Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problem with Project Systems authorizations

Go to solution
Former Member

‎08-19-2009 11:27 AM

0 Kudos

Hi All,

We are implementing project systems module and are facing several authorization issues. The SAP default values do not seem to work and there are several objects which showup as "not checked" in SU24 showup in the SU53. e.g. tcodes are CJ20n, CJI3. Are there any steps for activation / pre-requisites, etc?

Thanks for your inputs

Vijaya

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎08-19-2009 4:48 PM

0 Kudos

If the user is facing problem in execution of the transaction, then take ST01 Authorization trace for the particular job and then implement the role accordigly. Do not try to implement role as per SU53 dump as SU53 dump will provide you last authorization check failed dump.

By this way the issue can be resolved.

Regards,

Sandip.

6 REPLIES 6

Go to solution
Former Member

‎08-19-2009 11:32 AM

0 Kudos

"No check" does not mean that the trace will not pick it up as being "possible to check".

What it does is that it sets the return code to 0 (= successfull) regardless of whether or not the user had the authorization object.

Instead of "No check" one could also say "No reaction".

Cheers,

Julius

Go to solution
Former Member

‎08-19-2009 11:58 AM

0 Kudos

Hi

There are chances that some of the transactions codes will call other tcodes while execution.

in this case also CJ20N is calling many tcodes, those auth check would not be inserted as check points in SU24 , hence you should identify them in the testing phase or using the TCDCOUPLES table.

You can check the calling & called transaction values in the table TCDCOUPLES in SE16, according to that you can build your SAP roles.

Go to solution
Former Member

‎08-19-2009 4:48 PM

0 Kudos

If the user is facing problem in execution of the transaction, then take ST01 Authorization trace for the particular job and then implement the role accordigly. Do not try to implement role as per SU53 dump as SU53 dump will provide you last authorization check failed dump.

By this way the issue can be resolved.

Regards,

Sandip.

Go to solution
Former Member
In response to Former Member

‎08-19-2009 8:25 PM

0 Kudos

I think it is fair to assume that someone asking a question in these "Expert Forums" knows how to do a basic trace, so the vanila answer of running ST01 and SU53 should be used as a last resort.

It is clear (for me) from the question that the OP knows how to use the analysis tools...

Cheers,

Julius

Go to solution
Former Member

‎08-20-2009 6:22 AM

0 Kudos

Thank you all for the inputs. My question was how to setup the authorizations for these tcodes so as to proactively prevent recurring authorization issues. Any inputs will be highly appreciated.

Thanks

Vijaya

Go to solution
Former Member
In response to Former Member

‎08-20-2009 7:25 AM

0 Kudos

As I suggested you earlier, first get the list of calling tcodes by the requested tcodes and give the authroizations for them,

or Trace the missing authroization using ST01 and give those authroizations in the SAP roles.