Unicode check - I/O field has no accessible label

Hi,
We are currently converting our system to unicode standards and when doing the SCID test I get the following error and I don't know how to fix it ... if you could please help :
I/O field has no accessible label - usually the fields SCID complain about is check-boxes.
Thank you !

Hi,
Have you developed the module pool program?
If yes then go to the screen double click on the field which is throwing error.You will get the attributes screen , in that you will have a tab below for 'Display' in that one option will be there 'AS LABEL On LEFT' check that check box...
Hope this will help.
Regards,
Rohan.
Edited by: rohan jain on Nov 24, 2008 3:24 PM

Similar Messages

I/O field has no accessible label

Hello,
   I have a selection screen which has several Radio buttons and Listbox as the code below. I checked code by using code inspector and it issued error messages "I/O field (input field) xyz has no accessible label". How do I fix this? Thanks in advance.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 3(29) text-007 MODIF ID vlp.
PARAMETERS : p_vgrsv(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
                                               MODIF ID vlp.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 3(29) text-008 MODIF ID vlp.
PARAMETERS : p_vavgr(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
                                                MODIF ID vlp.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS : p_mkt RADIOBUTTON GROUP xyz MODIF ID cmp
                                        USER-COMMAND click.
SELECTION-SCREEN COMMENT 3(29) text-009 MODIF ID vlc.
PARAMETERS : p_vmktpc(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
                                                MODIF ID vlc.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS : p_inc RADIOBUTTON GROUP xyz MODIF ID cmp DEFAULT 'X'.
SELECTION-SCREEN COMMENT 3(29) text-010 MODIF ID vlc.
PARAMETERS : p_vincst(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
                                                MODIF ID vlc.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS : p_vww RADIOBUTTON GROUP xyz MODIF ID cmp.
SELECTION-SCREEN COMMENT 3(29) text-011 MODIF ID vlc.
*SELECTION-SCREEN COMMENT 3(29) text-011 MODIF ID vlc.
PARAMETERS : p_vwwtrn(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
                                                MODIF ID vlc.
SELECTION-SCREEN END OF LINE.
Regards,
Tintu

Hi,
Change the code like below . Do the same for rest
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS : p_vww RADIOBUTTON GROUP xyz MODIF ID cmp.
SELECTION-SCREEN COMMENT 3(29) text-011 FOR FIELD p_vww MODIF ID vlc. "Add FOR FIELD p_vww
*SELECTION-SCREEN COMMENT 3(29) text-011 MODIF ID vlc.
PARAMETERS : p_vwwtrn(20) TYPE c AS LISTBOX VISIBLE LENGTH 30
MODIF ID vlc.
SELECTION-SCREEN END OF LINE.

I/O field (input field) xyz has no accessible label ?

I have a selection screen which has several radio buttons as the code below. I checked code by using code inspector and it issued error messages "I/O field (input field) xyz has no accessible label". How do I fix this? thanks
SELECTION-SCREEN BEGIN OF BLOCK status
WITH FRAME
TITLE text-006.
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS dy_ofn LIKE rihea-dy_ofn FOR TABLE diaufk.
SELECTION-SCREEN COMMENT 3(11) text-001 FOR FIELD dy_ofn.
PARAMETERS dy_iar LIKE rihea-dy_iar FOR TABLE diaufk.
SELECTION-SCREEN COMMENT 16(10) text-002 FOR FIELD dy_iar.
PARAMETERS dy_mab LIKE rihea-dy_mab FOR TABLE diaufk.
SELECTION-SCREEN COMMENT 29(10) text-003 FOR FIELD dy_mab.
PARAMETERS dy_his LIKE rihea-dy_his FOR TABLE diaufk.
SELECTION-SCREEN COMMENT 42(10) text-004 FOR FIELD dy_his.
SELECTION-SCREEN COMMENT 52(10) text-005 FOR FIELD selschem.
PARAMETERS selschem LIKE tj48t-selid FOR TABLE diaufk.
SELECTION-SCREEN PUSHBUTTON 73(5) p_addr USER-COMMAND addr
FOR TABLE diaufk.
PARAMETERS dy_adrfl NO-DISPLAY FOR TABLE diaufk.
SELECTION-SCREEN COMMENT 79(30) ad_icon FOR TABLE diaufk.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN END OF BLOCK status.

Hi,
If an input field is located next to a selected radio button and its label, you must show this field as being ready for input.
o If an input field is located next to a non-selected radio button and its label, you must show this field as inactive. Chapter 3.4 discusses why this is necessary.
u2022 Do not place more than one element on the right of the label. If more than one element is placed after the label, then screen readers cannot read the following relationships correctly:
o Relationship between a checkbox and a label
o Relationship between a radio button and a label
o Relationship between an input field and a label.
Also, Please go through this document:
http://www.sapdesignguild.org/resources/Accessibility_Guideline_ABAP_external_Version.pdf

How to check for missing fields in the file?

Hi friends,
I have a file to file scenario in which if any of the fields have a blank value, i have to put the file back in the source folder. If none of the fields are missing, the scenario should work normally.
Can anybody tell me how can i check for the field lengths and if any of the fields are blank, how do i send it back to the original folder.
Waiting for your responses,
Divija.

Hi Divija,
>>how can i check for the field lengths
Since you need to basically check if the field has a value or not, i dnt think you need to check for the length of the field. Instead, you can use any one of the booloean functions available in the graphical mapping editor to check if the field has a value or not(filed value true or false)
>>how do i send it back to the original folder.
You can maintain a flag variable in the target structure such that if any of the source fields donot have values, the flag's value becomes 1 else it remains 0.
Now, you can check if the value of flag is equal to 1/0 in the bpm and accordingly send the data.
If in case, you donot want the flag to come in the target file that is loaded/sent from the bpm in the end, i think even tat can be taklen care of.
You can create two receiver communication channels and define one file adapter in each such that one has the destination as the actual target directory and the other has the original source directory as the destination.
Regards,
Sushumna

How can I enforce automatic spell checking for selected fields of data entered by form users?

I'd like to be able to enforce spell checking of selected fields in the forms that I've created using LiveCycle Designer 8.2 at run time, as opposed to design time. I understand the version LCD 8 has a nifty new spell checker for form designers. But I want to spell check the data entered by users using Acrobat Reader. And I want to enforce the spell checking automatically on selected fields only.
Presently it seems that users filling in my forms, must know how to manually right-click on each field and select "Spell Check" from the resulting dialog box in order to check for spelling errors in the data the user has entered in the form.
I would like to discover a way to enforce spell checking in selected fields, just as I am able to do in forms created using Acrobat Pro. In Acrobat Pro, I can set a property for each field to require spell checking. but that feature seems to be missing in Livecycle Designer.
I've check the Object model for XFA forms hoping that I might find a method I can call with a Javascript, to check spelling based on an event such as onBlur. But I haven't found a spell check method.
Am I missing something simple? Is there a way to set each field to be spell checked when a user is filling in the form using the free Acrobat Reader?
Our users are not sophisticated and requiring them to spell check each field separately just won't cut it...
Any help on this will be greatly appreciated.
Thanks!
-David Bartholomew

Hi David,
Two things...
At design time set the locale of the form to one that Acrobat spell checks. For example English (US) and English (UK) locales have spell checkers; however English (Ireland) does not. Check the Warnings tab to see if spell checking is supported for your locale.
If your form locale supports spell checking then you can go to the button script below.
If you form locale does NOT support spell checking then Stephanie has a great work around to force spell checking (http://forums.adobe.com/message/2233945#2233945).
Bring a regular button onto the form and in the click event have the following:
app.execMenuItem("Spelling:Check Spelling");
Which will open the spell checker for all fields. Thanks to Paul for extracting all of the accessible menu items (http://forums.adobe.com/message/1912914#1912914).
Good luck,
Niall

Offset declaration too big for structure (unicode checks)

Has anyone worked with this user exit to Derive values for co/pa?
Enhancement COPA0001
Comp ZXKKEU11
I set up WA_CE1AWG1 as data: WA_CE1AWG1 like CE1AWG1.
and tried to copy I_COPA_ITEM to this variable
WA_CE1AWG1 = I_COPA_ITEM.
I get a runtime error Offset declaration too big for structure.
will I have to change program SAPLXKKE to remove unicode checks. Is there any other way to read in the fields from input structure I_COPA_ITEM?

hi
1.r u sure I_COPA_ITEM is structure or table.
2. if it is a struccture make sure the WA_CE1AWG1 and I_COPA_ITEM are with same structures and types..
i think I_COPA_ITEM is table type --> to find it open in debugging mode then try to resolve.
Please Close this thread.. when u r problem is solved
Reward if Helpful
Regards
Naresh Reddy K

Unicode Check Active

Hi All,
I want to know about "Unicode Check Active" in ABAP Editor Program Attributes.I don't know anything about this.I want to know
What is Unicode Check Active.
How to Activate this Check Box.
what is meant by Code Pages.
What is UTF-8 UTF-16 & UTF-32.
What is the Use of It.
In ABAP Code the Unicode Check Doesn't Support the some syntax like Open Data set and Describe Lines like that what are all the syntax in ABAP it doesn't support.
Can anybody give me the clear idea about this.So, it will be very helpful to me.This is very urgent.Surely i will reward more points.
Thanks,
Swapna.

Hi,
Unicode Check is one of the latest enhancement in SAP which has been done so as to provide SAP product in almost all the language that is spoken in the world.
A program as to be made Unicode check Active in its attribute so that it can be used in Unicode enabled SAP system.
what is unicode?
From Release 6.10, ABAP supports multi-byte coding for characters in Unicode. Prior to Release 6.10, ABAP used only character sets that were based on single-byte codes such as ASCII and EBCDIC or double-byte codes, such as SJIS and BIG5.
what is unicode enabled program?
A Unicode-enabled ABAP program is a program in which all Unicode checks are effective. Such a program returns the same results in a non-Unicode system as in a Unicode system .In order to perform the relevant syntax checks, you must activate the Unicode flag in the screens of the program and class attributes.
Type of errors in unocode check.
This switch to Unicode affects all statements where an explicit or implicit assumption is made about the internal length of a character. If you use these statements in a program that is designed to exploit the Unicode capabilities of the runtime environment, they must be checked and changed if necessary. Once a Unicode-enabled program has been changed accordingly, it behaves in the same way in both Unicode and non-Unicode systems. You can develop programs in a non-Unicode system (NUS) and then import them into a Unicode system
UNICODE CHECK ACTIVE:
You need to use the transaction UCCHECK.
The report documentation is here
ABAP Unicode Scan Tool UCCHECK
You can use transaction UCCHECK to examine a Unicode program set for syntax errors without having to set the program attribute "Unicode checks active" for every individual program. From the list of Unicode syntax errors, you can go directly to the affected programs and remove the errors. It is also possible to automatically create transport requests and set the Unicode program attribute for a program set.
Some application-specific checks, which draw your attention to program points that are not Unicode-compatible, are also integrated.
Selection of Objects:
The program objects can be selected according to object name, object type, author (TADIR), package, and original system. For the Unicode syntax check, only object types for which an independent syntax check can be carried out are appropriate. The following object types are possibilities:
PROG Report
CLAS Class
FUGR Function groups
FUGX Function group (with customer include, customer area)
FUGS Function group (with customer include, SAP area)
LDBA Logical Database
CNTX Context
TYPE Type pool
INTF Interface
Only Examine Programs with Non-Activated Unicode Flag
By default, the system only displays program objects that have not yet set the Unicode attribute. If you want to use UCCHECK to process program objects that have already set the attribute, you can deactivate this option.
Only Objects with TADIR Entry
By default, the system only displays program objects with a TADIR entry. If you want to examine programs that don't have a TADIR entry, for example locally generated programs without a package, you can deactivate this option.
Exclude Packages $*
By default, the system does not display program objects that are in a local, non-transportable package. If you want to examine programs that are in such a package, you can deactivate this option.
Display Modified SAP Programs Also
By default, SAP programs are not checked in customer systems. If you also want to check SAP programs that were modified in a customer system (see transaction SE95), you can activate this option.
Maximum Number of Programs:
To avoid timeouts or unexpectedly long waiting times, the maximum number of program objects is preset to 50. If you want to examine more objects, you must increase the maximum number or run a SAMT scan (general program set processing). The latter also has the advantage that the data is stored persistently. Proceed as follows:
Call transaction SAMT
Create task with program RSUNISCAN_FINAL, subroutine SAMT_SEARCH
For further information refer to documentation for transaction SAMT.
Displaying Points that Cannot Be Analyzed Statically
If you choose this option, you get an overview of the program points, where a static check for Unicode syntax errors is not possible. This can be the case if, for example, parameters or field symbols are not typed or you are accessing a field or structure with variable length/offset. At these points the system only tests at runtime whether the code is sufficient for the stricter Unicode tests. If possible, you should assign types to the variables used, otherwise you must check runtime behavior after the Unicode attribute has been set.
To be able to differentiate between your own and foreign code (for example when using standard includes or generated includes), there is a selection option for the includes to be displayed. By default, the system excludes the standard includes of the view maintenance LSVIM* from the display, because they cause a large number of messages that are not relevant for the Unicode conversion. It is recommended that you also exclude the generated function group-specific includes of the view maintenance (usually L<function group name>F00 and L<function group name>I00) from the display.
Similarly to the process in the extended syntax check, you can hide the warning using the pseudo comment ("#EC *).
Applikation-Specific Checks
These checks indicate program points that represent a public interface but are not Unicode-compatible. Under Unicode, the corresponding interfaces change according to the referenced documentation and must be adapted appropriately.
View Maintenance
Parts of the view maintenance generated in older releases are not Unicode-compatible. The relevant parts can be regenerated with a service report.
UPLOAD/DOWNLOAD
The function modules UPLOAD, DOWNLOAD or WS_UPLOAD and WS_DOWNLOAD are obsolete and cannot run under Unicode. Refer to the documentation for these modules to find out which routines serve as replacements.
Reward Points if found helpfull..
Cheers,
Chandra Sekhar.

Question Regarding Unicode Checks

Hi Abapers,
What is Need of Transaction:UCCODE, what are the things which i need to check after giving the program name , and executing , what sholud be the out come ... negative means what will happen....
positive means what will happen.....
With Regards
Bhaskar Rao.M

Hi,
Transaction code is UCCHECK.
ABAP Unicode Scan Tool UCCHECK
You can use transaction UCCHECK to examine a Unicode program set for syntax errors without having to set the program attribute "Unicode checks active" for every individual program. From the list of Unicode syntax errors, you can go directly to the affected programs and remove the errors. It is also possible to automatically create transport requests and set the Unicode program attribute for a program set.
Some application-specific checks, which draw your attention to program points that are not Unicode-compatible, are also integrated.
Selection of Objects:
The program objects can be selected according to object name, object type, author (TADIR), package, and original system. For the Unicode syntax check, only object types for which an independent syntax check can be carried out are appropriate. The following object types are possibilities:
PROG Report
CLAS Class
FUGR Function groups
FUGX Function group (with customer include, customer area)
FUGS Function group (with customer include, SAP area)
LDBA Logical Database
CNTX Context
TYPE Type pool
INTF Interface
Only Examine Programs with Non-Activated Unicode Flag
By default, the system only displays program objects that have not yet set the Unicode attribute. If you want to use UCCHECK to process program objects that have already set the attribute, you can deactivate this option.
Only Objects with TADIR Entry
By default, the system only displays program objects with a TADIR entry. If you want to examine programs that don't have a TADIR entry, for example locally generated programs without a package, you can deactivate this option.
Exclude Packages $*
By default, the system does not display program objects that are in a local, non-transportable package. If you want to examine programs that are in such a package, you can deactivate this option.
Also Examine Modified SAP Programs
By deafult, SAP programs are not checked in customer systems. If you want to check SAP programs that were modified in customer systems (see transaction SE95), you can activate this option.
Maximum Number of Programs:
To avoid timeouts or unexpectedly long waiting times, the maximum number of program objects is preset to 50. If you want to examine more objects, you must increase the maximum number or run a SAMT scan (general program set processing). The latter also has the advantage that the data is stored persistently. Proceed as follows:
- Call transaction SAMT
- Create task with program RSUNISCAN_FINAL, subroutine SAMT_SEARCH
For further information refer to documentation for transaction SAMT.
Displaying Points that Cannot Be Analyzed Statically
If you choose this option, you get an overview of the program points, where a static check for Unicode syntax errors is not possible. This can be the case if, for example, parameters or field symbols are not typed or you are accessing a field or structure with variable length/offset. At these points the system only tests at runtime whether the code is sufficient for the stricter Unicode tests. If possible, you should assign types to the variables used, otherwise you must check runtime behavior after the Unicode attribute has been set.
To be able to differentiate between your own and foreign code (for example when using standard includes or generated includes), there is a selection option for the includes to be displayed. By default, the system excludes the standard includes of the view maintenance LSVIM* from the display, because they cause a large number of messages that are not relevant for the Unicode conversion. It is recommended that you also exclude the generated function group-specific includes of the view maintenance (usually L<function group name>F00 and L<function group name>I00) from the display.
Similarly to the process in the extended syntax check, you can hide the warning using the pseudo comment ("#EC *).
Applikation-Specific Checks
These checks indicate program points that represent a public interface but are not Unicode-compatible. Under Unicode, the corresponding interfaces change according to the referenced documentation and must be adapted appropriately.
View Maintenance
Parts of the view maintenance generated in older releases are not Unicode-compatible. The relevant parts can be regenerated with a service report.
UPLOAD/DOWNLOAD
The function modules UPLOAD, DOWNLOAD or WS_UPLOAD and WS_DOWNLOAD are obsolete and cannot run under Unicode. Refer to the documentation for these modules to find out which routines serve as replacements.
Regards,
Sruthi

Serv. Desk: Action: send an email only when a value in a field has changed

Hello,
In Soution Manager 4.0, Sevice Desk, I would like to create an action which creates an email only when a value of a certain field has changed.
- only in change mode relevant
- only when a value of one field has changed (e.g. Message Processort has changed from Buss. Partner 4 to 5. Than a mail should be sent to BP 5).
- it should only send this kind of email when the field value has changed in change mode. In other words: it should not sent the email e.g. when the status has changed.
I tried all kinds of things but I do not know on how to define the COnditions for an Action, so I can compare e.g.
if <old value> <> <new value>
Any ideas or experience on how to implement this without major modifications ?
Thanks
Christian

Hi Christian,
check out my question on SDN.
Email on Status Change
it has details on how to send an email when the status changes. I believe you are going to have to do something like this for each of the fields you want to create an Action Starting Condition for.
regards,
Jason

Check if a DSO has been lookup by other DSO/cube in start/end routine

I have to support on of the client system which I am not part of the development.
I found one DSO has been schedule to load data in daily process chain but it is not update to any target.
Is it possible to check if this DSO has been using in the staging i.e look up the reference field by other cube/DSO in start or end routine ?

Hi,
Possible by invoking respective field into code part.
I think not much stuff required in this regard.
Thanks - RK

How to check if the user has only the display authority of a message

hi,
How to check if the user has only the display authority of a message but does not have the change authority for a certain message?
Best regards,

hi blake
though i am an application consultant and for authorisation u need to have help of BASIS person if u r not the one but still i can guide u regarding the same,
Basically Authorization Management
Use
You can use the following authorization objects to control the authorizations for maintaining business partner data:
        Authorization objects for the Business Partner:
             B_BUPA_GRP
             B_BUPA_ATT
             B_BUPA_FDG
             B_BUPA_RLT
Authorization objects for relationships:
             B_BUPR_BZT
             B_BUPR_FDG
In addition, you can assign an authorization group to a business partner in the dialog. The authorization group controls which users may maintain data for this business partner.
You can also define authorizations for fields and field groups using the Business Data Toolset (BDT). Depending on the settings you have made, the system carries out the relevant authorization checks.
In the dialog in the SAP GUI, you can display an overview of the authorizations assigned to you by pressing the button Settings.
For more information on authorization management, see the Implementation Guide (IMG) of the Business Partner, as well as in the Developers Handbook for the BDT under Authorizations.
IntegrationAuthorization management for the Business Partner forms part of the SAP authorization concept.
Prerequisites
You have made the necessary settings in Customizing of the Business Partner under Basic Settings--> -Address Management.
Moving over
AS ABAP Authorization Concept
The ABAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP system, after he or she has logged on to the system and authenticated himself or herself.
To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.
Authorization Checks
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
        Starting SAP transactions (authorization object S_TCODE)
        Starting reports (authorization object S_PROGRAM)
        Calling RFC function modules (authorization object S_RFC)
        Table maintenance with generic tools (S_TABU_DIS)
Checking at Program Level with AUTHORITY-CHECK
Applications use the ABAP statement AUTHORITY-CHECK, which is inserted in the source code of the program, to check whether users have the appropriate authorization and whether these authorizations are suitably defined; that is, whether the user administrator has assigned the values required for the fields by the programmer. In this way, you can also protect transactions that are called indirectly by other programs.
AUTHORITY-CHECK searches profiles specified in the user master record to see whether the user has authorization for the authorization object specified in the AUTHORITY-CHECK. If one of the authorizations found matches the required values, the check is successful.
Starting SAP Transactions
When a user starts a transaction, the system performs the following checks:
        The system checks in table TSTC whether the transaction code is valid and whether the system administrator has locked the transaction.
        The system then checks whether the user has authorization to start the transaction.
The SAP system performs the authorization checks every time a user starts a transaction from the menu or by entering a command. Indirectly called transactions are not included in this authorization check. For more complex transactions, which call other transactions, there are additional authorization checks.
             The authorization object S_TCODE (transaction start) contains the field TCD (transaction code). The user must have an authorization with a value for the selected transaction code.
             If an additional authorization is entered using transaction SE93 for the transaction to be started, the user also requires the suitable defined authorization object (TSTA, table TSTCA).
If you create a transaction in transaction SE93, you can assign an additional authorization to this transaction. This is useful, if you want to be able to protect a transaction with a separate authorization. If this is not the case, you should consider using other methods to protect the transaction (such as AUTHORITY-CHECK at program level).
        The system checks whether the transaction code is assigned an authorization object. If so, a check is made that the user has authorization for this authorization object.
The check is not performed in the following cases:
You have deactivated the check of the authorization objects for the transaction (with transaction SU24) using check indicators, that is, you have removed an authorization object entered using transaction SE93. You cannot deactivate the check for objects from the SAP NetWeaver and HR areas.
This can be useful, as a large number of authorization objects are often checked when transactions are executed, since the transaction calls other work areas in the background. In order for these checks to be executed successfully, the user in question must have the appropriate authorizations. This results in some users having more authorization than they strictly need. It also leads to an increased maintenance workload. You can therefore deactivate authorization checks of this type in a targeted manner using transaction SU24.
             You have globally deactivated authorization objects for all transactions with transaction SU24 or transaction SU25.
             So that the entries that you have made with transactions SU24 and SU25 become effective, you must set the profile parameter AUTH/NO_CHECK_IN_SOME_CASES to Y (using transaction RZ10).
All of the above checks must be successful so that the user can start the transaction. Otherwise, the transaction is not called and the system displays an appropriate message.
Starting Report Classes
You can perform additional authorization checks by assigning reports to authorization classes (using report RSCSAUTH). You can, for example, assign all PA* reports to an authorization class for PA (such as PAxxx). If a user wants to start a PA report, he or she requires the appropriate authorization to execute reports in this class.
We do not deliver any predefined report classes. You must decide yourself which reports you want to protect in this way. You can also enter the authorization classes for reports with the maintenance functions for report trees. This method provides a hierarchical approach for assigning authorizations for reports. You can, for example, assign an authorization class to a report node, meaning that all reports at this node automatically belong to this class. This means that you have a more transparent overview of the authorization classes to which the various reports are transported.
You must consider the following:
              After you have assigned reports to authorization classes or have changed assignments, you may have to adjust objects in your authorization concept (such as roles (activity groups), profiles, or user master records).
              There are certain system reports that you cannot assign to any authorization class. These include:
              RSRZLLG0
              STARTMEN (as of SAP R/3 4.0)
              Reports that are called using SUBMIT in a customer exit at logon (such as SUSR0001, ZXUSRU01).
              Authorization assignments for reports are overwritten during an upgrade. After an upgrade, you must therefore restore your customer-specific report authorizations.
Calling RFC Function Modules
When RFC function modules are called by an RFC client program or another system, an authorization check is performed for the authorization object S_RFC in the called system. This check uses the name of the function group to which the function module belongs. You can deactivate this check with parameter auth/rfc_authority_check.
Checking Assignment of Authorization Groups to Tables
You can also assign authorization groups to tables to avoid users accessing tables using general access tools (such as transaction SE16). A user requires not only authorization to execute the tool, but must also have authorization to be permitted to access tables with the relevant group assignments. For this case, we deliver tables with predefined assignments to authorization groups. The assignments are defined in table TDDAT; the checked authorization object is S_TABU_DIS.
You can assign a table to authorization group Z000. (Use transaction SM30 for table TDDAT) A user that wants to access this table must have authorization object S_TABU_DIS in his or her profile with the value Z000 in the field DICBERCLS (authorization group for ABAP Dictionary objects).
please See also:
        SAP Notes 7642, 20534, 23342, 33154, and 67766
guess this info will help you,there is one graphic which actually explain the hierarchy of authorisation,i will find some time out to let u know more info about the authorisation
but if u sit with ur BASIS guy then u can learn lot of things in PFCG
i guess u r a basis guy,then its not a problem
best regards
ashish

How to set a condition to check if a field is been updated in workflow

Hi,
I have a scenario, wherein a workflow email will be triggered to a person only when a field (of type person/group) from the list is updated with the person's name.
Now I was trying to put a check condition to send the email only when the field is updated.
Is it possible in SP2013 workflow please ?
Many thanks !
Regards

Hi Prajk,
As I understand, you want to email a person only when the field is updated.
You can do the following steps in SharePoint Designer.
Go to your list, and create a helper column which has same column type with the field you need to check the updating.
Open you site in SharePoint Designer and New workflow(Choose your List/Library).
Create new variable to check whether the field is updated via comparing the helper column and the filed.
Pick Send an Email to send email to the person.
For more detailed steps, please refer to the following link:
http://officepowerups.com/2013/07/09/send-email-when-specific-field-changes-in-sharepoint/
By the way, the link is a demo of SharePoint Designer 2010, it also works for SharePoint 2013 workflow.
Best Regards，
Wendy Li
TechNet Community Support

Unicode check

Hi,
I have used this stmt (DESCRIBE FIELD GT_TLINE LENGTH fle1 )
to get the length of fields but i am getting errors based on unicode check like
describe length can only be in byte mode or character mode.
My program is about converting the output of smartform to pdf and send as an attachment to email.
Can any one answer me on this issue.
Thanks,
lalitha.

Hi,
For this u shud use DESCRIBE FIELD GT_LINE LENGTH fle1 in BYTE/CHARACTER MODE as per the new guidelines for Unicode check
The description of BYTE/CHARACTER MODE says like this :
The length directly used by the data object dobj in the memory is determined in bytes or characters depending on the addition MODE and is assigned to the data object ilen. The data type i is expected for ilen.
You must specify the addition MODE in Unicode programs. The variant with the addition IN BYTE MODE determines the length of the data object dobj in bytes. The variant with the addition IN CHARACTER MODE determines the length of the data object dobj in characters. When using IN CHARACTER MODE, the data type of dobj must be flat and character-type. You can only specify IN BYTE MODE for deep data types and in this case, the length of the reference (8 bytes) is determined.
In non-Unicode programs and in releases prior to 6.10, LENGTH can be used without the addition MODE. In this case, the addition IN BYTE MODE is used implicitly
Note
For data objects with a fixed length, the length is determined that is specified during the creation of the data object. To determine the the used length of character-type data objects without counting the trailing spaces, you can use the built-in function strlen.
Regards,
Himanshu

Kerberos Authentication: "Integrity check on decrypted field failed"

Hi,
I have configured a portal (NW 7.0 SP13) for Kerberos Authentication. I have another portal with exactly the same configuration (same MS-ADS etc, just a different user) which is working fine. But this one is giving me the error "Integrity check on decrypted field failed" (and Kerberos Auth fails).
Any ideas?? I get the same error whether I use the keytab from the SPNEGO wizard, or the keytab from "ktpass -princ host/%HOST%@%DOMAIN% -pass %PASSWORD% -out keytab -mapUser %USER% +DesOnly /crypto DES-CBC-MD5 /ptype KRB5_NT_PRINCIPAL"
The only difference I can see between the ldifde outputs of the two users (the one that works and the one that doesn't) is the one that doesn't has an extra SPN "HTTP/" - would that cause this error??
Has anyone else had this error & what causes it?
Many thanks in advance.
Regards
Jane
Full error text:
JGSS_DBG_CTX Creating context, initiator = no, input cred = not null
JGSS_DBG_CRED getCred: only one cred, returning it
JGSS_DBG_CRED getName found name: host/[email protected], mech=1.2.840.113554.1.2.2
JGSS_DBG_CRED Krb5 name type = 0
JGSS_DBG_CTX Creating context, cred usage = 2
GSS Context created
JGSS_DBG_UNMARSH Real token len 1641
JGSS_DBG_UNMARSH Token oid 1.2.840.113554.1.2.2
JGSS_DBG_UNMARSH inner token len 1630
JGSS_DBG_PROV getFactory: index = 0 found factory
JGSS_DBG_PROV getMechs: Mechanism(s) supported by provider IBMJGSSProvider
JGSS_DBG_PROV 1.2.840.113554.1.2.2
JGSS_DBG_PROV getMechs: 1 unique mechanism(s) found
JGSS_DBG_PROV [0]: 1.2.840.113554.1.2.2
JGSS_DBG_CTX Default list of negotiable mechs:
1.2.840.113554.1.2.2
JGSS_DBG_CTX ticket enc type = des-cbc-md5
com.ibm.security.krb5.internal.KrbException, status code: 31
message: Integrity check on decrypted field failed
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:31)
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:15)
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:32)
at com.ibm.security.krb5.EncryptedData.decrypt(EncryptedData.java:106)
at com.ibm.security.jgss.mech.krb5.k.a(k.java:248)
at com.ibm.security.jgss.mech.krb5.k.b(k.java:188)
at com.ibm.security.jgss.mech.krb5.k.acceptSecContext(k.java:533)
at com.ibm.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:155)
at com.ibm.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:153)
at com.sap.security.core.server.jaas.SPNegoLoginModule.doHandshake(SPNegoLoginModule.java:738)
at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:362)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:146)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:215)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
JGSS_DBG_CTX Error authenticating request. Reporting to client
Major code = 11, Minor code = 31
org.ietf.jgss.GSSException, major code: 11, minor code: 31
major string: General failure, unspecified at GSSAPI level
minor string: Kerberos error while decoding and verifying token: com.ibm.security.krb5.internal.KrbException, status code: 31
message: Integrity check on decrypted field failed

Hi Désirée,
Yes the service user has "Use DES encryption" set.
In the end, it was resolved by changing the password and running the SPNEGO wizard again to generate a new keytab with the new password.
Regards
Jane

Unicode check in 4.6C

Hi All ,
Is there any way to have the unicode check feature i.e.UCCHECK in R/3 4.6C environment ? please let me know if anyone has any clue.
Regards
Yogesh

Hello Yogesh
The report Peter mentioned is RSUNISCAN. The output of the report looks like this:
ABAP Unicode Scan
This program finds coding that does not yet correspond to the restrictive Unicode syntax
(Based on the ABAP Unicode design of June 1999) It finds most of the affected coding, but not all of it.
The main aim of the program is to give you an idea of the kinds of coding that need to be changed for Unicode.
It generates error messages for code that will have to be changed later, and for which there are means in 4.6B for doing so
It generates warnings for cases that will have to be changed later, but where the required statements will
not be avilable until Release 5.0. ...
Regards
Uwe

Unicode check - I/O field has no accessible label

Similar Messages

Maybe you are looking for