https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357266#M805520 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>You are absolutely right, this role will assign to super users who is authorized on the sm30 with the few customized tables and restricted by the authorization group, so that, super users is restricted not to play with the other tables, but with this additional role assigning to him, he will authroized on the SD tables whose authorization group are "VA"</P><P></P><P>Please advise us.</P><P></P><P>Regards</P><P></P><P>Anwer Waseem</P><P>SAP BASIS</P></BODY></HTML> Tue, 29 Jan 2008 12:44:47 GMT Former Member 2008-01-29T12:44:47Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357264#M805518 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>I want to define the additional authorization group on the following tables.</P><P></P><P>v_tvm1</P><P>v_tvm2</P><P>v_tvm3</P><P>v_tvm4</P><P>v_tvm5</P><P></P><P>I have generated the access key for the v_tvm1 to check the scenario, the existing authorization object of the following tables are "VA" SD: Appl. table.</P><P></P><P>I have overwriten the authorization object and generate the new request which solved our problem but the existing authorization group might be pre-requisites for the SD Application and may arise inconsistences in the future.</P><P></P><P>I don't want to the users should authroized with the default authorization group "VA", otherwise, the users get unauthorized access of the tables whose authorization group are "VA"</P><P></P><P>I want to assign the new authorization group on the following table and restrict them by the new authorization group.So that, users will restricted by those tables have authorization group are "ZMMT"</P><P></P><P></P><P>When i add the new authorization group in the table maintenance by the se11, the process has been ended with the below popup </P><P></P><P></P><P>Choose the key from the allowed namespace</P><P></P><P> Message no. SV019</P><P></P><P>Diagnosis</P><P></P><P> You have attempted to create an entry and have used a key which is not</P><P> in your namespace.</P><P></P><P> This can cause problems in later upgrades because the entry could be</P><P> overwritten by an import, or overwrite an existing entry.</P><P></P><P>Procedure</P><P></P><P> Check your entry and try to enter a key value from your namespace.</P><P></P><P> You can display the namespace definition with RDDKOR54.</P><P></P><P></P><P>Please advise us. or do you recommending me to overwrite the existing authorization group on the following tables. ?</P><P></P><P></P><P></P><P>REgares</P><P></P><P>Anwer Waseem</P><P>SAP BASIS</P></BODY></HTML> Tue, 29 Jan 2008 11:44:53 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357264#M805518 Former Member 2008-01-29T11:44:53Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357265#M805519 <HTML><HEAD></HEAD><BODY><P>Hi Anwer</P><P></P><P>Why do you need to change the auth group on them?</P><P>Just get the users to access them via the tx linked to those views (check out Julius' post on the following thread <A href="https://forums.sdn.sap.com/click.jspa?searchID=8407692&amp;messageID=4723045" target="test_blank">https://forums.sdn.sap.com/click.jspa?searchID=8407692&amp;messageID=4723045</A> ) and keep the standard VA auth group. Users shold not be able to access them in prod in any other way, especially not via SM30 etc.</P></BODY></HTML> Tue, 29 Jan 2008 11:57:57 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357265#M805519 Former Member 2008-01-29T11:57:57Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357266#M805520 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>You are absolutely right, this role will assign to super users who is authorized on the sm30 with the few customized tables and restricted by the authorization group, so that, super users is restricted not to play with the other tables, but with this additional role assigning to him, he will authroized on the SD tables whose authorization group are "VA"</P><P></P><P>Please advise us.</P><P></P><P>Regards</P><P></P><P>Anwer Waseem</P><P>SAP BASIS</P></BODY></HTML> Tue, 29 Jan 2008 12:44:47 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357266#M805520 Former Member 2008-01-29T12:44:47Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357267#M805521 <HTML><HEAD></HEAD><BODY><P>Hi Anwer,</P><P></P><P>As per my previous post</P><P></P><P>1. Assign the transactions (look in the link that I provided) to the users</P><P></P><P>2. Do <EM>not</EM> give the users access to SM30 in production. They do not need it. Find or create alternative transactions for the other tables they need to alter.</P><P></P><P>There is very, very rarely need to give any users access to SM30 in production.</P></BODY></HTML> Tue, 29 Jan 2008 12:53:48 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357267#M805521 Former Member 2008-01-29T12:53:48Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357268#M805522 <HTML><HEAD></HEAD><BODY><P>Thanks for the reply.</P><P></P><P>Yeah! the super don't 've sm30 access in the PRD server.</P><P></P><P>However, I will try to manage with the t-code instead of sm30.</P><P></P><P>REgardssss</P><P></P><P></P><P>Anwer Waseem</P></BODY></HTML> Tue, 29 Jan 2008 12:59:17 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-group-cannot-add/m-p/3357268#M805522 Former Member 2008-01-29T12:59:17Z