"There is no variable in the workbook, which allows user input"
Does anybody have a direction to help us to orientate our investigation?
Many thanks,
RodolpheHello,
What is the basic settings you have in the Query Properties basic setting tab
Try making it mandatory
Regards
Nitin Bhatia -
Authorization issue to view cube contents
Hi Gurus,
I am getting Authorization issue to view cube contents in Production server, When I execute the cube it is showing me the following statement.
"You do not have sufficient authorization for the infoprovider ZMMG_C05".
Please provide me a possible solution for this.
Thanks,
Jackie.Hi,
Two things to be checked with respect to authorization for this one.
1) Functional Roles: Check whether Info cube is present in the functional roles that are assigned to you.
If not you need to get the functional role in which the Infocube is assigned.
2) Data Access Roles: Check in the data access roles assigned to you, whether you have the access
to the selection that you are using to see the data in the info cube. Else, request
BASIS team to assign the appropriate data access roles to you.
Hope this helps.
Regards,
Bharat -
Dear all,
I have an authorization issue with two ODS.
One I activated for BEx reporting --> Is working fine in Dev, but I get error with
missing authorization in QUA, althought some authorizations.
Same issue with a newly created ODS, which works in Dev, but gives an error
with missing authorization in QUA.
What can be the reason for this? Any input is highly appreciated!
Cheers,
ClaudiaHi,
check that the role(s) are transported from your DEV and your QA, and that the user has the correct role(s)
Check as well in your QA transaction RSSM for your ODSs objects; it might be that by transporting the ODS, some authorizations have been applied by default.
hope this helps...
Olivier. -
Authorization issue "No authorization"
Dears gurus,
I created an analysis authorization using tx. RSECADMIN, this contains the IO 0COSTCENTER restricted with some value, and also contains the IO: 0TCAACTVT, 0TCAIPROV, 0TCAVALID. When I assigned it to a role using tx. PFCG. But when the query is executed it appears the following message: "No authorization". Using a trace tool, it appears to requiere the analysis authorization 0BI_ALL, but if I give this authorization, it doesn't restrict the IO 0COSTCENTER as wanted.
Please let me know what is missing.
Best regards,
Pilar Infantas.Remove 0BI_ALL object fro users profile and try executing as below it should give you the authorization objects values missing ..
goto RSECADMIN >Analysis>Execution as User -->enter the user name you are executing the query
Check box -->with Log option
select RSRT option
hit start transaction button ,it should show you the authoriztion errors with authorization objects missed.
if not
again RSECADMIN>Analysis>Error Logs-->check with the latest time stamp for that particular user and analyse the authorization issues
Hope it Helps
Chetan
@CP -
Authorization issue in BI system.
Hi,
Having a authorization issue in BI system.
user trying to run a query in and attempt to drill down by customer, he gets customer details but some of the customers are missing...
Does the authorization granted in BI system based on customers? Is it a security issue?
pls help...
Thanks...Hi,
Please execute the query with your id(developer id who will be having access to all data) first. Check if you are able to see all the customer data. If you are able to see all the data then the user is restricted with some authorizations. ( usually the authorizations are done on sales organization, company codes, plant..etc.. please check how it is in your project...)
If you are not able to see all the customer data, then check in the infoprovider on which the query is built and do your analysis.
Check in the roles assigned to the user.
Hope it helps.
Edited by: Maddy on Apr 21, 2011 6:42 AM -
Authorization issue with VA02 radio buttons
Hello All,
We are stuck at one authorization issue. The user navigates using tcode VA02.
1) Execute Tcode -VA02=>
2) 2) puts order number # 100001 =>
3) press enter =>
4) press enter =>
5) Screen: Change (Company Name) Return 100001: Overview =>
6) Option: Display doc. Header details (looks like a magnifying glass beside PO_date) =>
7) This bring us to Change (Company Name) Return 100001: header Data =>
8) select status tab =>
9) on Status tab lower end there is a button u201CObject Statusu201D =>
10) Press it =>
11) Come to Change Status :
12) On this screen There is Status with status no. on the right side with 7 options
e.g:
u2022 1 BLK Approval Required for,
u2022 2 BL1 Approval for Credit,
u2022 3 BL2 Approval for material Replacer
We need to restrict the radio button access for user for which we are unable to find the authorization object.
Could any one help.
Thanks & Regards
gabHi,
Use ST01 to trace the user activities and check which objects its hitting when you click on those buttons, then you can restrict radio buttons using those objects.
I have'nt run the tcode myself and performed the steps you mentioned, but if you think its calling other transaction from those buttons you can manage tht in SE97, or add the t-code VA02 in the S_tcode auth object in PFCG.
Hope this should get you going
Thanks,
Vijay -
ABAP dump on authorization issue
hello,
I am not sure if this is the correct forum for this or not.
I have an ABAP program that was written before I got here that performs the following statement
<b>OPEN DATASET w_file FOR OUTPUT IN TEXT MODE ENCODING DEFAULT.</b>
where w_file is a file on the app server. the users that run this program have no issues.
I have made a copy of the program to add some additional functionality and when the users run this program, the program is abending with the following error messages when trying to execute the same command stated above
Runtime Error OPEN_DATASET_NO_AUTHORITY
Except. CX_SY_FILE_AUTHORITY
I have talking to the security person and he is going to make another role with the authorizations needed to run the program but I am curious as to why the same person can run the one program successfully and my program (which does basically the same thing when it comes to the file processing) abends with the authorization issue.
thanks in advance for your helpI believe you can use FM to check if user has sufficient authorization.
NOTE: authority-check uses PROGRAM NAME, so it looks like your profile should be updated with new program name.
Here is what help says :
Check file access authorization
Functionality
This function module allow you to check the user's authorization to
access files (with the key words OPEN DATASET, READ DATASET, TRANSFER and
DELETE DATASET). A check should be performed before opening a file.
The authorization check is performed uwing the authorization object
S_DATASET.
Description of function parameters:
o PROGRAM: Name of the ABAP/4 program that contains the file access. If
no program name is specified, the system assumes the current program.
o ACTIVITY: Access type. The possible values are:
- READ: Read file
- WRITE: Change file
- READ_WITH_FILTER: Read file with filter function
- WRITE_WITH_FILTER: Change file with filter function
- DELETE: Delete file
o FILENAME: Name of accessed file
Example
TYPE-POOLS SABC.
CALL FUNCTION 'AUTHORITY_CHECK_DATASET'
EXPORTING PROGRAM = 'ZDATASET'
ACTIVITY = SABC_ACT_READ
FILENAME = '/tmp/sapv01'
EXCEPTIONS NO_AUTHORITY = 1
ACTIVITY_UNKNOWN = 2.
Notes
The values to be passed as the ACTIVITY are defined as constants in the
TYPE-POOL SABC. -
S_CTS_ADMI Authorization issue
Hi Experts,
Every now and again a user sends me a SU53 with the error requesting access to S_CTS_ADMI field TABL. The user of this morning is trying to release a purchase order using transaction ME29N. Why would the SU53 indicate that the user want to maintain the control tables of the Change and Transport System in Production when they are trying to release a purchase order? I am running a trace ST01 but it's not helping.
Could you please help me to resolve issue.
Thanks
PavelHi
Gowri is perfectly ok. Below Objects checked.
M_BEST_BSA
M_BEST_EKG
M_BEST_EKO
M_BEST_WRK
Along with that M_EINK_FRG also get checked.
Check for access to all of the above Objects in user master records. Before that check with MM team to get these values of the PO that the approver is trying to release.
1) Document Type : Relate with M_BEST_BSA
2) Purchasing Group : Relate to M_BEST_EKG
3) Purchasing Organization : Relate to M_BEST_EKO
4) Plant : Relate to M_BEST_WRK
5) Release code & release Group : Relate to Object M_EINK_FRG
You also can get these information through ME23N
If all of the above matches with user master record and PO then there is no further authorization issue. Rest on MM team !!!!!
Best of luck...
Arpan -
Regarding BI Authorization Issue
Dear Friends,
can anyone help me to solve this issue..
I have a Authorization Issue, u201CNO Authorization u201C
Error : EYE 007 ( Insufficient Authorizations )
I have follow this stepsu2026
Steps 1 :-
Define Authorization-Relevant Characteristics ( ZCUSTOMER )
Note : I have 0Division values C100 and C200, I want to restrict the user on ZCUSTOMER = 100.
Steps 2 :-InfoObjects as u201Cauthorization-relevantu201D
Eg: 0TCAACTVT
0TCAIPROV
0TCAVALID
0TCAKYFNM
ZCUSTOMER
Steps 3 :-Using T-code : (RSECADMIN) created the Analysis Object
For example : ZAUTH In That I have taken
ZCUSTOMERrestricted with value C100.
0TCAACTVT with 3 ( Display )
0TCAIPROV with * ( Astric )
0TCAVALID with *
0TCAKYFNM with *
Steps 4 :-
Assign Authorizations to Roles
Use authorization object S_RS_AUTH for the assignment of
authorizations to roles.
Maintain the authorizations as values for field BIAUTH
Ex: ZTESTA1
S_RS_AUTH
Here I have given my Authorization Analysis Object ( ZTESTA1) which I have created in RSECADMIN.
S_RS_COMP
Activity Create or generate, Change, Display, Delete, Execute <...>
InfoArea : ZDEMO_ MIHI
InfoCube : ZCUBET
Name (ID) of a reporting compo : ZTEST_Q0001
Type of a reporting component Calculated key figure, Query View, Query, Restricted key figure <...>
S_RS_COMP
Activity Create or generate
InfoArea :ZDEMO_ MIHI
InfoCube : ZCUBET
Name (ID) of a reporting compo :ZTEST_Q0001
Type of a reporting component :Query
S_RS_COMP1
Activity Display, Execute
Name (ID) of a reporting compo : ZTEST_Q0001
Type of a reporting component :All values
Owner (Person Responsible) for *
S_RS_COMP1
Activity Change, Display, Delete, Execute, Enter, Include, Assign
Name (ID) of a reporting compo ZTEST_Q0001
Type of a reporting component All values
Owner (Person Responsible) for :*
S_RS_ICUBE
Activity Create or generate
Infocube Sub Objects: DATA, Update rules, Data Definition, Aggregats
InfoArea :ZDEMO_ MIHI
InfoCube : ZCUBET
S_RS_IOBC
Activity Create or generate
InfoArea :ZDEMO_ MIHI
Infoarea Catalog : zioc_test, Zkf_test
S_RS_IOBJ
Activity Create or generate
InfoArea :ZDEMO_ MIHI
InfoObjets: ZCUSTOMER, ZDOCNO,ZMATERIAL
Steps 5 :-
AND Assign this Role to User.
Steps 6 :- ERROR
When I execute the Report it is showing u201CNO Authorization u201C
u201C Insufficient Authorization u201C
EYE 007.
Regards
SivaHi,
In RSECADMIN try to put on the trace with your user id & execute the query . System will give you list of authorization object with red color which needs to be reconsidered in order to execute report without error.
Hope that helps.
Regards
Mr Kapadia
Maybe you are looking for
-
Include jsf file in a jsp page
Hi Everyone, I have a plain jsp page with no JSF Components, but it has a jsp:include tag which is another jsp file which contains jsf components. When i try to run the plain jsp file ... i get the following error... java.lang.IllegalStateException:
-
My latest pano photo have missing landscape. Some of the photos are merged into one. I can provide the examples. What could cause this problem on a new 5C?
-
Not authenticating to wireless
I have been banging my head against the wall for days now on this. We have 2 identical 1100 APs (I copied the config from one to the other changing names and IP address) They plug into different 3COM switches (both switches are configured the same).
-
Certificate Host Naming Issue with WRVS4400N
When accessing the WRVS4400N v1.00.16 for Remote Administration or QuickVPN, I get an error indicating that the certificate host name does not match the host name of the WRVS4400N. Is this a an issue with the certificate generated by the WRVS4400N or
-
Not able to find R/3 PO# in SRM....
Hi All We are having SRM4.0 and R/3 4.7 as backend with classic scenario.No BW installed. We are developing a custom report in SRM to find the details of SC and PR for a selected PO. We are succesfull to get the details if the PO is created directly