Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Permissions issues when trying to execute an external command

Former Member

‎2014 Aug 22 8:41 PM

0 Likes
2,419

HI

I am very new to SAP and was hoping for some guidance :

As an administrator I created an external command in sm69 - a unix script that delete files on the app server.

it works fine for me , with an admin profile

I wanted to allow one of the developer to execute this unix script using tcode sm69

I created a role to which I granted SM69 transaction and assigned the role to him.

he is able to access the sm69 tcode.

However - he cannot actually execute any of the external commands there , not even the SAP supplied ones.

( getting an error that he is not authorize to execute the external command )

Is there any additional authorization that I am missing ?

thanks you

Orna

6 REPLIES 6
Read only

paul_bakker2
Active Contributor

‎2014 Aug 23 11:11 AM

0 Likes
1,250

Hi,

> Is there any additional authorization that I am missing ?


Almost certainly! Did you run an authorization trace?


cheers

Paul

Read only

Former Member
In response to paul_bakker2

‎2014 Aug 23 4:38 PM

0 Likes
1,250

I did not , but I am reading about it right now and I will see what I can get from it

thank you !!

Read only

Former Member

‎2014 Aug 23 5:03 PM

0 Likes
1,250

Dear

You can get missing authorization object by running SU53 then according to that you can assign that authorization object to that user

Hope this would hlep

Regards

Read only

Former Member
In response to Former Member

‎2014 Aug 23 5:15 PM

0 Likes
1,250

I have a question : I am going to participate in ADM100 next week.

Will this course cover all of the authorization schemes used in SAP  ?

It seems very evolved and complex

Read only

Former Member
In response to Former Member

‎2014 Aug 23 5:34 PM

0 Likes
1,250

Dear

it touches all part of basis also as you asked it will cover authorazation also

Regards

Read only

Former Member
In response to Former Member

‎2014 Aug 24 8:36 PM

0 Likes
1,250

You are on the right track, except that ideally you should first have training and then administrate the system.

ADM100 will make assumptions that you have enough authorizations and introduce the concept briefly to you. But it is not authorization admin training.

Even as an authorization admin or application support, you will need to navigate to the application help of the transaction and ideally also understand the "module", the business process and the design concept of whether to build a new role, assign and existing one or enhance an existing one. Otherwise you soon have a mess.

To avoid a "mess" of questions on SCN as well, I suggest that you first do the training, then use the search (like we all do - yes it is complex software with lots of options) and if something has a discussion value then open discussions on SCN.

In this case object S_LOG_COM (see tcode SU21) will show up next in the authorization errors (probably) and reading the documentation on the object will help you further. Reading about parameter transactions and SU24 proposals for the exact field values of S_LOG_COM needed will round it off to keep you on the guru track.

Hope that is ok for you how to proceed further.

Cheers,

Julius
(SCN Security Area Moderator)