Verify Authorization for a differnt UserID

Similar Messages

• UWL:User  has no RFC authorization for function group SDIFRUNTIME .

  Hi,
  In portal, while registering the system in UWL , I am getting this error:
  (Connector) :com.sap.mw.jco.JCO$Exception:User <userid> has no RFC authorization for function group SDIFRUNTIME .
  I have given the permission to the user id as owner for the system, with which I am logged in, and registering the system.
  It is also confirmed, that in the backend, the same user has authorization for the said RFC.
  Please help as it is urgent.
  Thanks,
  Sonali
  Edited by: Sonali M S on May 30, 2008 6:32 AM

  Hi Sonali,
         If your component is a webdynpro component, back end system is accessed via a logical system / JCO Destination. User id ( Lets say JCOUSER) and password is given for accessing backend via this JCO connection. This user id is different from particular user's backend user id. Verify whether JCOUSER has required authorizations in backend.
       I hope it helps.
  Regards,
  Uday.

• BW report authorization for restrict cost center

  dear all,
  i have problem on BW report authorization for restrict cost center.....when i execute the query, after selection screen, appear error message 'you cannot change zv_cctr for characteristic 0COSTCENTER during query'.
  note : zv_cctr is variable restriction for costcenter, type processing = customer exit.
  below the customer exit :
  WHEN 'ZV_CCTR'.
      IF i_step = 2.
        DATA : gt_mstuidvscc TYPE TABLE OF  ztbw_mstuidvscc,
               gs_mstuidvscc TYPE  ztbw_mstuidvscc,
               wa_final2(10) TYPE c.
        SELECT * FROM ztbw_mstuidvscc INTO CORRESPONDING FIELDS OF TABLE gt_mstuidvscc
          WHERE userid = 'sy-uname'.
        LOOP AT gt_mstuidvscc INTO gs_mstuidvscc.
          wa_final2 = gs_mstuidvscc-kostl.
          l_s_range-opt = 'EQ'.
          l_s_range-high = wa_final2.
          APPEND l_s_range TO e_t_range.
        ENDLOOP.
      ENDIF.
  Regards,
  Tony

  i defined variable as ready for input and mandatory.
  regards,
  Tony

• Authorizations for the cluster PY

  Dear Friends...
  I have this issue at this moment...
  Authorizations for the cluster PY, they want that some user can see the cluster with the exception of infotype 8 and 62, and the same process in pa30 and ad hoc query, I think in pa30 and adhoc query could use and authorization object, but I don't know if in the cluster works this objects.
  if u can give me some help I'll apreaciate.

  Hi Ian,
  You could use stored procedure like this
  IF @object_type='10000044'AND @transaction_type='U'
    BEGIN
       SELECT @error=-1
       SELECT @error_message='Update denied'
    END
  However, it seems that you want to protect this action only for certain user?
  I think it is not easy (unless you're using SDK).
  The problem is, the OBTN table (OIBT only a view) only store the original user who create the batch (field UserSign). So, if user "A" create the batch, and later user "B" want to update it, but you intend to restrict only user "B" while giving access to update the status to user "A", the table OBTN still record the UserSign field with user "A" despite it was actually "B" who update it. So, stored procedure can't read that it was "B" who actually tried to update the batch detail.
  Maybe you could use this workaround, you create an UDF in batch object (U_User), and using FMS to update this UDF with active user who login to B1. Therefore, you could amend above stored procedure like this
  IF @object_type='10000044'AND @transaction_type='U'
    BEGIN
       DECLARE @U_User AS NVARCHAR(10)
       SELECT @U_User=U_User FROM OBTN WHERE AbsEntry=@list_of_cols_val_tab_del
       IF @U_User IN('1','2','3') -- from USERID field in OUSR table
         BEGIN
            SELECT @error=-1
            SELECT @error_message='Update denied'
         END
    END
  Frankly, I haven't try it. Hope this help.
  Best Regards,
  Hendry Wijaya

• User has no RFC authorization for function group.

  Hi expert,
  I am calling a new function module  from the WebDynpro Java that is causing an issue that User has no RFC authorization for function group. if the user doesn’t have proper authorization like SE37 Transactions Code and others.
  But there is some more existing function module in the same application that is working fine without having above issues with same access.
  I am passing the USERID as input in the function Module and execute simply.
  So can you please tell me the Way to handle it?
  I will really appreciate your answer.
  Thanks
  Ali

  Hi Rali,
  I think,there is problem with ur JCO connection..
  Please check the following steps -
  1. Go to transaction SM59.
  2. Choose Create.
  3. Enter the following:
  RFC destination: SAPSLDAPI
  Connection type: T (Start an external program via TCP/IP).
  4. Choose Enter.
  5. Choose Technical settings and specify the following data:
  a. Select Registered Server Program as the activation type.
  b. Enter the program ID of the SAP J2EE Engine that acts as the RFC server. Enter SAPSLD_xyz (xyz is the SID of SAP J2EE Engine Server.)
  c. Enter the gateway host and the gateway service of R/3 server
  d. If the system is a Unicode system, navigate to Special Options and select the option
  Non-Unicode or Unicode in the section Character Width in Target System according to the gateway
  server.
  6. Save your entries.
  Now
  1. Go transaction SLDAPICUST.
  2. Switch to editing mode and choose Insert Row. Specify the connection parameters of the J2ee server ,
  Host name,  port Number, user  and password -  and set this SLD server as Primary.
  Only the entry marked as Primary is active.
  Please check whether there is entryof r/3 server in  the j2ee server /etc/services folder.If no entry is there then add -
  R/3server   port/TCP
  in the service file.
  Please check the  r/3server service folder and host folder  - do they have entry of java server, if no add the entry in the same way as done above for j2ee server.
  Also check the Group ,that u have entered for r/3 server in SLD exist in R/3 server or not if not add it....
  I hope this will help you ...
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  Thanks,
  Gunja
  Edited by: Armin Reichert on Apr 26, 2008 6:35 PM

• No Authorization for BSP

  Hi friends,
  I transported this request(which had ICF Settings, Mime Object and BSP). Now when I go in Test System and then in SE80, I display my BSP and when I execute from SE80, it tries to open following url in IE:
  http://brcbdbd1.amoco.com:8010/sap/bc/bsp/sap/zbsp_filenet/default.htm?sap-client=110&sap-sessioncmd=open
  it does not display and gives me a message -
  "You are not authorized to view this page" It does not even ask for WAS userid and password screen
  Do we need to set up authorization for this BSP ?
  Any ideas on authorization and how do we maintain for BSP's.
  regards
  Deepak

  if you go to transaction <b>SICF</b>, try browsing and find your node <b>ZBSP_FILENET</b>. If you either doubleclick or right click, it gives a dialog box, and asks for username/password. You can set , username and password there.
  For more information, look here:
  http://help.sap.com/saphelp_470/helpdata/en/36/020d3a0154b909e10000000a114084/frameset.htm
  Internet Connection Framework -->
  HTTP Communication Using the SAP System as a Server -->
  Using the ICF -->
  Linking a HTTP Request to an ICF Service -->
  Creating an ICF Service
  All your doubts regarding Logons will be cleared.
  Regards,
  Subramanian V.
  Regards,
  Subramanian V.

• No authorization for action: CRE with object: ADCP

  Hi,
  I encountered the following error when creating an index:
  No authorization for action: CRE with object: ADCP
  I was at transaction DB02 -> 'Checks' -> Database<->ABAP/4 Dictionary.
  The checks indicate that there are some optional indexes that are not created.
  The error is encountered when I select one of these indexes (eg. ADCP-I01) and try to create it using the 'Create in DB' button.
  Do I have to assign some certain permission to my account? I am already holding the SAP_ALL and S_A.SYSTEM profiles.
  Thanks for any help,
  Tzyy Ming

  Hello,
  As i had expected DDIC userid did the needful.
  to see whether the index is created, you need to do the following.
  start transaction DB02
  click on the refresh button
  You would then get a new pop up with two different buttons.
  now on this pop up click the 'perform database checks' button.
  System might give you a warning 'This will take time' , click yes and wait for the system to refresh the data.
  Once system has refreshed the database data, you should be able to see your newly created index.
  Regards,
  Siddhesh

• Roles & Authorizations for Web Reports...

  Hello Experts,
  We are newly implementing Web Reports in our organization. I need your great thoughts regarding implementing Authorizations for users to access the reports.
  We are using a report menu page that contain links to all the reports. The page opens by clicking on a link on the portal. The individual reports are basically accessed from this page by clicking on the corresponding button (links a URL ).
  I wonder if there is any way to look into the menu page (XHTML code of that web page/application) when ever the users click on the reports link and disable those buttons that the users are not allowed to access depending on the roles users are assigned to. Otherwise is there any better way to do it.
  And also how to call a function from web applications.
  This is a kind of urgent issue any quick ideas would be greatly appreciated.

  I apologize for the difficulty in reading this  I will repost.
  We have had no training or received any documenation on WAD.  The below was created from internet research.  Hence there may be WAD functionality that would allow easier maintenance, however; this is what we use.
  With our dashboard, I have a web template that contains hyperlinks for our reports.  I will call this HeaderTemplate1.  For each web page I have report templates.  These report templates have the HeaderTemplate1 mentioned above as well as the report tables, charts, text elements, tabs, etc.
  The JavaScript logic for accessing the urls of the specific report templates is contained within our HeaderTemplate1.
  Below is how our setup was tested.  Keep in mind, this was only for testing basic functionality.  If this is something we use I will most likely create a master data table that houses the user ID and an attribute for the header type.  Thus, any report menu changes can be altered quickly without changing the javascript of each report template.  Also this will accomodate the few thousand users we have.
  To add the functionality of different 'menus', I created another header template with the same hyperlinks of HeadertTemplate1 with the exception of one or two hyperlinks.  This, HeaderTemplate2, was added to each report template just below HeaderTemplate1.  Note that both HeaderTemplate1 and HeaderTemplate2 were set as visible on each report template.
  Also, on each report template I added a text element.  The 'List of Text Elements'property was set as such; Element Type = General Text Sympol,  Element ID = SYUSER.  This Text Element was linked to a query  or view from BEx via the dataprovider.  On the HTML side, I surrounded this Text Element with
  <Font ID="UserID",,,textelement....</Font>
  Each Report template has this javascript function, fnRepOnLoad, which is triggered at the OnLoad event.
  [<SCRIPT language = "JAVASCRIPT">                       
    function fnRepOnLoad()
      var user_ID=document.getElementById("UserID").innerHTML;
      if (user_ID=='USER123')
        document.all["HEADTMPLT1"].style.visibility = 'hidden';
        document.all["HEADTMPLT1"].style.position = 'absolute';
      else         
        document.all["HEADTMPLT2"].style.visibility = 'hidden';
        document.all["HEADTMPLT2"].style.position = 'absolute';
  </script>
  The function results as this.  If the user is USER123, HeaderTemplate1 is hidden, leaving only HeaderTemplate2 visible.  Otherwise HeaderTemplate2 is invisible leaving on HeaderTemplate1 visible.
  We do not use buttons as our global leaders prefer hyperlinks but buttons can be enabled or disabled similarly.
  As mentioned before, if this method is implemented, I will create a reportable master data table.  Create a customer exit variable to retrieve the header template required for the user.  This header template variable value will then be pulled by a text element on each report template.  The script function will act as follows.  If many report headers are necessary I may use a case statement.
  Var User_template=document.getElementById("UserTmplt").innerHTML;
  If UserTmplt = HeaderTemplate1
  -->  make all header templates other than HeaderTemplate1 invisible
  else
  -->  make all header templates other than HeaderTemplate2 invisible
  etc...
  I hope this helps.  Please keep me posted with your solution.  I am very interested to learn what others are doing.
  Best Regards,
  Larry

• Authorizations for users to change their own data

  Hi
  All the employees are given the userids to logon to sap when these employees log on to sap with the particular userids they should be able to change /Display only the details pertaining to them not others
  We have not implemented ESS but this is in pipeline but only after 3 -4 months But Authorizations are required for users now only
  How to design role which should apply to all user requirements and they should get their Personnel no by default
  Kind Regards
  Vinod

  Hi,
     For your requirement goto transaction SU21 and select the object P_PERNR and click DOCUMENTATION. Refer the Documentation for the steps to be followed.
  (i.e)  For a user to be able to maitain his or her own data. You should assign the user an authorization for the HR: Master data - Personnel number check object (P_PERNR), with the following specificatons:                   
  1. Authorization level:  *               
  2. Interpretation of assignment
     User - personnel no:  I  
  3. Infotype           :  0002
  4. Subtype            :  *
  A related link http://www.sapfans.com/forums/viewtopic.php?p=502235&sid=cd1bde22eb24059e4d5a2eae086b7c96

• No authorization for OSS

  D/ Friends,
  I'm opening OSS site http://service.sap.com/notes. I'm entering my User ID & Password, but sys is showing "Authorization Error". When I'm requesting for a new password, another err is coming "The specified e-mail address, xxxxxxxyahoo, is not assigned to user S000XXXXXX." Data entered is 100% correct.
  Pls advice.
  Thanks.
  P.S.
  D/ Moderators,
  Pls advice.
  Thanks.
  Edited by: R S on Feb 18, 2011 6:11 AM

  hi
  ASK YOUR BASIS GUYS FOR PASSWORD ADN USERID
  Access to service.sap.com
  Reg
  NAr

• Authorization for posting periods

  Hi All,
               is it possible to give authorization to only one user for postings for the previous months. where as my requirement is I need to unlock previous months posting periods, so that one user will login into XXX userid and he will start postings in to previous months. Mean while i want to restrict other users to post entries in to previous months.
  Please help.......
  Thankyou,
  Sree.

  Hi!
  Yes, very much possible in SAP B1 2007B
  Set Posting Period as Closing Period for the Financial Year
  Do Authorization for Closing Period under General Authorization.
  Give full autho to that particular user who going to do postdated entry.

• REMOVED " V/032 Insufficient authorization for sales document"

  We are having serious issues with the multiple credit card authorization at the time of releasing the billing document to accounting. Everything is with fine with a single payment card. But as soon we split the order value into two payment card and try to release it to accounting, It gives me this error " Insufficient authorization for sales document XXXX". It was working fine sometime back in July and i had tested it many times, i have no clue what happened in the system or what triggered it. I have checked all the config and settings, everything is fine, and i am unable to understand what is causing this issue. Any help from anywhere would be greatly appreciated....
  thanks all in advance for their input..
  Message was edited by:
          Yathish K

  Hi,
  Please <b>read rules of engagement</b> before posting.
  Step 1: Finding An Answer
  Rule number one: Try to find the answer first. There are tons of resources out there, show that you have tried to find the answer. A question that shows that the person is willing to try and help themselves is more likely to be answered than one which simply demands information. Tell us what you have done to try and solve the problem yourself - often we can learn from that too!
  Search the forums, the articles, the blog posts and the Frequently Asked Questions (FAQ) in the Wiki for your topic.
  Step 2: Asking Your Question
  Once you have verified that no resources are available for solving your problem, ask your question. Do the following:
  - Use a Good Subject Line
  The subject header is your golden opportunity to attract qualified experts' attention in around 50 characters or less. Don't waste it on babble like "Workflow question". We all have busy jobs, often we just skim through the list headings and read those that interest us. Also, DO NOT reply to an unrelated post to ask a different question. This confuses those reading the thread and may lose people that would be interested in your question. Always start a new topic with a new mail.
  <i>Bad subject: Urgent problem with workflow</i>
  Good subject: Error after transport: "Inconsistent workflow definition"
  Do not use words in capital letters and any of the words: urgent, quickly, burning, etc in your message. Especially not in the title! This just irritates and does not help you get to your goal. From our side, we definitely do not answer faster when we see these words.
  <i>The same goes for such things as ??? or !!! in appends. In the English language one ? or ! is sufficient to terminate a sentence.</i>

• Necessary Authorizations for BI Consultant

  Dear All,
      What are the necessary Authorizations for BI 7.0 Consultant to work on a BI development system ?
       I have created source system (ECC Dev system), installed Bex analyser and I would like to verify if there are any standard tasks to be performed to make the system ready for BI consultant and required authorizations to perform all the activities.
  Thanks,
  Nick.

  Hi,
  The basic authorizations you need are RSA1, then you need to have access to all the infoareas, objects. You need access to modify, create, activate objects. In addition you'll need access to maintain master data for master data objects, monitor job loads, process chain access, query creation and change access. Query execute access. Authorizations to replicate datasources, activate them and access for creation, change and activation of DTPs, Infopackages and Transformations is also needed.
  These are some of the basic authorizations you need in the development system.
  For all other systems, you only need display authorizations for all objects.For data viewing, it'll be based on what security you get. Based on the client strategy in some places, you might get authorization to create, change and activate infopackages and DTPs. But to maintain the integrity of the Process chains and the environments, the best practice would be create these objects in dev and then transport them.
  Cheers,
  Kedar

• Problem with Authorization for Planning folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  we are not pulling the data from any other server, all the data is on the sif any one has faced the same issue let me know.
  Regards,
  Abraham

  Calling Thru Trans code: BPS0 in ECC 6
  getting this error:
  Error while calling up RFC
  Message No. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "An error occurred during the receipt of a complex parameter."
  after i check in bw trans code:st22
  Following this error message:
  Category                   Internal Kernel Error
  Runtime Errors         PARAMETER_CONVERSION_ERROR
  Application Component  BC-MID-RFC
  Short text
      An error occurred during the receipt of a complex parameter.
  What happened?
      During a remote function call, an error occurred while converting
      a complex parameter.
  What can you do?
      Note which actions and input led to the error.
      For further help in handling the problem, contact your SAP administrator
      You can use the ABAP dump analysis transaction ST22 to view and manage
      termination messages, in particular for long term reference.
  Error analysis
      An error occurred during the conversion of a complex parameter.

• Problem with Authorization for BW BPS planning Folder

  Hi an having a problem with providing authorization for a planning folder
  i am getting the following error when i test it with test user
  Error while calling up RFC
  Message no. UPC202
  Diagnosis
  You have selected a function, to execute this the system must set up an RFC connection to another SAP System. However, setting up this connection was not successful. The following internal error message was generated:
  "You do not have authorization for InfoCube ZT_MR_T "
  Procedure
  Inform the system administrator.
  if any one has faced the same issue let me know.
  Regards,
  Abraham

  HI ,
  I Checked it out we dont have that cube in our system.
  Regards,
  Abraham