Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

User does not have authorization.

Go to solution
Former Member

‎2006 Nov 03 3:11 PM

0 Likes
4,677

The end-user gets an error message "PM:xxx No authorization for Plant XXXX in the TCODE screen".

I have debugged the TCODE, and no authorization checks are made within the program.

How do I check if the user is setup correctly? FYI - I do not have authorization to SU01.

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2006 Nov 03 4:22 PM

0 Likes
3,168

U can do SU53, whereby it would list the problem as to the object...than you can give appropriate rights to the particular user.

12 REPLIES 12
Read only

Go to solution
Former Member

‎2006 Nov 03 3:17 PM

0 Likes
3,168

If you do not have authorization then your basis team should do this for you.

Cheers

Read only

Go to solution
Former Member

‎2006 Nov 03 4:16 PM

0 Likes
3,168

Hi:

It is quite possibel that there are certain <b>authorization checks</b> for the plant. If there is a authorization check for that particular plant, then the user will on be able to execute for that plant.

SU21 is the transaction code for maintaining authorization check objects.

Regards,

Sookshma

Read only

Go to solution
Former Member

‎2006 Nov 03 4:22 PM

0 Likes
3,168

hi Ganadeep,

Sometimes your basis person or the client may restrict you from accessing few transactions ... for that check with the basis person for providing the authorizations

Regards,

santosh

Read only

Go to solution
Former Member

‎2006 Nov 03 4:22 PM

0 Likes
3,169

U can do SU53, whereby it would list the problem as to the object...than you can give appropriate rights to the particular user.

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Nov 03 5:50 PM

0 Likes
3,168

Small correction - your user should run SU53 right after he got the message about missing authorizaiton, he'll see which object/values were checked and were not successfull.

SU53 should be executed by the person who actually eperiences authorization problem.

Read only

Go to solution
RichHeilman
Developer Advocate
Developer Advocate
In response to Former Member

‎2006 Nov 03 5:56 PM

0 Likes
3,168

Right, fool proof way is to run the transaction to the point where he gets the error message, then type /nSU53 in the tcode box at the top of the gui, then print the output and give to security guys.

Regards,

Rich Heilman

Read only

Go to solution
Former Member

‎2006 Nov 03 6:10 PM

0 Likes
3,168

We have been going back-and-forth with end-user and Basis to fix this issue.

The SU53 screen shot was submitted to Basis and they claim the user's autorization profile is correct. Is it possible for one authorization profile to interfere with another authorization profile?? Because the profile under contention should allow add/change/delete material classification attributes. But there exists another authorization profile against the same user that give him only display rights.

Another clarification from the user - Initial stand was that he saw the 'No authorizatoin for plant xxxx' message when he typed in the TCODE (which made me look for authorization checks in PBO module of the screen). But now, he states that the error message is displayed when he hits the ENTER key (so, the check is being made in PAI module, is it??).

Read only

Go to solution
RichHeilman
Developer Advocate
Developer Advocate
In response to Former Member

‎2006 Nov 03 6:14 PM

0 Likes
3,168

I would think it is in the PAI.

What tcode/program are we talking about?

Also what is the message id and number, you may be able to do a where used on this and find exactly where this message is coming from.

Regards,

Rich Heilman

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Nov 03 6:22 PM

0 Likes
3,168

The program is a custom progoram.

The message displayed is

"PM:301 No authorization for Plant 0123"

I did perform a global search for this message is the message class, text symbols and did not get any results.

Read only

Go to solution
RichHeilman
Developer Advocate
Developer Advocate
In response to Former Member

‎2006 Nov 03 6:23 PM

0 Likes
3,168

What function module is it calling in this custom program, most likely it is coming from there.

Regards,

RIch Heilman

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Nov 03 6:42 PM

0 Likes
3,168

If your user is getting error message and his SU53 keep showing missing authorization - then your BASIS folks need to check authorization again.

You can enable authorization trace in ST01 and check which objects/values have been checked.

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Nov 03 7:29 PM

0 Likes
3,168

Guess I finally figured this one...

The user has two conflicting authorization profiles.

One profile give him 'display only' rights and the other profile authorizes him to execute a TCODE. The program behind the TCODE looks for a 'create' authority.

Basis has been notified and ticket has been re-routed to a different queue.