03-08-2012 6:00 AM
Hi
The ESS role has access to P_PERNR. Thought i have * for all the fields except PSIGN the user still not able to update the phone number. user is trying to modify from portal
Could someone help me to resolve the issue.
When i run trace it is askinh for P_ORGIN object.
As per my understanding ESS role doesn't need P_ORGIN. Is my understading correct??
Thanks
Adi
Edited by: adityaaneni on Mar 8, 2012 7:36 AM
03-08-2012 9:39 AM
Hello Adi,
Does the said user personal number maintained in 105 infotype?. Also ESS role might need P_ORGIN in some scenario (we have given the same), but provide the object as per the trace specific only especially with authorization level (AUTHC). With my little understanding is you need to give maintain access under P_PERNR object as well for self changes.
Rgds,
Durga.
03-08-2012 10:04 AM
Hi Durga,
Thanks for the responce..
If we give P_ORGIN user is able to update the communication record. Again if we give P_ORGIN how do we restrcit the personal area
You mentioned "need to give maintain access under P_PERNR object as well for self changes"
How do we give this. Because i already given the * for AUTH level for infotype 0105.
Looking for you responce..
Thanks,
Adi
03-08-2012 11:35 AM
Hello Adi,
We cannot put restrictions in presonal area, as there will be more employee sub groups against different personal area user ESS category. So in general we have to give * only. I believe we have to look into authorization level and infotype in P_ORGIN.
FYI, even in authorization level (AUTHC), there are different kind of restrictions like M, R, S, E, D,W etc.
Before finalizing the authorizations, please confirm with trace ST01 (SAP side) when user trying from portal side which may costs you little more time but worth it. Also keep an eye on dumps at back end.
Rgds,
Durga.
03-08-2012 12:23 PM
Hi Durga,
To test this I have given PA30(only t code) to backend role and tried. When i was trying I am gettiing an AUTH error "No authorization to modify the historical data"
Say current start date 06/03 in PA30 screen i am getting the above error.
If i change the date I am able to modify the communication record.
Any idea why i am getting this.
03-08-2012 1:13 PM
Hi Aditya,
For the PSIGN give I and test.
Still not able to update, check if the user has P_PERNR from other roles with PSIGN value E for infotype 105. If this is the case it has to be removed. As E will be given preference over I.
Make sure you logoff and then login to portal.
Regards,
Ajesh.
03-09-2012 3:39 AM
Hi Ajesh,
I have given like below.
Authorization level *
Infotype *
Interpretation of assigned per I
Subtype *
Still I am not able to update the existing record where as i am able to create new record.
Any idea what could be the issue.
03-09-2012 4:05 AM
Hi Aditya,
Is there any other instance of P_PERNR assigned to the user ? Also if you are using structural authorizations please check those too. Try replicating to a new user and see if it works.
Regards,
Ajesh.
03-09-2012 4:15 AM
Hi Ajesh,
There is no other P_PERNR other than the above.
No Structural authorizations as well.
Still the issue exists.
03-09-2012 6:29 AM
Hi Aditya,
Try changing the email from ESS with SAP_ALL given to the user. If its still not working, its not a Security Issue.
Hope you have run ST01 when trying with PA30.
Regards,
Ajesh.