Missing authorization for PA30

Hey guys....
My question is regarding to PA30.
In R/3 my userid has authorization to display and maintain HR data through PA30.
But when i copied my userid to create a new one that new userid has no right to display and maintain HR data through PA30.
Eventhough it has same access as i do.
Its strange....please sort out this problem.
Thnx
Alex.

You have several options to check
1) Try displaying/Create with the copied id once, once are u get No authorisation message, go to tcode su53 its will show you why the authorisation failed, and will give you the missing authorisation object.just go to Tcode PFCG and IN YOUR ROLE give that missing object.
2) Go to Tcode SUIM>User Information System>Comparisons>From Users. There in user A give the one which has access to all actions in PA30  and in user B give the copied id and check for missing objects.
3) in tcode PFCG, and access your ROLE and check Authorisation level for HR:MASTER DATA. give * there.Also check if the infotype u are trying to access too is included or not.
Another important thing is dont forget to generate the role and save it after you make changes...
and in PFCG, When u go into change mode, next to Authorisations TAB there is a TAB Called USER, Click on that and check if Icon User comparison is Green.

Similar Messages

  • Missing authorization for the plant - Message no. ME303

    Missing authorization for the plant - Message no. ME303
    I am getting the above error while creating the PO.
    what is the cause of error?
    How do I rectify this?
    I have used the right data, till yday it was working fine. I doubt some config change has happened

    Hi,
    Check with your basis  consultant whether the authorization is change ?
    Regards,
    Chetan.

  • Missing authorization for plant ' '

    User is missing authorization for plant ' '
    User trace gives the following missing authorization
    Object:
    M_IS_WERKS RC=4 MCINF=S039;WERKS=' '
    Can anybody help me out to find the meaning of space( ' ' ) in plant or any field?
    thank you in advace

    *  Prüfung, ob Berechtigung für die Werke existiert
      SELECT * FROM T001W INTO TABLE AW_HLP_T001W
                          WHERE WERKS IN AW_WERKS.
      DESCRIBE TABLE AW_WERKS LINES SY-TFILL.
      IF SY-TFILL > 0.
        FLG_SELECT = 'X'.
      ENDIF.
    <b> clear aw_hlp_t001w-werks.                       " note 124769, ver.04
      collect aw_hlp_t001w.                           " note 124769, ver.04</b>
      LOOP AT AW_HLP_T001W.
        AUTHORITY-CHECK OBJECT 'M_IS_WERKS'
                 ID 'MCINF' FIELD AW_MCINF
                 ID 'WERKS' FIELD AW_HLP_T001W-WERKS.
    There must be a reason to add an empty line, which causes the silly authority check. As far as I understand Note 124769 you have got to add  plant ' '. See Note 408003: ."Create an authorization for the authorization object M_IS_WERKS which contains the value WERK =  . Refer to Note 124769."

  • EDMS: 'Missing authorization for this functionality' when searching user

    Hi,
    I've activated ALC authorization for DMS. In EDMS, when trying to add an user to a DIR with search function an error occurres as below.
    'Missing authorization for this functionality'
    BTW, the user has contains SAP_ALL profile. It can't be any authorization reasons.
    Regards,
    Yemi

    Hi,
    authorization checks will not happen if the search help from sap-gui.I
    think the problem is releted to missing implementation of "check
    function module" from your side. If the search help is linked to a
    "master data table" (type A) a check function must be implemented to
    check the permission of the user.
    This function module is read from table BAPIF4T.                 Please
    check the following link:                                 http://help.sa
    p.com/saphelp_nw04/helpdata/en/a5/3eca044ac011d189
    4e0000e829fbbd/content.htm
    http://wiki.sdn.sap.com/wiki/display/PLM/Object+Link+search+in+EasyDMS
    Regards,
    Hari

  • Missing authorizations for authorization object UIU_COMP

    I have generated the pfcg role for a business role using report CRMD_UI_ROLE_PREPARE and assigned the pfcg role to a user.
    The user is apparently able to perform navigation as required. However, when a ST01 trace is run for the user, there are few missing authorizations for UIU_COMP. Could anyone please explain the reason for this? No changes have been made to object UIU_COMP  i.e. only values generated by the report is present there. Should the missing authorizations be added manually to the role?

    I would recomend that you define for component UIU_COMP in your pfcg role full access (all set to *), because this authorization object is used for access to web ui components. Even thou if you define this object to full access users will still see just components defined in business role.
    Regards.

  • Missing authorization for processing condition

    Hi  All,
    We are having  a problem with our pricing procedure zxxx.
    we created a pricing procedure and connect it to a java formula.
    this formula return an error message :
    " Missing authorization for processing condition zxxx "
    in debug we see that this message come from the formula and not some kind of authorization check.
    ( even a user with "sap all"  get this message ).
    does any one know how to solve this?
    or:
    does any one know how to debug the java formula ?
    thanks,
    Lilach.

    Hi,
    Check with your basis  consultant whether the authorization is change ?
    Regards,
    Chetan.

  • CK40N error: Missing authorization for BOM (SAP Error: CK-581)

    Hi Experts,
    When running CK40N, I found an error message Missing authorization for BOM (SAP Error: CK-581).
    If this is the problem of my CK40N that make object cannot be costed, how can I solve this?  Is this relate to SAP authorizartion?
    Thanks.
    sbmel

    Hello,
    While doing Costing run CK40N or Cost estimate CK11N, you require having authorization of T. Code CS03 for the plant in your SAP ID as it explodes BOM.
    Kindly contact basis team & take the authorization on your SAP ID.
    Regards,
    Anand

  • Missing authorization for transaction VC/2 (Sales summary)

    Hi Expert,
    I am running transaction VC/2, but I get the message VB500 "the list is incomplete due to missing authorizations".
    Via transaction SU53, I see that it is object M_INFO_MCB with auth. field MCINF which is missing.
    Do you know what this object field is about?
    Thank you.
    Kind regards,
    Linda

    Hi,
    First goto SUIM T.Code.
    click on "Authorisation Objects".
    Select "Authorization Objects by Complex Selection Criteria".
    Enter "M_INFO_MCB" as "Authorization object".
    Execute.
    It shows that this is related to "Evaluation: Evaluation Structure".
    The path is:
    SPRO>Logistics General>Logistics Information system(LIS)>Flexible Analyses>Select layout reports for evaluation structures.
    Maintain values here.
    Save.
    Regards,
    Krishna.

  • Missed authorizations for ess personal id

    Hi,
    I configured ESS. I can see all the services..except Personal id under personal information.
    kindly let me know what role should i assign to get this view.
    i assigned composite role to the end user. even though i m not getting...
    thanks in advance
    renu

    yes, i did it. i can able to access other ess service... only for personal id(persoanl Information) i m getting belwo error...
    Critical Error
    A critical error has occured. Processing of the service had to be terminated. Unsaved data has been lost.
    Please contact your system administrator.
    You have no authorization to display  
    com.sap.pcuigp.xssfpm.java.FPMRuntimeException: You have no authorization to display
         at com.sap.pcuigp.xssfpm.java.MessageManager.raiseException(MessageManager.java:112)
         at com.sap.pcuigp.xssfpm.java.MessageManager.raiseException(MessageManager.java:122)
         at com.sap.xss.per.helpers.MessageHelper.raiseException(MessageHelper.java:43)
         at com.sap.xss.hr.per.in.pid.fc.FcPerPidIN.readRecord(FcPerPidIN.java:269)
         at com.sap.xss.hr.per.in.pid.fc.wdp.InternalFcPerPidIN.readRecord(InternalFcPerPidIN.java:535)
         at com.sap.xss.hr.per.in.pid.fc.FcPerPidINInterface.readRecord(FcPerPidINInterface.java:146)
         at com.sap.xss.hr.per.in.pid.fc.wdp.InternalFcPerPidINInterface.readRecord(InternalFcPerPidINInterface.java:197)
         at com.sap.xss.hr.per.in.pid.fc.wdp.InternalFcPerPidINInterface$External.readRecord(InternalFcPerPidINInterface.java:273)
         at com.sap.xss.hr.per.in.pid.overview.VcPerPidINOverview.onBeforeOutput(VcPerPidINOverview.java:257)
         at com.sap.xss.hr.per.in.pid.overview.wdp.InternalVcPerPidINOverview.onBeforeOutput(InternalVcPerPidINOverview.java:243)
         at com.sap.xss.hr.per.in.pid.overview.VcPerPidINOverviewInterface.onBeforeOutput(VcPerPidINOverviewInterface.java:134)
         at com.sap.xss.hr.per.in.pid.overview.wdp.InternalVcPerPidINOverviewInterface.onBeforeOutput(InternalVcPerPidINOverviewInterface.java:132)
         at com.sap.xss.hr.per.in.pid.overview.wdp.InternalVcPerPidINOverviewInterface$External.onBeforeOutput(InternalVcPerPidINOverviewInterface.java:208)
         at com.sap.pcuigp.xssfpm.wd.FPMComponent.callOnBeforeOutput(FPMComponent.java:603)
         at com.sap.pcuigp.xssfpm.wd.FPMComponent.doProcessEvent(FPMComponent.java:569)
         at com.sap.pcuigp.xssfpm.wd.FPMComponent.doEventLoop(FPMComponent.java:438)
         at com.sap.pcuigp.xssfpm.wd.FPMComponent.wdDoInit(FPMComponent.java:196)
         at com.sap.pcuigp.xssfpm.wd.wdp.InternalFPMComponent.wdDoInit(InternalFPMComponent.java:110)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingComponent.doInit(DelegatingComponent.java:108)
         at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)
         at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.init(ClientComponent.java:430)
         at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:362)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:756)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:291)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:733)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:668)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
         at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73)
         at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProxy.java:860)
         at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.create(AbstractApplicationProxy.java:220)
         at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1288)
         at com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:326)
         at com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:868)

  • Missing authorizations in QAS for each n every t code

    Hello All,
                   i have created one role in QAS adding tcodes to it when i tested it it is showing missing authorizations for every tcode when i see in su53 and i tried to assign manually in su24 also but it is saying no changes are permitted in this client so if create a new role in DEV and transport that role to QAS if so how can give me steps in detail as if iam new to security plz do help me.
    Regards
    upendar.D

    he means on pfcg when role is designed and when generating profile, for object you already know you can assign what you want then for field that you don't understand what it is for leave it blank first. assign the role to the user. login as the user then try the transaction if it failed on authorization check go to su53 directly by using /nsu53, check what object is being error and what value expected by the transaction. edit and regenerate profile for the role again. try transaction again. repeat until success.
    Christian Rose wrote:
    Hello,
    >
    > just adding transaction to a role is not enough, within the role you have to go to tab "Authorizations", goto "Maintain Authorization Data and Generate Profiles" in change mode and generate the profiles via the according button.
    >
    > regards
    >
    > Christian
    Edited by: Henry Hsu on Oct 13, 2011 12:12 PM

  • Display authorization for resource planning missing

    Hi,
    while open the Resource planner with log in service manager.it is showing following error
    Display authorization for resource planning missing
    i am not getting this error why it is showing.any one help me to solve this issue
    Thanks & Regards
    Kishore Kumar

    Maintain the authorization Objects for the PFCG role assigned to the user
    Authorization Object
    Description
    Authorization Field
    Value
    Value: System
    Relevance
    WFDS_RPA
    Authorization Object Transaction
    ACTVT
    3
    WFD server
    Service resource planning application (RPA)
    WFDS_RPA
    Authorization Object Transaction
    ACTVT
    2
    WFD server
    RPA
    B_BUPA_GRP
    Business Partner: Authorization Groups
    ACTVT
    3
    SAP CRM
    RPA
    Appointment scheduling
    B_BUPA_RLT
    Business Partner: BP Roles
    ACTVT
    3
    SAP CRM
    RPA
    Appointment scheduling
    B_BUPA_RLT
    Business Partner: BP Roles
    ACTVT
    3
    SAP CRM
    RPA
    Appointment scheduling
    WFDS_JFUNC
    Authorization Object Resource (Type of WFD Resource)
    WFDS_RTYPE
    WFD server
    RPA
    Appointment scheduling
    WFDS_JFUNC
    Authorization Object Resource (Job Function)
    WFDS_JFUNC
    WFD server
    RPA
    Appointment scheduling
    WFDS_JFUNC
    Authorization Object Resource (Job Level)
    WFDS_JLEVE
    WFD server
    RPA
    Appointment scheduling
    WFDS_SAREA
    Authorization Object Resource (Type of WFD Resource)
    WFDS_RTYPE
    WFD server
    RPA
    Appointment scheduling
    WFDS_SAREA
    Authorization Object Resource (Service Area)
    WFDS_SAREA
    WFD server
    RPA
    Appointment scheduling
    S_TCODE
    Transaction Code
    TCD
    /SAPAPO/LRP_ACCESS
    WFD server
    RPA
    Appointment scheduling
    UIU_COMP
    Authorization UI
    COMP_NAME
    WCC_SRV_RPA
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_WIN
    WCC_SRV_RPA/MainWindow
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_PLUG
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_NAME
    WFDRPA
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_WIN
    MainWindow
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_PLUG
    DEFAULT
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_NAME
    WFDRPA
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_PLUG
    DEFAULT
    SAP CRM
    RPA
    UIU_COMP
    Authorization UI
    COMP_WIN
    WFDRPA/MainWindow
    SAP CRM
    RPA

  • Authorization for Delimit / Lock button in PA30 screen

    Hi All,
    I have a requirement that users should not be able to Lock the leave record in IT2001.  The user has authorizations for Read / Write and Display.
    Also I do have a requirement that the user should not have authorization for delimit button. The user has authorizations for Read / Write and Display.
    Do we have any authorization object for delimit / lock ??
    Any Input will be highly appreciated.
    Shrikant Basarkar

    It's a hardware issue. If it's out of warranty, you can get it replaced but there's an out of warranty fee associated.
    http://support.apple.com/kb/index?page=servicefaq&geo=United_States&product=ipho ne

  • Authorization for Infotype 0008

    Dear Experts,
    I am new for SAP HR module, and I am facing one authorization issue.
    It is about the PA30 authorization for Infotype 0008, I want to restrict user ( ext_test) who can change Infotype 0008 for person ID 44000156, Employee group 1, Employee subgroup EP(ETXAT).
    And I create the role for T-code PA30.
    In the P_ORGINCON object, I configure the activity as following :
    Authorization level            E, R, S                                                                      AUTHC
    Infotype                           0008                                                                          INFTY
    Personnel Area                *                                                                               PERSA
    Employee Group              1                                                                               PERSG
    Employee Subgroup         EP                                                                            PERSK
    Authorization Profile         *                                                                               PROFL
    Subtype                          ' ', 0                                                                          SUBTY
    Organizational Key          *                                                                               VDSK1
    But when I execute PA30 with person ID 44000156, and want to change Infotype 0008, It shows that I miss the authorization.
    The result of SU53 are
    Authorization level            E
    Infotype                           0008   
    Personnel Area                *
    Employee Group              *
    Employee Subgroup         *
    Authorization Profile         *
    Subtype                          0
    Organizational Key          *
    I don't know why it asks the * authorization for Employee group and subgroup even I want to chagne the data which are fit my created authorizations.
    Could anyone give me some advice?

    Dear Amamath,
    Employee group is 1 (Direct), and subgroup is EP ( Expat).
    I don't know if it is possible if I want to restrict the authority as following:
    I have two person ID, one is 44000156, the other is 44000246.
    44000156 has Employee group 1(Direct) and subgroup EP(Expat)
    44000246 has Employee group 2(Indirect) and subgroup 3(Management)
    I want to restrict the authority that end user can only change Infotype 0008 for the person which subgroup is EP ( No matter the Employee group is 1,2, or 3).That is , in this case, I can only change 44000156 basic pay but not 44000246.
    So in the P_ORGINCON object, I restrict the Authorization level as "E,M,and R); Infotype as "0008"; and subgroup as "EP".
    After that , I did the test with end user's accout. then SU53 shows that it need to have Employee subgroup = "*".
    I don't know why it need the * authority for Employee subgroup. I should be able to change 44000156 since I granted the subgroup "EP" to end user account.

  • Report S_ALR_87013105 : no authorization for the report/ table 7KU6_001

    Hi Gurus,
    While executing the program S_ALR_87013105 (Detailed Reports 
    For Sales Order : Plan/Actual Comparison ) system showing the selection log.
    "Have no authorization for the report/table  7KU6_001 and 7KU6_002".
    But for the user the authorization check through SU53 was successful.
    Pl can any one suggest on this issue.
    Thanks in advance,
    Vijay

    Hi,
    Contact your basis consultant to provide the missing authorisation. This is one of the authorisation object.
    Regards,
    Sankar

  • BPS retraction (CCA) - authorizations for background user (R/3)

    Hi,
    I'm  trying to retract plandata for statistical key figures from BW to R/3. During data retraction I get an error message in BW. The message is about missing authorities on R/3 side, but without any detailed information. We use the standard backround user for BW => R/3 RFC connections. So my question is, if the background user needs additional authorizations for data retraction? Are there any notes or documentation?
    Thanks for help,
    Tanja

    Hi,
    I remember having faced this issue...
    I fixed it by creating a RFC connection for the retraction itself connecting with a service user (S_BWRETR) having profiles SAP_ALL, SAP_NEW.
    hope this helps...
    Olivier.

Maybe you are looking for