User has no authorization to send IDOCS of type
Hi Gurus,
I am sending an IDOC of type OILDEB02 from XI to R/3. I have done the configuration (we20, we21 etc). The message is processing successfully and not reaching the R/3.
When I checked in IDX5, after cclicking the 'transaction id', i see this message.
Caller: XIAFUSER
No authorization to send IDOCS of type OILDEB02.
Do we need to create the XI service users in the R/3 system?
I wanted to know what is missed in this configuration?
Thanks
Kalyan
Bhavesh,
I am using File to IDOC interface.
I have checked all the items you mentioned. Everything is working as expected.
<i>1. The rfc destination and port in the IDOC adapter are the valid ones you have created for the R3 system in Sm59 and IDX1 respectively
***THESE ARE VALID
2. Go to IDX2 and try to manually import the Idoc metadata. See if this is successful.
MANUAL IMPORT IS SUCCESSFUL
3. In the RC destination in Sm59, try a test connection and remote log on.
TEST CONNECTION AND REMOTE LOG ON WERE SUCCESSFUL.
4. Finally check if the user id has the roles mentioned in my porevious reply and if yes, things should work.
I didn't check this on. But there was no error regarding my user id.
</i>
After I run the interface, XI is showing the processing successful and the IDOC is not received at R/3.
When I checked in IDX5 in XI, after clicking the transaction id, the message is saying that -
Caller XIAFUSER
Function module: IDOC_INBOUND_ASYNCHRONOUS
Target system: R/3 SYSTEM RFC destination I have created in XI
Status text: No authorization to send IDocs with message type OILDEB
Any thoughts??
Thanks
Kalyan
Similar Messages
-
RFC error "No authorization to send IDOCs with message type ..."
Hi all,
I have now tried just about everything I could think of, applied all the notes mentioned on this forum but still no luck. Can anyone please help ...
I have got a file to idoc scenario, the status in the sxmb_moni is successful, but the outbound processing logs an error. When I go to transaction SM58 I get an error for the user XIAFUSER with the message "No authorization to send IDOCs with message type WPUUMS".
I have tried giving this user SA_ALL access and still got the same error thus concluding that this is not an authorisation error.
Any suggestions?
Regards,
LieselHi Liesel,
The RFC destination that you have put in IDoc communication channel must be present in your SAP XI system, transaction SM59 also.
Please check if the user id/Password that you have given has all the authorization.
Also check the User ID and passwrord in SM59 in R3 and see if a Remote Login is possible.
There is also some configuration by which the clients are allowed / blocked from receiving Idocs from XI. Basis guys can do it for you. Please approach your basis consultant. Hopefully that helps..
Regards,
Abhy Thomas -
Issue: "No Authorization to send Idocs with message type Orders" - IDX5
Hi All,
I am working on a File to IDoc(Orders.Orders05) scenario. The sender is PI Server and the receiver is the SAP ISR system. A technical system has been created in PI SLD for the ISR system and a Business system is added to that. The logical system created in ISR system using Tcode BD54 is added to the business system in PI. A new RFC destination is created in PI system to connect to the ISR system.
On the ISR system Partner profile is created using TCode we20 with the same logical system name already created using Tcode BD54.
When sxi_monitor is executed on the PI system, It shows checked flag on the Inbound side and Red flag on the Outbound side. And when idx5 is executed, it shows the new Idoc number and when it is double clicked, it shows the Status Text as
"No Authorization to send IDocs with message type Orders".
All authorizations have been provided on the Sender side.
Please let me know if any authorization need to be provided on the ISR system or Is this an error on any settings.
Thanks in Advance.
Stalin S.Hi,
Check this Thread which deals with the Authorization Issue
RFC Adapter
And also check this how to check whether u have sufficient authorization to send the Idocs or not
To test the Authorization check
Double click the RFC Destination that u have created in XI towards R/3 in SM59
Select UtilitiesTestAuthorization test
By this you can come to know whether your user is having the propper authorization or not
REgards
Seshagiri -
Error : No authorization to send IDocs with message type MATMAS
Hi All,
My scenario is FILE-XI-IDOC.
I am getting chequered flag in SXMB_MONI,but in that under outbound status I am getting red flag.
When I check in SM58 I am getting message as "No authorization to send IDocs with message type MATMAS".
Do I need to give any authorizations on XI side or on R/3 side?
If so, what is the authorization required?
I could not find the note :837595.<i>You use the IDoc Adapter in the Exchange Infrastructure and you try to use the IDocs to receive or send data. For these IDocs, an attempt is made to load the IDoc metadata from an R/3 reference system with an SAP NetWeaver Release lower than 6.20.
This occurs either at runtime, whereby the relevant messages run into 'System error' status, or when you use transaction IDX2 during manual loading of the metadata. In this case, the reference ystem is called by RFC and the logon user of the RFC destination does not have the necessary authorizations for determining the metadata.
Solution
In transaction PFCG, extend the role of the logon user by adding the following authorizations:
Authorization object S_RFC
Field name RFC_TYPE value FUGR
Field name RFC_NAME value EDIMEXT, SDTX
Field name ACTVT value 16
Authorization object S_IDOCDEFT
Field name ACTVT value 03
Field name EDI_CIM value ' '
Field name EDI_DOC value TXTRAW01
Field name EDI_TCD value WE30
Authorization object S_CTS_ADMI
Field name CTS_ADMFCT value TABL
Authorization object S_TABU_DIS
Field name ACTVT value 03
Field name DICBERCLS value</i>
from the note mentioned above.
Regards
Bhavesh -
No authorization to send IDocs with message type R
I'm in the process of installing some business content for a 3.5 prototype. When trying to load some master data I get the following error in the transactional RFC in the source system.
"No authorization to send IDocs with message type R"
Any clues to what may be causing this?
Any help appreciated.
thanks
MikeHi Michael,
the suggestion for SAP_ALL was just for testing purposes in order to see whether it works then. If security is an issue you should reduce the authorization to the ones really needed (see note).
Another security option is to make the background user a system user and not a dialog user.
Regards, Klaus -
User has no authorization for function group SWRS
Dear SRM Gurus,
We are facing an issue u201CUser has no authorization for function group SWRSu201D.
Hope the user has no authorization to access function group SWRS and this function group is saying that workflow substitution.
Can you any one have any idea what scenario are we using Workflow substitution?
Is there any Roles need to be assigned?
I would be appreciating if you could let us know more detail on this.
Thanks.
Regards,
Magesh Basavaraj.Hi,
The authorization object is 'S_WF_SUBST' for substitute role..try to assign this object and check..
Saravanan -
ISA : The user has no authorization
Hello Friends,
I created a customer configuration " MYCONF" under
http://host:50100/shopadmin/admin/xcm/init.do
and then i tried to connect to :
http://host:50100/shopadmin/shopadmin/init.do?scenario.xcm=MYCONF
i was directed to login page .
i enter login : WEBADMIN and its pass but i get this error :
An error occurred:The user has no authorization for Shop Management
In SAP CRM back end , i gave the WEBADMIN user the roles :
SAP_CRM_INTERNET_CUSTOMER
SAP_CRM_ISA_UA_SUPERUSER
SAP_CRM_ISA_WEBSHOP_MANAGER
restarted all servers .
but i still have the same error..
what happens?Hi Blackman,
try logging with just your own CRM logon. It should work. The webadmin user is this the one logging onto CRM that you set up in teh XCM settings?). This should have the role SAP_CRM_ISA_ITSLOGIN assigned to it.
Then your user just needs the webshop one you assigned but you should have sap_all anyway right?
Cheers
Andrew -
Which user has which authorizations
Hi all,
I need to know which user has which authorizations.
In which tables can I find these data?
Thanks.
deniz.Hi,
Check this .
USR01 contains the runtime data of the user master records
USR02 is the table containing logon information such as the password
USR03 includes the users' address information
USR04 contains users' authorizations
USR05 is the users' parameter ID table
USR09 contains user menus
USR10 is the table for user authorization profiles
USR11 contains the descriptive texts for profiles
USR12 is the user master authorization values table
USR13 contains the descriptive short texts for authorizations
USR14 contains the logon language versions per user
USR30 includes additional information for user menus
USH02, USH04, USH10 and USH12 contains Users and profile and
authorization change history data.
Tables related with authorizations objects and authorization fields are as follows:
TOBJ is the authorization objects table containing the authorization
fields for each.
TACT contains the list of standard activities authorization fields
in the system.
TACTZ is the table which defines the relationship between the
authorization objects and the activities in those objects containing
the Activity authorization field.
TSTC is the transaction code table where authorization objects
and values can be defined. -
Hello,
Question of a newbie:
In Windows Server 2012 I'm using IE10 to simulate numerous different users. But for some of these "fake" users I got the error:
Logon failure; the user has not been granted the requested logon type at this computer.
So I opened PowerShell : GPEDIT.MSC
Computer Configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignment.
In the detail zone : Double-Clic sur Allow log on locally.
Dialog box : Allow log on locally properties
But the Add User or Group
button is grayed out!
What can I do?
Thanks for your help!Several months after...
I found the solution : the user has to be member of the Server
Operators in Active Directory.
That's all :)
Thanks -
We just rebuilt our machine with server 2012, and it was working flawlessly and then randomly it started giving me this error if i would try to start up a machine. At first this was just an annoyance but now it is worrying me greatly. I have tried
everything from logging on as the domain admin account to the actual server administrator account. Nothing seems to start these machines up, and I need them to start.
'Computer1' failed to start worker process: Logon failure: the user has not been granted the requested logon type at this computer. (0x80070569).Hi,
As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as 'Answered' as the previous steps should be helpful for many similar scenarios.
If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.
In addition, we'd love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems.
Thanks!
Lawrence
TechNet Community Support -
A user has the authorizations in his UMR, but error still appearing
Hi all,
I have an issue with several issue in a company i am working for. The issue is the following:
When a user wants to do something SAP gives an authorization error for an authorization that the user has in his UMR. When i remove any other role, the user can execute the transaction.
I have seen the RZ10 looking for auth/auth_number_in_userbuffer but it does not exist!!!! what can i do????????
Thanks In advance!!!Hi,
Firstly, auth/auth_number_in_userbuffer is obsolete. Check for parameter auth/new_buffering. The value should be set to 4. Also, ensure that the PFCG_TIME_DEPENDENCY job is scheduled and running every day.
Refer to SAP note 209899 for more information on the new parameter.
Regards,
Raghu -
User has no authorization for Function group SYST
Hi,
We are starting to make customisation to B2B application. I have just created a new project for B2B_XXXX application and deployed it on the server. When I run this custom application, I am not able to login using the same user that is working fine for the standard B2B application.
Following is the error I am getting
ERROR 1 - RFC_ERROR_LOGON_FAILURE: User INTUSER05 has no RFC authorization for function group SYST
ERROR 2- The application was not able to switch to a stateful connection......
Strange thing is that the same user works very well for standard B2B.
Any clue? All I have done is created a CUSTCRMPRJ for B2B ERP (SHRWEB, SHRAPP). Please help.
Best regards,
-Tarun
Edited by: Tarun Bakshi on Nov 10, 2011 7:37 PMHi Shanto,
The problem is still occuring. Even If I give s_rfc authorisation the order is not being created.
I compared the source code for b2b and b2b_custom application, I have pasted below the component info
sap.com CORE-TOOLS 7.00 SP14 (1000.7.00.14.0.20071210170909) SAP AG SAP AG 20080125132852
sap.com SAP_JTECHF 7.00 SP14 (1000.7.00.14.0.20071210172424) SAP AG SAP AG 20080125132853
sap.com BASETABLES 7.00 SP14 (1000.7.00.14.0.20071210170411) SAP AG SAP AG 20080125132853
sap.com SAP-JEECOR 7.00 SP14 (1000.7.00.14.0.20071210172300) SAP AG SAP AG 20080125132852
sap.com JLOGVIEW 7.00 SP14 (1000.7.00.14.0.20071210160700) SAP AG SAP AG 20080125132853
sap.com SAP-JEE 7.00 SP14 (1000.7.00.14.0.20071210172039) SAP AG SAP AG 20080125132853
sap.com SAP_JTECHS 7.00 SP14 (1000.7.00.14.0.20071210172719) SAP AG SAP AG 20080125133813
sap.com BI_UDI 7.00 SP14 (1000.7.00.14.0.20071210170522) SAP AG SAP AG 20080125133909
sap.com BI_MMR 7.00 SP14 (1000.7.00.14.0.20071210170459) SAP AG SAP AG 20080125133230
sap.com UMEADMIN 7.00 SP14 (1000.7.00.14.0.20071210164800) SAP AG MAIN_APL70VAL_C 20080125140341
sap.com LM-TOOLS 7.00 SP14 (1000.7.00.14.1.20080124101556) SAP AG MAIN_APL70P14_C 20080125134809
sap.com SAP-SHRWEB 6.0 SP0 (1000.6.0.0.2.20080129095806) SAP AG MAIN_CRM70PAT_C 20110608153828
sap.com SAP-SHRAPP 6.0 SP0 (1000.6.0.0.2.20080128172843) SAP AG MAIN_CRM70PAT_C 20110608154506
b2b_custom application has been created by using code from the following SCs that were added to the track
SAPSHRWEB10_7-20003522.SCA
SAPSHRAPP10_7-20003520.SCA
SAPCRMWEB10_7-20003518.SCA
SAPCRMAPP10_7-20003516.SCA
SAPCRMDIC10_0-20003519.SCA
STRUTS01_0-10003646.SCA
SAPIPCMSA10_0-20003515.SCA
SAPCRMJAV10_7-20003517.SCA
SAPSHRJAV10_7-20003521.SCA
TEALEAF00_0-20001451.SCA
SAPBUILDT14_0-10003479.SCA
Any help would be great... -
Do we any SAP Standard program to Send IDOC of Type CODCMT01
Do we any SAP Standard program for outbound processing for IDOC Type CODCMT01
Message was edited by: Vipin Nagpal- If it is for test purpose only, you could use transaction WE19 (Test Tool).
- As well you could write your own program and user MASTER_IDOC_DISTRIBUTE function module... but in this case you need to fill yourself the fields of the IDOC
- as well you can have a look at function group KALE...
E.g. function module K_DOCUMENT_SEND -
The user has not been granted the requested logon type at this computer
Hi,
I'm running Win Server 2012 R2
I'm trying to do the following, but the Add User or Group is grayed out! :-(
Why? What did I miss?
Thanks for your help
To assign the user right Allow log on locally
On the Telnet server, open the Group Policy Management Editor. To do so, click Start, then in the Start Search box,
type gpedit.msc, and then press ENTER.
If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
In the navigation pane, open Computer Configuration, Windows Settings, Security Settings, Local
Policies, and User Rights Assignment.
In the details pane, double-click Allow log on locally.
Click Add User or Group.
Find the user or group account you want to add, and then click OK.
Click OK to save your changes to the Group Policy object (GPO).
Users that are currently logged on must log off and back on to be affected by the changed GPO setting.Sorry, I just forgot to add these new users to the Server
Operators in Active Directory.
Now they can connect.
Thanks for your help -
Send IDocs internally in a client
Dear all,
I am not sure if this really fits in this forum. But perhaps someone can help me.
I need to send IDocs internally wihin a given client (inter company). So I created a port and a RFC connection pointing on the system itself. My problem is now, that I do not know the "right" authorizations for the service user of the RFC connection to post these IDocs. I prepared it to the user the IDoc adapter uses, but this user seems to be rather powerfull.
Does anyone have an idea how to find this out?
Kind regards
FlorianSure I was able to create & test the rfc connection. However I receive an error in SM58 "No authorization to send IDocs with message type DELINS". The current authorization of the RFC user are:
Y_RFC_IDOC Y_RFC_IDOC
Manually Cross-application Authorization Objects
Manually Authorization Check for RFC Access
Manually Authorization Check for RFC Access
Activity Execute
Name of RFC to be protected *
Type of RFC object to be prote Function group
Best regards
Florian
Maybe you are looking for
-
Installing AS: special problem with OPMN Process Manager...
Hi everybody, Actually, i'm trying to install a Grig control 10.2.0.1 on an existing database (10.2.0.1 patched to 10.2.0.4). OS is RHEL5. I have the following problem during setup IAS for 3 days. Note that my database is open and that didn't succeed
-
Drill Down facility in ALV Report
Hi Guys, I want to provide Drill down facility based on columns in ALV Report (ALV Web Dynpro Report). Please let me know if you have any sample code or guidelines for this. Thanks, Pradeep
-
Query Regarding 2 Calls From XI to same Database.
Hi All, I've a scenario in which XI has to call the Database two times: First call is to get a value from the Database by using stored procedure Second call is to update a table in the same Database by one to one mapping. I've called the stored proce
-
Unsure as to operation of intersects method in Shape
I am writing a program in which i need to check whether or not 2-D objects (primarily squares and circles) are touching each other. The documentation for intersects says that it tests whether the interiors of the shapes intersect each other, however
-
Assigning keywords during photo import
Hi, I'm using Aperture 2 since a long time and just testing Aperture 3. I'm working heavily with keywords to categorize my shootings. I really love Aperture's concept of keyword groups and would love to group my keywords which I currently organized i