No auth checks for custom transactions

Similar Messages

• Deselect auth. check for infocubes (Checks for infocubes) in RSSM

  Hi,
  An infocube I installed contains an authorisation relavant object (already exists) in BW3.5 system. By default the infocube is selected for auth. check in RSSM.
  After I transported the cube to target system I realised the auth check in RSSM has also been transported with the cube.
  Hence, I have deselected the auth. check for the infocube "Checks for infocubes" in RSSM and saved it. Then, I created a second transport and only transported the cube. But the changes I made in RSSM hasn't been transported.
  Please can you advise me how to transport the changes I made in "Checks for infocubes" in RSSM?
  Thanks a lot
  Murali

  Hi,
  check this threads:
  Re: RSSM: Checks Authorization Objects for Infoprovider are not activ
  Re: RSSM Transports
  Normally system would check all the authorization relevant objects whenever a new Info cube is imported and in case if you want to transport these changes to Production system manually then follow the below listed steps:
  1) In Development system, check or un-check the authorization relevancy using the transaction RSSM on a given Info provider
  2) These changes are stored in table RSSTOBJDIR
  3) Create a manuall transport request and include these entries covering the required Authorization objects manually.
  R3TR TABU RSSTOBJDIR
  Ex: If Info object 'A' is authorization relevant in Development system but not in Production system and you want to transport this change to Production system then include object 'A' table entries manually.
  Regards
  Andreas

• Need to deactivate structural auth. check for a custom Report

  Hi all experts:
  I have a report that is based on PNPCE logical database and it displays work hours for a project, all non-sensitive information.  We would like a wide range of users to have access to this but since this is based on PNPCE logical database whenever a user runs it, the str. authorization check is performed.  I have tried deactivate this check with P_ABAP object and coers 2 but it only ignores infotype auth. check but still checks the structural.  We don't want to expand str. profile for users. 
  Do you know if there is a way to deactive this just for one report?
  Your help will be greatly appreciated.
  Regards,
  Net

  Thanks Kiran. I had tried that value but still got the same message.  I am having problem understanding exactly when this value 2 ignores structural authorization because it works on some reports and not others.  Anyway, we implemented BADI for this report to ignore structural auth. check and it is working fine.
  Thanks again,
  NT

• Authorization for customized transaction

  Hi,
       In our system, developers create one transaction ZSIDUPDATE.
  Whenever I (Basis Admin) hit this transaction, error "No Authorization for Transaction" is occurred. I don't understand why the error is for authorization for this customized transaction because I have SAP_ALL & SAP_NEW profile.
     Can anybody give the solution?
  Regards,
  Rajesh

  Hello Rajesh,
  Check the report behind ZSIDUPDATE. I suppose there must be some kind of code which will allow only certain user to execute it based on their user ids. Either the user ids will be hardcoded or else they are being picked up from some table. This is not a classical authorization error. You may set a trace also but debugging is best. it will crack it open in seconds.
  Regards.
  Ruchit.

• Over due items are not considered in credit check for customer

  Hi Gurus;
  We have static credit active for the sales order which is blocking  if the  sales value is more than the customer credit balance   but it is not checking for over due item i.e the billing document  whose accounting document  hasn't been cleared yet .Though i have maintained same number days for payment terms and risk category  for the customer .
  Kindly guide me if have missed out any configuration or setting .
  Thanks in advance .

  Hi Nuru,
  Hope you are using automatic credit check and not simple crdit check ..Check that.
  Is ur update group a standard one..?
  Please paste screenshots of FD33, credit status, OVA8 etc.
  Regards
  Jobi

• Error when a TS step has a condition to check for custom variable. Variable is set on the collection.

  SCCM Version = SCCM 2012 R2 CU3
  Background
  I would like to setup some sort of safety check to help prevent accidentally sending and OSD out to all the servers managed by SCCM. The solution I am trying to use is making the TS do a check for a custom variable. If the variable is NOT set to TRUE
  then it should reboot the machine back to the currently installed OS.
  The variable is called "AllowOSD"
  AllowOSD is set correctly on my "Test Servers" collection
  I'm using the built in "Reboot Computer" step in the TS
  The condition on the Reboot Computer step is very basic - "Task Sequence Variable AllowOSD is not equal TRUE".
  I am testing the TS on a VM guest (Hyper-V)
  I'm deploying via PXE for these tests...
  The Issue
  As soon as the TS starts I get the annoyingly generic 0x80004005 error - smsts.log posted on github -
  smsts.log-A
  Possibly related issue:
  I have a vbscript that prompts for, and sets, the computer name. This works fine if placed after the format disk step, but if I place it before the format disk step then I get error 0x800700A1. If I format the internal HD first then I don't get an error
  and it all works fine.
  smsts.log posted on github - smsts.log-B
  Be aware VM_1 and VM_2 have unformatted disks (vhdx). I don't want them to be formatted before checking that the task sequence should really be running in the first place. As already mentioned, I am trying to prevent someone wiping out a bunch of servers
  by accident.
  My Task Sequences are based on the defaults created by the wizard. Here are the step I'm using...
  * Reboot if AllowOSD is not TRUE
  Restart in Windows PE
  * set Computer Name
  Partition DIsk 0 - DIOS
  Partition Disk 0 - UEFI
  Install Operating System
  Apply Windows Settings
  Apply Network Settings
  Setup Windows and Config Manager
  * = steps I have created.
  All other steps are defaults as created by wizard.
  Please note the "Restart in Windows PE" step does a conditional check on "_SMSTSInWinPE" without any errors. it is looking like the use of custom variables is not supported until the local HD is formatted and mounted. Can
  anyone confirm this behaviour, or what I can do to get around this problem.
  I have tried using a vbscript but triggering a reboot from VB does nothing, hence using the Reboot Computer step in the TS.
  Thanks
  "Well I'm all out of ideas." - 85

  As others have stated, your options are limited the moment you rely on PXE and WinPE but I think all you need to do is refine your collection target a bit.
  Why not instead of deploying your TS to All Systems (which is what I'm guess you're doing) and trying to put a condition in, deploy to a collection that is based on a workstation collection then include unknown computers?  Then any "known workstation"
  will have a MAC stored and thus be permitted to use the TS, unknown machines will be as well ... but "known servers" will be blocked?
  COnsidering the PXE looks for permitted MAC addresses this should work (Ill try it in my own lab).
  Tested and verified:
  Simply create a collection with a parent collection of all systems.
  Add a workstation query:
  select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion LIKE "%Workstation%"
  Then "include" unknown computers.
  End result is any machine that has "server" in it's version that has already been deployed will not be able to use the deployment.  If you'd rather base existing computer on an OU or group membership just modify the first query how you see fit.
   This will let known workstations (or whatever) and unknown machines get deployed to ... but known machines NOT in that collection will be skipped.

• Last Date for customer transaction

  Is there a SAP field which stores the last date for a customer transaction.
  Thanks.

  yes there is a field which stores the last date for a customer transaction
  Regards
  PS: Be clear in your question.

• Auth. check for BP is invalid when do account search/activity creation

  Hi Experts,
  I have done the configuration for BP's anthorization group(B_BUPA_GRP).
  But when I do the BP Search, the authorization check for B_BUPA_GRP is invalid and all BPs are shown.
  This also happened when create activity.
  When choose a Partner, the authorization check is invalid , too.
  System is CRM 5.0.
  Please help.
  Thanks.
  Apple
  Edited by: mm19841228 on May 27, 2010 4:46 AM

  Hi,
  Perhaps something else to consider in your function is to include the SOUNDEX (<name>) function on the name being created against those in the table. If your users are typing in the names when creating them, then "typos" will be a problem in your search when using substr() or instr().
  Note:
  This will only be effective on the "English" language
  Regards,
  Mike

• Idoc for customer transactional data

  Dear all,
  Can any of you suggest which Idoc can be used for customer to customer postings.
  Thanks & Regards
  JKTECH

  Anybody please sugget

• Bypass P_orgin auth check for standard MSS reporting

  Hi SAPers,
  on my HR system, I have 2 types of users : ESS/MSS users (via portal) and backend users (via sapgui).
  ESS/MSS role does not contain any P_ORGIN authorization because it should be added to their authorizations if they are also backend users.
  The problem is coming from standard MSS reports : the "time statement overview" among other report needs P_ORGIN (IT 0, 1, 2, 7, 8, ...) !
  Is there a way to bypass the standard authorization check for MSS reports ?
  Thanks in advance,
  Olivier.

  >
  Olivier TACA wrote:
  > Example :
  >
  > Portal Role for ESS user contains P_ORGIN for IT 0006 (Address)
  >
  > Backend Role for backend user contains P_ORGIN for IT 0002 (Personal data) ... and S_TCODE for PA30 of course.
  >
  > The backend user, who is also an ESS user, can manage IT 0006, which is not foreseen in the backend role.
  >
  > I use P_PERNR for the portal role to manage access to infotype.
  I see two issues here:
  1. ESS is NOT setup correctly.
  - You don't need P_ORGIN for ESS.  You only need P_PERNR.  The trace might even show an error looking for P_ORGIN but you do not need it.  This is an example of a role I have using ESS services for addresses.  I don't have P_ORGIN, P_ORGINCON or P_ORIGXXCON.  Do NOT use PA30, for ESS, that is very dangerous.  The ESS services can be added to a role and should be use for ESS.
  Here is an example of what I have:
  Manually   HR: Master Data - Personnel Number Check                     P_PERNR
  Manually   Address Change - Permanent and Emergency
       Authorization level            D, E, M, S, W                                                               AUTHC
       Infotype                       0006                                                                        INFTY
       Interpretation of assigned per I                                                                           PSIGN
       Subtype                        *                                                                           SUBTY
  2. MSS - I can't find the service for the report you are looking for.  If you provide the MSS service I can run some traces and probably help you isolate your problem.  Example of an MSS service (sap.com/mss~pla/PlanningPrimaryCosts).
  I hope I didn't sound too harsh; I am just trying to help.
  Regards,
  -John N.
  Edited by: John Navarro on Aug 5, 2008 5:46 PM

• Auth grp for custom program

  Hi,
  I have an custom program which i need to secure by auth group so i went to RSCSAUTH then i kept some auth grp...eg;- say "FI" under auth grp column....before this i did not create any auth grp named: FI any where in the system......
  so my question is by doing this is considered as creation and assignment of auth grp to this custom program ???
  and if i do this in dev then how come this piece carried to production.
  Thanks,
  Lisa Pl

  The field is however not limited to 4 characters, RSCSAUTH is protected by 7.
  As you would hopefully develop and assign Auth Groups to programs in your development system, it does not make sense (to me) that the defined Auth Groups of the concept are necesarily known to the Prod system, as the role(s) for the report / transaction should be created / changed from the same source, ideally. So transporting the Groups themselves is only usefull if you are, for example, protecting programs or queries or report trees in production which are also maintained there. Transporting the program itself with the assigned TRDIR-SECU entry is not hindered (unless there is some feature of the STMS which does this - for example the production system is the domain controller).
  You can assign the auth group in Production as well with RSCSAUTH, subject to having the correct authorization for it. But you should restrict that very carefully and take care with your client settings...
  Other similar topics are changing menus in production.
  Cheers,
  Julius
  PS: If the reason for your question is because of protecting the prgram to run online, then perhaps a simple SY-BATCH... check in the program is another (additional) option. S_PROGRAM P_ACTION = 'BTCSUMBIT' as well.
  Edited by: Julius Bussche on Apr 20, 2008 8:58 PM

• Disable duplicate check for customer address on sales order creation

  I am using the following tables to create sales order as well as customer and addresses together. All data are coming from third party system through dblink.
  OE_HEADERS_IFACE_ALL
  OE_LINES_IFACE_ALL
  OE_CUSTOMER_INFO_IFACE_ALL
  however, whenever the address to be created already exist in OFS, the sales order import program ended with:
  Source/Order/Seq/Line    Message
  *1122/SOSHM006// Duplicate SHIP_TO ADDRESS found for SOSHM006_S. Please correct the data.*
  *1122/SOSHM006// Duplicate BILL_TO ADDRESS found for SOSHM006_B. Please correct the data.*
  how can I disable the above checking? ie: allow the address to be created even the address already exist.
  See Example below, notice that the addresses for SOSHM006_S and SOSHM005_S are identical, and addresses for SOSHM006_B and SOSHM005_S are identical, but we want them to be created as separately addresses.
  Example (first time)
  Insert into ONT.OE_HEADERS_IFACE_ALL (ORDER_SOURCE_ID, ORIG_SYS_DOCUMENT_REF, ORG_ID, ORDERED_DATE, ORDER_TYPE, PRICE_LIST, SALESREP_ID, SALES_CHANNEL_CODE, SHIP_FROM_ORG_ID, CUSTOMER_NUMBER, BOOKED_FLAG, CREATED_BY, CREATION_DATE, LAST_UPDATED_BY, LAST_UPDATE_DATE, OPERATION_CODE, ORIG_SHIP_ADDRESS_REF, ORIG_BILL_ADDRESS_REF) Values (1122, 'SOSHM005', 86, sysdate, 'Corporate (NOR)', 'Corporate', 1, 'CORPORATE', 90, 'SHM01', 'Y', 0, sysdate, 0, sysdate, 'INSERT', 'SOSHM005_S', 'SOSHM005_B');
  Insert into ONT.OE_LINES_IFACE_ALL (ORDER_SOURCE_ID, ORIG_SYS_DOCUMENT_REF, ORIG_SYS_LINE_REF, LINE_TYPE, INVENTORY_ITEM, ORDERED_QUANTITY, SHIP_FROM_ORG_ID, FULFILLMENT_SET_NAME, UNIT_LIST_PRICE, UNIT_SELLING_PRICE, CREATED_BY, CREATION_DATE, LAST_UPDATED_BY, LAST_UPDATE_DATE, OPERATION_CODE, SUBINVENTORY) Values (1122, 'SOSHM005', 'SOSHM005A_S', 'Corporate Line (NOR)', '01-09-PAC-3522-01', 1, 90, '1', 0, 0, 0, sysdate, 0, sysdate, 'INSERT', 'Mesad');
  insert into OE_CUSTOMER_INFO_IFACE_ALL(CUSTOMER_INFO_REF, CUSTOMER_INFO_TYPE_CODE, current_customer_number, org_id, COUNTRY, ADDRESS1, CITY, STATE, POSTAL_CODE, IS_SHIP_TO_ADDRESS, IS_BILL_TO_ADDRESS, CREATION_DATE, CREATED_BY, LAST_UPDATE_DATE, LAST_UPDATED_BY) values('SOSHM005_S', 'ADDRESS', 'SHM01', 86, 'MY', 'Ship4 479, JALAN PASIR PUTEH 31650 IPOH PERAK.', 'IPOH', 'Perak', '31650', 'Y', 'N', sysdate, 0, sysdate, 0);
  insert into OE_CUSTOMER_INFO_IFACE_ALL(
  CUSTOMER_INFO_REF, CUSTOMER_INFO_TYPE_CODE, current_customer_number, org_id, COUNTRY, ADDRESS1, CITY, STATE, POSTAL_CODE, IS_SHIP_TO_ADDRESS, IS_BILL_TO_ADDRESS, CREATION_DATE, CREATED_BY, LAST_UPDATE_DATE, LAST_UPDATED_BY) values('SOSHM005_B', 'ADDRESS', 'SHM01', 86, 'MY', 'Bill4 479, JALAN PASIR PUTEH 31650 IPOH PERAK.', 'IPOH', 'Perak', '31650', 'N', 'Y', sysdate, 0, sysdate, 0);
  Example (second time) - the differences are highlighted in bold.
  Insert into ONT.OE_HEADERS_IFACE_ALL (ORDER_SOURCE_ID, ORIG_SYS_DOCUMENT_REF, ORG_ID, ORDERED_DATE, ORDER_TYPE, PRICE_LIST, SALESREP_ID, SALES_CHANNEL_CODE, SHIP_FROM_ORG_ID, CUSTOMER_NUMBER, BOOKED_FLAG, CREATED_BY, CREATION_DATE, LAST_UPDATED_BY, LAST_UPDATE_DATE, OPERATION_CODE, ORIG_SHIP_ADDRESS_REF, ORIG_BILL_ADDRESS_REF) Values (1122, *'SOSHM006'*, 86, sysdate, 'Corporate (NOR)', 'Corporate', 1, 'CORPORATE', 90, 'SHM01', 'Y', 0, sysdate, 0, sysdate, 'INSERT', *'SOSHM006_S'*, *'SOSHM006_B'* );
  Insert into ONT.OE_LINES_IFACE_ALL (ORDER_SOURCE_ID, ORIG_SYS_DOCUMENT_REF, ORIG_SYS_LINE_REF, LINE_TYPE, INVENTORY_ITEM, ORDERED_QUANTITY, SHIP_FROM_ORG_ID, FULFILLMENT_SET_NAME, UNIT_LIST_PRICE, UNIT_SELLING_PRICE, CREATED_BY, CREATION_DATE, LAST_UPDATED_BY, LAST_UPDATE_DATE, OPERATION_CODE, SUBINVENTORY) Values (1122, *'SOSHM006'*, *'SOSHM006A_S'*, 'Corporate Line (NOR)', '01-09-PAC-3522-01', 1, 90, '1', 0, 0, 0, sysdate, 0, sysdate, 'INSERT', 'Mesad');
  insert into OE_CUSTOMER_INFO_IFACE_ALL(CUSTOMER_INFO_REF, CUSTOMER_INFO_TYPE_CODE, current_customer_number, org_id, COUNTRY, ADDRESS1, CITY, STATE, POSTAL_CODE, IS_SHIP_TO_ADDRESS, IS_BILL_TO_ADDRESS, CREATION_DATE, CREATED_BY, LAST_UPDATE_DATE, LAST_UPDATED_BY) values( *'SOSHM006_S'* , 'ADDRESS', 'SHM01', 86, 'MY', 'Ship4 479, JALAN PASIR PUTEH 31650 IPOH PERAK.', 'IPOH', 'Perak', '31650', 'Y', 'N', sysdate, 0, sysdate, 0);
  insert into OE_CUSTOMER_INFO_IFACE_ALL(
  CUSTOMER_INFO_REF, CUSTOMER_INFO_TYPE_CODE, current_customer_number, org_id, COUNTRY, ADDRESS1, CITY, STATE, POSTAL_CODE, IS_SHIP_TO_ADDRESS, IS_BILL_TO_ADDRESS, CREATION_DATE, CREATED_BY, LAST_UPDATE_DATE, LAST_UPDATED_BY) values( *'SOSHM006_B'* , 'ADDRESS', 'SHM01', 86, 'MY', 'Bill4 479, JALAN PASIR PUTEH 31650 IPOH PERAK.', 'IPOH', 'Perak', '31650', 'N', 'Y', sysdate, 0, sysdate, 0);

  Hi George Chen
  with sales order stock .. is ther a way of allocating the stock from unrestricted stock .. i understand that you have to have the stock in a "special" area to move it to the sales order?
  excuse my ignorance but what is IS-AD solution?
  thanks
  Nick

• How to start creating a new component for custom transaction in IWEB client

  Hello Experts,
  I am new to CRM 2007 CRM web client programming.
  I have a custom SAP GUI transaction in CRM and user wants to convert it into ICWEB transaction.
  its using all custom tables and in all screens,
  Please guide me how do I proceed in creating the component,display fields on the view....
  I mean how to create the fields in the View, Do I need to write BSP code or Wizard helps me to generate and configure the fields on the view.
  Please also let me know procedures create context notes which replicate the database tables which the data is saving or updating.
  I am not clear cut info to proceed,
  Please help me in this regards
  thanks in Advance
  Edited by: Madhavi Angi on Apr 23, 2009 2:57 PM

  Hi Keith,
  <<This particular rule is a sample one I set up that requires the existence of C:\IT\test.txt. But I don't see the actual text of that rule anywhere in the XML:>>
    In your XML, if you see these lines:  
  <Expression>
  <Operator>NotEquals</Operator>
  <Operands>
  <SettingReference AuthoringScopeId="ScopeId_811CF9C7-F08C-4528-8C02-E20811B33FD5" LogicalName="OperatingSystem_5c61496b-b4dc-4ca9-a3f7-30c3aec8e2a4" Version="1" DataType="Int64" SettingLogicalName="File_cccd7dc7-e590-494c-b166-6d4aea7abc57" SettingSourceType="File" Method="Count" Changeable="false" />
  <ConstantValue Value="0" DataType="Int64" />
  </Operands>
  </Expression>
       It has setting reference with GUID with Method="Count" means this is existential rule referenced to setting blah blah... (If method="Value" means that it has value rule defined) and for existential rule,
  XML has "NotEquals" operator and value is "0" which means that if file not equals to zero means file exist (compliant).
  Hope this helps.
  This posting is provided "AS IS", provides no warranties, and confers no rights. -Praveen S.

• Sales Area check for custom partner function

  When processing sales orders in our system, it does not check the sales area for the customer of a custom partner function.  Can this be setup via config or is there a an exit that can be used for this.
  Thanks,
  Roy

  Yogesh -- Thanks for your response. However, it does not address the functionality issue.
  Currently, I created new partner function ZZ (for example).
  I assigned this partner function ZZ to account group Z000.
  I created new partner XYZ in account group Z000, in sales area XX00/XX/XX.
  I created a sales order in sales area YY00/YY/YY.
  Problem is that system allows me to assign partner XYZ to this sales order.
  How do I prevent this?
  How do I enfore that system will only allow partner XYZ in the sales order, if the partner is created in the same sales area?
  Edited by: krist d on Dec 13, 2010 4:33 AM

• Check for transaction interface failure from POS to POSDM

  Dear experts,
  Would like to see if in your experience, you have encountered any report or functions that allow users in POSDM to check if sales transaction from a particular store has failed to do the inbound interface from POS to POSDM?
  I am personally not aware of this, so if there is no such report based on your knowledge, would you have any workaround solution that you can suggest me?
  Thanks so much.
  Dominic

  Link for Duplication Check process: http://scn.sap.com/docs/DOC-47529
  Link for info on POS DM: http://help.sap.com/saphelp_posdm/helpdata/en/4e/9617be3aec6ea9e10000000a42189b/content.htm
  Hi Dominic,
  There are certain validation checks we have in POS DM to validate the transaction data when it comes to POS DM. These validations are like Master Data check, Duplication check, Sequence check for missing transactions and so on.
  You can find more about the same in the given link. I don't know my editor is behaving strangely so the link is on the top. I am not able to paste the links in editor links are coming on top. Might be my IE issue.
  Regarding implementing such validation in POSDM for incoming transaction you can refer my posted document for Duplication check in POSDM. From this document you will get an idea about how to implement the validation check.
  Let me know if you need any other information.
  Regards,
  Amit