Thanks Shkëlzen..I have already gone through this thread. Not sure if I have completely understood it. If it can be expained in more layman language.

Hi Nitin,

ST01 return code throws out value 40 only when you are running the system trace (ST01) for an user who is no longer active/available at the master table level. Which is deleted of course.

Hope this would make you understand now.

KR,

Ameet Kumar

Hi Ameet,

Thanks for response. From master table you mean USR02?

User was able to log in system. It is CRM system. From there user was able to call transaction CRM_UI and when using the link it gets authorization error. In trace it is showing RC 40 for S_DEVELOP.

Thanks,

Niitn

Not correct.

You first need to understand the reference user concept and foreign authorization-checks. The layman's explanation is here -> http://scn.sap.com/message/10797739#10797739

So.. for you this means that your user may be assigned whatever authorizations, but the system is checking a different user's authorizations first before it reacts to the check or performs something. Most likely your user is wanting to debug a CRM web service, but that service is running under a different user ID and that user ID does not exist in the system anymore. So the debugger is not allowing the calling user to stop at the break-point, right?

That is faulty configuration as a result of deleting users. You can see the name of the user in the same trace sting as the RC = 40.

Type = HS

Name = web service name

Reason = D  <-- this means the check went foreign against a different user)

Name = xxx  <-- this will be the name of the foreign user who you should recreate and authorize if you want to debug.

Cheers,

Julius

Hello Julius,

In trace we are getting same user id and blank in the field name. Please see below the trace details and advice.

Client: 120  User: TEST1 Transaction:   Trans ID: 528B2089E67B0A40E10080000A9F5814

Start: 2013/11/19 15:34:29,354553  Finish: 2013/11/19 15:34:29,368244  No. of Records: 2  File Version:  2

EPP Full Context ID: 528B2084E67B0A40E10080000A9F5814  EPP Connection ID: 528B0AD6E6640DE0E10080000A9F5814  EPP Call Count

Block Version: 1,300  First Block of Dialog Step  Last Block in Dialog Step

Work Process: 0  Process ID: 15,532,094

hh:mm:ss:ms  Type  Lasts(us) Object           Text

15:34:29,355 AUTH            S_DEVELOP  RC=40 OBJTYPE=DEBUG;ACTVT=90;DEVCLASS= ;OBJNAME=TEST1;P_GROUP=120;type= ;name= ;

15:34:29,355 AUTH            S_DEVELOP  RC=40 OBJTYPE=DEBUG;ACTVT=03;DEVCLASS= ;OBJNAME= ;P_GROUP= ;type= ;name= ;

Hmm.. it is in the debugger and the ACTVT 90 indicates that there is an external break-point against the current user as I suspected, but that user does not exist is strange because it is logged in.

A possible explanation still is that the web service which the TEST1 is trying to debug has a logon procedure which is defined in the SICF with a fixed client for the authentication, and that client is not 120. The WS call is therefore failing because the TEST1 user does not exist in the other client.

That would at least still be logical because the ST01 system trace is client independent and ICF services can have a client maintained.

Check that and let us know.

Also please check on the roles tab in SU01 of TEST1 whether a reference use is maintained there (just to be sure that that is not interfering with the client confusion and the debugging). While you are about it you can also check the SM21 system log for anything strange for TEST1 in the debugger...

Cheers,

Julius

Hi Pavan,

User is logging thorough GUI and executing CRM_UI and getting authorization error.

Thanks,

Nitin Sherry