sap transaction issue with CJR2 - not authorized

Former Member · ‎07-19-2009

Hi,

One user trying to execute CJR2 and he is filling all the details. But when going to other screen he is selecting PLAN details it is showing you are not authorized. In SU53 that auth object checked is not under that transaction under that role he is executing.

Can any one help what are all to check or need to run trace?

Thanks

Edited by: Julius Bussche on Jul 20, 2009 12:29 AM

Please use meaningfull subject titles

sdipanjan · ‎07-19-2009

> One user trying to execute CJR2 and he is filling all the details. But when going to other screen he is selecting PLAN details it is showing you are not authorized. In SU53 that auth object checked is not under that transaction under that role he is executing.

>

There is no point of resemblance for TCode and and it's inherited role. The TCode can take it's relevant Auth. Object from otther role also while checking the User buffer by using LRU algorithm. So, don't misunderstand. Please put the trace on for the user and find out the required authorizations required for the TCode.

> Can any one help what are all to check or need to run trace?

>

Yes... use St01.

Regards,

Dipanjan

former_member701183 · ‎07-20-2009

Hi,

1. If you find the authorization object mentioned in su53 dump has no relatation with CJR2 transaction the user is running (check in su24 against the txn) then check whether the input values after running the txn is ok or not.

2. Running a trace via ST01 is the best option as mentioned already by Dipanjan.

3. In some cases the parameter values also create problem.

4. Let us know the auth object coming up in the su53 dump or trace.

Check those and let us know if any issue.

Regards

Aveek.

Former Member · ‎07-20-2009

> ne user trying to execute CJR2 and he is filling all the details. But when going to other screen he is selecting PLAN details it is >showing you are not authorized

> pls check with the authorizations object k_tak50 , C projTCD , check SU53 or Add the required objects after checking from SU24 which are marked as YES, so add them manually.

Thx

Mysterious

Former Member · ‎07-20-2009

su24 auth object checked in su53 is not in the list.

Trace saying AUT-0<-S_TCODE:TCD:CJR2

AUT-0<-C_PROJ_TCD:PSARG=0131,TRTYP:V

AUT-0<-k_cskb-PLA:kokrs:eU01,kstar=,actvt=02

sdipanjan · ‎07-20-2009

Please list down the Objects which have got RC (return code) not equal to 0 (zero). These are the Objects those take heads up.

Now coming into your provided list ... all are coming w/ C/M as SAP proposal.

Check/maintain C_PROJ_TCD PS: Transaction-Specific Authorizations in Project System

Check/maintain K_CSKB_PLA CO-CCA: Cost Element Planning

So you already have them in the role where the Tcode is present. Please check the field values required from the values checked in the Trace if these Objects also got RCu22600. And provide the values accordingly.

Let me know if you have further issues.

Regards,

Dipanjan

Former Member · ‎07-20-2009

> su24 auth object checked in su53 is not in the list.

That is not a problem, necessarily.

> Trace saying AUT-0<-S_TCODE:TCD:CJR2

> AUT-0<-C_PROJ_TCD:PSARG=0131,TRTYP:V

> AUT-0<-k_cskb-PLA:kokrs:eU01,kstar=,actvt=02

I place my bets on a badly implemented user-exit.

When you have this "not authorized" message, go to the technical properties and find the message number. Then check the code for the message number and what happens for it to be raised.

Cheers,

Julius