Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorization Issue

Former Member

‎2007 Sep 30 6:23 AM

0 Likes
790

Hi,

Iam working on SAP4.6C, windows 2003 server, oracle-9.2.

There is one user who is missing some authorization for a particular transaction ME23.

When i asked him to execute SU53. The following authorization object were checked.

Object K_TP_VALU Transfer Price Valuations

Object Class CO Controlling

Field Value

Activity

03

Controlling Area

<Dummy>

Valuation View

0

What i have to do next allow this user to execute this transaction?

How to add this authorization to only this particular user because i think other users are also associated with this role.

Regards

3 REPLIES 3
Read only

Former Member

‎2007 Sep 30 7:32 AM

0 Likes
739

Would suggest to add the authorization exactly as in theSU53 to the role that has TRX ME23 and let the user test again.

In a normal landscape I would suggest to do it like this :

1. Create a UID in the quality/Test system that has the exact same role as the user has and let someone (maybe the user) test to see if the error can be replicated in that system.

2. If so change the role in the QA system (adding the object and values )

3. Let the person retest until it works correctly.

4. Change the role in DEV exactly as it was changed in QA

5. Transport to QA.

6. Check if the userid has the transported role.

7. Retest, if OK

8. Transport to PROD.

Read only

Former Member

‎2007 Sep 30 7:37 AM

0 Likes
739

Forget to mention.

there are two options:

1 other users do not need this in ME23 (as they do other/different tasks in the TRX)

2 other users have the same problem (but have not told you jet)

if case 1 is sure: create a new role based as a copy of the old one, change only the new role and assign only to user with error as described above

case 2 change the old role as all users need this.

When in doubt about case 2 contact a area functional consultant and ask them to tell you if the extra authorization is a problem.

Read only

Former Member

‎2007 Oct 03 11:38 AM

0 Likes
739

hi,

This you can trace out by two means

either compare the authorizations of both the users vide tcode suim.

This will be a difficult task.

Or trace the authorization of the user who can perform the tcode as desired and see the trace report for the authorization objects it hits then assign the missing one to the other user.

To trace the authorization ask the user who can do it to perform the task and put him under authorization trace via tcode st01.

In ST01 check the Authorization box.

Go to Edit menu->Settings->write to database.

Edit menu--->Filter->Shared--->put the user name and save.

Check the trace file and assign the missing authorization.

Hope this will help.

Pl award suitably if resolved.

Regards