cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access to Organization Balances

Former Member

on ‎05-14-2014 6:59 PM

0 Kudos

Hi gurus,

I am just trying to enter to Organization Balances in the NWBC screen but I get the message "You are not authorized to access any organization".

Attached you can display the error message. Do you have any idea of what can be happening?

Thanks,

Kind regards

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎05-27-2014 10:33 AM
0 Kudos

Hi all,

We just realized that the regulation which appears is FDA and we are not using this regulation in any organizations.

Do you know how to change the regulation (if we choose change regulation nothing happens)?

Thanks in advance.

Regards

Show replies
Show replies
Former Member
‎05-28-2014 4:08 PM
0 Kudos

Hi again guys,

We have realized that for other regulations we are able to display regulations SOX and FDA but not the customized regulation we have created in the system.

Is it a table where is it necessary to manually create the register for the regulation?

Thanks,

Kind regards,

Former Member
‎05-19-2014 9:24 PM
0 Kudos

I have already testes it in a Sandbox with customized roles and the message does not appear. I am wondering that maybe this is an error coming from lack of permissions in the WF-BATCH user. What do you think?

Thank you again!!

Show replies
Show replies
Former Member
‎05-19-2014 10:52 PM
0 Kudos

Hello John,

Please, let me know what you have checked on this screen:

Path: SPRO -> Governance, Risk and Compliance -> General Settings -> Authorizations -> Maintain Authorization Customizing.

Thank you,

Fernando

Former Member
‎05-20-2014 4:02 AM
0 Kudos

Hi Fernando,

I only have the options with "Second-Level Authorizations" and "Display role definitions" with tick.

Kind regards,

Former Member
‎05-20-2014 6:16 PM
0 Kudos

Hello John,

I tried to replicate the scenario with customized roles and even with the autorization customizing set. As per Colleen's advice, please run ST01 trace. Make sure you tick the option authorization check and make sure you are analyzing the correct user.

Thank you,

Fernando

Former Member
‎05-20-2014 7:46 PM
0 Kudos

Hi Fernando,

Thanks for your message. I discovered how to trace and I have checked I have all the objects and values checked in the transaction. I think it is quite strange!

Any idea?

Thanks again!!

Colleen
Advisor
Advisor
‎05-21-2014 12:02 AM
0 Kudos

Hi John

Do you have multiple application servers? If so, you need to switch the trace on all of them or check which one you are one

The next bit it to use ST05 to trace and look at all the SQL. Once you get the results you can search for table T100 and see if the entry matches your error message. After that, read backwards and find what SQL select statements happen

If it is not security authorisation (PFCG) you may then identify the configuration or master data issues preventing the access

Regards

Colleen

Former Member
‎05-22-2014 11:48 AM
0 Kudos

Hi Collen,

And how can I look for the error message in the SQL trace?

Thanks!

Kind regards,

Colleen
Advisor
Advisor
‎05-22-2014 11:53 PM
0 Kudos

Hi John

When you view the results, search to find an entry for T100. Have a look at the values and then go to that table so see if the values match the error description

Once you locate the error message in the trace, work backwards to see what other data is checked and you might find a GR* table, etc that is used to determine the requirements.

The ST05 trace will show you the data being used and can help you understand the sequence of events.

Regards

Colleen

Former Member
‎05-23-2014 7:50 AM
0 Kudos

Thanks for the explanation Collen. The point is, the description in T100 table should be the same as in the trace? or it can be different but similar?

Thanks,

Kind regards,

Former Member
‎05-18-2014 11:43 PM
0 Kudos

Hello John,

Are you using GRFN_USER or GRPC_API to control access?

If you are using GRFN_USER actvt 16 and controlling through Entity Role Assignments, check whether of not you have G_GRPC_API ACC_GROUP actvt 16.


Thanks,

Fernando

Show replies
Show replies
Former Member
‎05-19-2014 6:10 AM
0 Kudos

Hi Fernando,

Thanks for your answer. I have already checked that but I have all the activities for GRFN_USER and I also have the object G_GRPC_API for ACC_GROUP with actvt 16.

What do you mean with Entity Role Assigments?

Any other idea of what can be happening?

Colleen
Advisor
Advisor
‎05-19-2014 6:28 AM
0 Kudos

Hi John

Process Controls is not my background, however, could this error be restricted from your IMG configuration for entity level authorisations?

You could try to run  ST01.ST05 traces for authorisations and SQL to identify what is being checked just prior to the error message.

Here's some SAP help overview for it (I suspect this is what Fernando was referencing). If not search for Entity Level Authorisation for Process Controls to find the overview.

Regards

Colleen

Former Member
‎05-19-2014 9:15 AM
0 Kudos

Hi Collen,

Thanks for your message. This is the message I got from the NWBC front end, so this is not recorded using ST01 or ST05. I have already checked the Entity Level Authorization for Process Control and the configuration for this is ok. I mean, for the Org. Unit Entity Level I have already set the role with authorization enough to display the ACC_GROUP and I still got the same message.

Any other idea?

Thanks,

Kind regards,

Former Member
‎05-19-2014 6:37 PM
0 Kudos

Hello John,

This authorizations should be retrieved in a ST01 trace. I did it myself in my internal system. First of all, I suggest you to give the user who's using NWBC the power user role GRFN_USER ACTVT = 02.

Answering your question: What do you mean with Entity Role Assigments?

Please, refer to SAP note 1572360.

Let us know if it is not working even with power user access.

Best Regards,

Fernando

Former Member
‎05-19-2014 8:51 PM
0 Kudos

Hi Fernando,

Thanks for your answer again,

The power user contains the objetc GRFN_USER with all the possible values and the message is still the same "You are not authorized to access any organization".

I am still wondering what could be happening! Any other idea?

Thanks gurus!

Former Member
‎05-19-2014 8:55 PM
0 Kudos

Hello John,

Thank you for your answer.

My last question: Are you using customized roles?

If yes, can you test to access this screen with the pre-defined SAP role SAP_GRC_FN_ALL.

Thank you,

Fernando

Former Member
‎05-19-2014 9:18 PM
0 Kudos

Hi Fernando,

I am using a customized role which has been created adding all the permissions from the role SAP_GRC_FN_ALL and more roles. I can not use standard roles in this specific system.

What do you think?

Thank you so much!!

Former Member
‎05-19-2014 9:21 PM
0 Kudos

Hi John,

Thank you for the information provided. I will test the scenario in my internal system here with a customized role. It can be an inconsistency with customized roles as I tested with SAP standard roles and the error message did not show up.

Thank you,

Fernando

Colleen
Advisor
Advisor
‎05-19-2014 10:17 PM
0 Kudos 


This is the message I got from the NWBC front end, so this is not recorded using ST01 or ST05

Really? Are you sure? Have you tried?

Regards

Colleen

Former Member
‎05-20-2014 6:32 AM
0 Kudos

Hi Colleen,

Yes, The thing is that after the activation of the tracing, I just execute the NWBC and click in the Master Data tab. Then I choose Organization Balances. After this step I check in the ST01 or ST05 and it is empty. Should I get something from here?

Thanks,

Kind regards,

Ask a Question