Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

User Buffer not refreshed after User Comparison

Go to solution
Former Member

‎2008 Dec 14 5:27 PM

0 Likes
5,376

Hello,

I faced a strange situation where User Buffer not refreshed after User Comparison.

The way I figured it out is :

1. created a role, with authorization to search "complaints" in tcode CRMD_ORDER

2. assigned the role to a user.

3. did user comparison.

4. for the first time the user logs into the system he is able to search based on "complaints"

5. went to the same role and changed authorizations : deactivated CRM_CMP.

6 did user comparison.

7. the user is still able to search based on "complaints"

user buffer show new authorizations assigned to him. i.e., CRM_CMP authorization object is deactivated.

we went on to PFUD , and did user comparison. still the same result

we are on CRM 2007. why is this strange behavior?

Thanks in advance

VJ

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2008 Dec 15 10:46 AM

0 Likes
2,960

I think the "logon and logoff" approach is well taken care of now... but if the system does not know that something has changed in the user's authorizations, then a corrupted user buffer will not be reset.

There are several ways of doing this. Most common are:

- Run report RSUSR405 or use the function module in it.

- Save a different role once, then remove it again.

- In any screen of SU01, type "RSET" into the ok-code field and hit enter.

Cheers,

Julius

9 REPLIES 9
Read only

Go to solution
Former Member

‎2008 Dec 15 4:50 AM

0 Likes
2,960

Hi,

Did the user log off and log back in after the user comparison was done?

Read only

Go to solution
Former Member

‎2008 Dec 15 8:18 AM

0 Likes
2,960

Silly question from my side, but did you generate the role before assigning it? Or, if the role already existed, did you manually delete the old profile before generating a new one? Otherwise, it may be resolved by the user logging off and back on again, as suggested above... some times, buffers do not update instantly.

Read only

Go to solution
Former Member

‎2008 Dec 15 10:27 AM

0 Likes
2,960

Hi,

Just ask the user to log off & then do the user comparison, then ask the user to log in & check

Thanks

Siddhartha

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Dec 15 10:44 AM

0 Likes
2,960

Hi,

Please follow the following steps

Do the user comparision.

Generate role if not generated

Do check access for user through SUIM reports.

Check how many profiles are assigned to users.

As there is maximum I think (312) profiles we can assign to user.

If profile problem then reduce the no. of profile by restructuring the roles.

Let me know still u are facing problem.

Regards,

Digambar

Read only

Go to solution
Former Member

‎2008 Dec 15 10:46 AM

0 Likes
2,961

I think the "logon and logoff" approach is well taken care of now... but if the system does not know that something has changed in the user's authorizations, then a corrupted user buffer will not be reset.

There are several ways of doing this. Most common are:

- Run report RSUSR405 or use the function module in it.

- Save a different role once, then remove it again.

- In any screen of SU01, type "RSET" into the ok-code field and hit enter.

Cheers,

Julius

Read only

Go to solution
Former Member

‎2008 Dec 17 9:11 PM

0 Likes
2,960

Thanks for the help.

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Dec 17 9:22 PM

0 Likes
2,960

So did it go away of it's own accord, or did a way work to reset the problem?

Cheers,

Julius

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Dec 17 11:44 PM

0 Likes
2,960

Hello,

The issue is still there. We are trying to figure out the problem.

The changed role is assigned to new test user , then the new user is not able to see the list.

SAY:

1. role with auth obj, CRM_CMP is generated and given to user 'A' for the 1st time

2. User 'A' is able to see the list of complaints via CRMD_ORDER -> SEARCH ON COMPLAINTS. user 'A' log out of the system

3.now in the role obj CRM_CMP is deactivated. regenerated, user comparison is done. Given to user 'A'

4. user 'A' log in to the system, still able to see the list of complaints, if he selects the option "ALL" in the text box opposite to FIND.

5. if the enhanced role is given to a new user 'B' , he is not able to look into the list of complaints which user 'A' is able to.

Any suggestion...

Thanks,

VJ

Edited by: sapsec vj on Dec 17, 2008 5:47 PM

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Dec 18 12:19 AM

0 Likes
2,960

> 5. if the enhanced role is given to a new user 'B' , he is not able to look into the list of complaints which user 'A' is able to.

The only thing I am able to comment further about is that there are special cases for cross-component concepts where adding access (e.g. a role) will restrict the access in another of the same user.

These are either optional concepts (or ugly concepts if activated but not understood).

I have no idea whether this is the case in your CRM_ORDER application, but it sounds suspect of this.

Cheers,

Julius