No Authorization for BSP

Similar Messages

• Managing authorization for IC web client

  Where can we find autorization objects used for the IC web client ?
  - I cannot find any documentation on this topic.
  - There's no transaction code and by the way no SU24 definition.
  - Declaring the IC WEB BSP in transaction PFCG, no object are associated to the profil.
  Tanguy

  Due to our service center geographic organization we want to control acces from the country code of our custumer.
  I got more information from the CRM security guide :
  http://help.sap.com/saphelp_crm40sr1/helpdata/en/28/797b14a9cf4296b02742f641c18971/frameset.htm
  And OSS note 675502 (No authorization for executing a PCUI BSP application)
  I will test the following solution :
  1- Add the shadow transaction BSP_CRMD_BUS2000116 in PFCG in order to get the BSP_APPL object
  2- Add the transaction CRMD_ORDER & BP in order to control document usage from country code

• SAP Role Security for BSP

  Hello Experts,
  I am developing BSP application in BW Environment for some custom table maintenance which doesn't involve Portal.
  I call the BSP Application with "CALL_BROWSER" FM from Programs.They want to control the access to the users based on Role or Auth Objects or others inside the system.
  Because, if some user knew the URL for the BSP the security is pretty open.
  Is there anyway to do security for BSP based on roles?
  Best Regards
  Arun Prasad

  Hi,
  Here are the step:
  1. Create the Role in PFCG with following detail Auth Obecjt:
  2. Create the Authorization Check for ICF Access Internet communication Framework (S_ICF) & with Field ID is <b>ICF_FIELD</b>. Chcek the checkbox <b>SERVICES</b>. For the same Auth Object create another Field ID "<b>ICF_VALUE</b>", here assign you BSP Application ID lets say MYBSP.
  3. Then goto <b>SICF</b> transaction, goto your BSP Application node, undere service data mention this ID as MYBSP against SAP Auth.
  4. Now you need to check Auth obejct before calling the FM CALL_BROWER the way you do if for normal ABAP Report.
  Hope this will solve your problem. Let me know if you have any questiion.
  <i>* Reward each useful answer</i>
  Raja T
  Message was edited by:
          Raja T

• Authorization for IC Web Client Profile

  Dear Guru,
  This is the first time I involve in IC Web Client
  Project.
  I would like to limit IC Web Client Profile. What is authorization object which I have to limit ?
  Beside that, if users miss authorization in the web screen, what is  user have to do ( in R3 we can order user to run /nsu53 or I run ST01 to trace ) ?
  Pls advice.
  Thanks,
  SUGANDI

  You can use SAP delivered roles
  SAP_PCC_IC_AGENT
  SAP_PCC_IC_MANAGER
  SAP_PCC_CAMPAIGN_MANAGER.
  Each of these roles have access to Interaction Center BSP application 'CRM_IC' as well as other PCUI applications used in IC Web Client.
  Authorization object for BSP applications is 'BSP_APPL'.
  Talk to your security person and ask him to assign these roles to the user who are going to use the application.
  You can even customize these roles.
  Thanks,
  Thirumala.

• Problem with Authorization for Planning folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  we are not pulling the data from any other server, all the data is on the sif any one has faced the same issue let me know.
  Regards,
  Abraham

  Calling Thru Trans code: BPS0 in ECC 6
  getting this error:
  Error while calling up RFC
  Message No. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "An error occurred during the receipt of a complex parameter."
  after i check in bw trans code:st22
  Following this error message:
  Category                   Internal Kernel Error
  Runtime Errors         PARAMETER_CONVERSION_ERROR
  Application Component  BC-MID-RFC
  Short text
      An error occurred during the receipt of a complex parameter.
  What happened?
      During a remote function call, an error occurred while converting
      a complex parameter.
  What can you do?
      Note which actions and input led to the error.
      For further help in handling the problem, contact your SAP administrator
      You can use the ABAP dump analysis transaction ST22 to view and manage
      termination messages, in particular for long term reference.
  Error analysis
      An error occurred during the conversion of a complex parameter.

• Problem with Authorization for BW BPS planning Folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  if any one has faced the same issue let me know.
  Regards,
  Abraham

  HI ,
  I Checked it out we dont have that cube in our system.
  Regards,
  Abraham

• Authorization for opening & Closing posting periods - OB52

  Hi,
  Is there any way to set authorization for opening & closing of posting periods in OB52?
  My scenario:
  I have 2 company codes - A & B assigned to 2 different posting period variant - say PPA & PPB.
  The user belonging to CoCd A should not be able to open/close posting period of CoCd B and vice versa.
  Is this possible through any authorization settings?
  Request your help on this.
  Regards,
  Sridevi

  Hi Sridevi
  Please go through the following:
  You can assign authorization groups for permitted posting periods. This means that, for example, some posting periods can only be opened for particular users within monthly or annual closing. You can only assign the authorization group at document header level and it only affects period 1. The authorization object is called F_BKPF_BUP (Accounting document: Authorizations for posting periods). Read the corresponding chapter on "User maintenance" in the "Assigning authorizations" topic.
  "User maintenance"
  Due to the modular authorization concept of the system, you can define authorization profiles which are tailored to the workplace of your employees. You can, for example, assign authorization to a workplace in the Accounts Receivable, Accounts Payable or General Ledger Accounting areas.
  By assigning authorizations you define which business-related objects your employees are allowed to process and which editing functions are allowed.
  In the following activities for authorization management, you must carry out the following for employees who are to work with the system:
  Assign authorizations
  The authorizations are assigned by specifying permitted values for the pre-defined objects.
  Define profiles
  In the SAP system, authorizations are grouped together in workplace profiles. Therefore one or more profiles must be allocated to the individual employee in the master record.
  I hope this helps.
  Regards
  Kavitha

• Authorizations for materials and material groups

  Hello experts,
  Is it possible to limit the authorization to make purchase requerisiton of some materials or material groups depending on the user?
  I heard that it is possible be able to update some materials using the authorization M_MATE_MAT and including them in the material master, material group and user. But this also works for the creation of purchasing documents (PR,PO,RFQ,...)? Do I have to include this authorization for all the materials? If they do not have I understand that works for every people.
  Thanks in advance for your help
  Best regards,

  Hi Madii,
               actually Authorization works at the object level, i.s if you have provided the authorization for the user to makePR with certain Material Grp, then if you dont define that grp in the PO role, but still user will get the authorization from the PR role.
  why you want to allow the user to make the PR of certain Mtrl Grp for which he should not be making the PO.
  or let a different Body take care of the other mtrl Grp.
  Hope it helps.
  Regards,
  Yawar Khan

• Authorization for certain warehouse in stock transfer

  I'm trying to create an authorization for stock transfer when To Warehouse equals a certain value. Is there a way to do it?

  Hi,
  How could I do it with an approval procedure?
  You can create approval stages and template by using query
  Is it with a query?
  Yes
  Will it be similar to a formatted search?
  Yes
  Try this query for row level with only one item.
  Select Distinct 'True' FROM OWTR T0 inner join WTR1 T1 on T0.docentry = T1.docentry
  Where $[$23.5.0] = 'ExScrap'
  Note: Replace Exscrap with your warehouse name.
  Thanks & Regards,
  Nagarajan

• Cancel a SD invoice error message "no authorization for transaction FB08"

  Hi Gurus,
  I am trying to cancel a SD invoice and am receiving the error message " no authorization for transaction FB08" is coming. Never has this happened in past, i have checked all the security authorizations also and they are in place. Accounting document status is showing as not cleared. Also, as per my understanding cancellation of invoice happens through VF11 which does not calls FB08. Please point out reasons as to why this could be happening and the possible solution thereof.
  regards
  Anmol Pareek

  Hi Anmol
  Once you got the error screen, immediately after that goto T code SU53 and expand all link. Take the screen shot and send it to your BASIS team to provide you proper access.
  Yes you are correct cancellation is done through VF11 but sometime some programs internally calls other T codes.
  take help of your basis team.

• BW report authorization for restrict cost center

  dear all,
  i have problem on BW report authorization for restrict cost center.....when i execute the query, after selection screen, appear error message 'you cannot change zv_cctr for characteristic 0COSTCENTER during query'.
  note : zv_cctr is variable restriction for costcenter, type processing = customer exit.
  below the customer exit :
  WHEN 'ZV_CCTR'.
      IF i_step = 2.
        DATA : gt_mstuidvscc TYPE TABLE OF  ztbw_mstuidvscc,
               gs_mstuidvscc TYPE  ztbw_mstuidvscc,
               wa_final2(10) TYPE c.
        SELECT * FROM ztbw_mstuidvscc INTO CORRESPONDING FIELDS OF TABLE gt_mstuidvscc
          WHERE userid = 'sy-uname'.
        LOOP AT gt_mstuidvscc INTO gs_mstuidvscc.
          wa_final2 = gs_mstuidvscc-kostl.
          l_s_range-opt = 'EQ'.
          l_s_range-high = wa_final2.
          APPEND l_s_range TO e_t_range.
        ENDLOOP.
      ENDIF.
  Regards,
  Tony

  i defined variable as ready for input and mandatory.
  regards,
  Tony

• How to set authorization for BW Workspace in backend and Portal ?

  Hello Expert,
                       I have developed one BW Workspace in development environment . I have some query regarding BW workspace authorization for access in portal . Some of the queries are as  follows:
  1) How many composite provider we can build up inside of one workspace that we can go by Tcode ---RSWSPW ?
  2) After activating the workspace it shows in RSWSPW ,but this workspace/composite provider will be available in Info Area(in RSA1) or some area else from where we can see this ?
  3) Now our requirement is like that -- we have to provide some workspace for SD power user ,Finace Power user & Marketing Power users, in this situation how can we put authorization in bw workspace like SD power user should not see the FI Power user's & Marketing Power user's Workspace rather than his own workspace ?
  4) In our requirement, we are going to produce some bex query on top of bw worksapce composite provider . For creating this query ,we searched provider by puting provider name directly in serach option , but is there any option to search the bw worksapce related composite provider by putting info area name in query search ?
  5) In another senerio, we gone to create BO AA OLAP report on top of bw workspace composite provider but in source option we cant see the provider ,infact we could not search the composite provider in search option in source selection ----   do i need to navigate any step in compostie provider to make it enable for BO AA OLAP creation on top of composite provider ?
  Expecting and appreciating your guidence and suggestion asap .
  Thanks & Regards,
  Surajit Pal

  Hello Expert,
                   Do you have any idea regarding below questionaries about BW Workspace ?
  1) How many composite provider we can build up inside of one workspace that we can go by Tcode ---RSWSPW ?
  2) After activating the workspace it shows in RSWSPW ,but this workspace/composite provider will be available in Info Area(in RSA1) or some area else from where we can see this ?
  3) Now our requirement is like that -- we have to provide some workspace for SD power user ,Finace Power user & Marketing Power users, in this situation how can we put authorization in bw workspace like SD power user should not see the FI Power user's & Marketing Power user's Workspace rather than his own workspace ?
  4) In our requirement, we are going to produce some bex query on top of bw worksapce composite provider . For creating this query ,we searched provider by puting provider name directly in serach option , but is there any option to search the bw worksapce related composite provider by putting info area name in query search ?
  5) In another senerio, we gone to create BO AA OLAP report on top of bw workspace composite provider but in source option we cant see the provider ,infact we could not search the composite provider in search option in source selection ----   do i need to navigate any step in compostie provider to make it enable for BO AA OLAP creation on top of composite provider .
  Appreciating your early responds and thanks in advance .
  Regards,
  Surajit

• Report S_ALR_87013105 : no authorization for the report/ table 7KU6_001

  Hi Gurus,
  While executing the program S_ALR_87013105 (Detailed Reports 
  For Sales Order : Plan/Actual Comparison ) system showing the selection log.
  "Have no authorization for the report/table  7KU6_001 and 7KU6_002".
  But for the user the authorization check through SU53 was successful.
  Pl can any one suggest on this issue.
  Thanks in advance,
  Vijay

  Hi,
  Contact your basis consultant to provide the missing authorisation. This is one of the authorisation object.
  Regards,
  Sankar

• Problem wih analysis authorization for two scenarios on same data provider

  Dear all,
  I am looking for a solution on the following authorization scenario (using the new analysis authorization). Unfortunately everything that I tried did not work out as expected:
  User A is allowed to manually access query 1 (based on cube A) with authorization on all sites A-Z
  The same user A shall get an email distribution automatically (derivation of the filter in the query out of the authorization) for query 2, which is as well based on cube A, but this time the authorization shall be limited only to site A.
  As both queries are based on the same infoobject (0PLANT) and the same infoprovider (0TCAIPROV) I always get the result for all sites A-Z. The 0TCAACTVT is in both cases 03 (display), so I have no chance to distinguish between reporting and email distribution.
  Probably the only chance would be to derive the values for the email distribution scenario not from the authorization directly, but using a customer exit to fill the filter - but I would prefer a "standard" solution...
  Any ideas??
  Thanks,
  Andreas

  Dear Andreas,
  Before give you an alternative for you problem, Iu2019d like to comment the combining authorization concept:
  http://help.sap.com/saphelp_nw70/helpdata/EN/46/98cd87f37d19ace10000000a11466f/frameset.htm
  For this reason I suggest you which combing restriction through authorization and query filter. For query 2 try to use in 0PLANT characteristic the single value u201Csite Au201D, this restriction give you only authorization for see this value.
  Otherwise, you have to use customer exit.
  I hope that alternative help you to find a solution,
  Luis

• What happends when you give 2 groups with some of the same members different authorizations for a document

  Hello,
  I'm doing my internship at a litte Telekom company. I'm investigating how they can use MS SharePoint as their central place to put projectinformation. Now i've been thinking what happends when i do the following:
  Make one document library
  Add 2 groups to the Active Directory, group "A" with all the employees and group "B" with only four people working on a project. When i add a document to the document library and set the authorizations for the document as
  follows:
  Group B: Read/Write
  Group A: Read
  Does the people from group B still be able to edit the document, because they are also in group A?
  I don't have a test environment to test this myself.
  Why i want to know this? The company want's one place to place all their documents with projectinformation. This information is about different projects. You only wan't that people can change the specific document when they are working on the specific project
  where the document belongs to.  

  You get the union of permissions, so if one group allows access and the other not, you will get the union of both and therefore access. Of course, you can break security settings per library/folder or document, and specify new settings,
  if you need too.
  Kind regards,
  Margriet Bruggeman
  Lois & Clark IT Services
  web site: http://www.loisandclark.eu
  blog: http://www.sharepointdragons.com