04-10-2015 7:06 AM
Facing a weird issue with PFCG role generation.
Not able to generate the role in PFCG, attached error screenshot too. This error is started coming up after creation of Z authorization object.
Please share your ideas if anyone has came across with such error.
It NW 7.4 system.
Regards,
Jay
04-10-2015 12:26 PM
04-10-2015 1:49 PM
what error message? Your screen shot is a yellow flag of Authorisation Tab.
04-15-2015 9:13 AM
Did you try generating the profile?
Generating Authorization Profiles - Identity Management - SAP Library
04-15-2015 10:54 AM
Hi Jay,
I think u might haven't generated the profile or may not have maintained the authorization data.
Check once whether any open fields are there are not.
Herewith is the attached error for your reference.I have also done.
Can u send the screen shot of the auth. data maintained.
04-28-2015 4:07 PM
Hi Jay,
Once you have added the authorization object, expand each node in authorization tab and look all are filled. If you find any yellow field, provide Full auth or required auth for that object. after doing this, you need to generate profile. Everytime you make changes in the role, you need to generate profiles.
In above example, click on the pencil button to provide required auth, or the yellow * for full auth. It will turn green, do this for all yellow objects. Then generate profile at last. Red and while Ball shaped button. Hope it helps.
Thanks,
Kavitha Rajan.
05-02-2015 11:12 AM
Hi Jay,
Can you provide the screen shot of the Display authorization data?
You need to input the values to the authorization objects which appears as yellow (small triangle)
Once your authorization object is Green, Generate and Save the role
Thanks & Regards,
V!
05-02-2015 12:59 PM
Dear All,
Thanks for coming forward with your replies. Being as a role admin had enough experience with PFCG and maintaining authorization data.
Issue faced only after creating a Z authorization object. Surprisingly it doesn't give any error.
Regards,
Jay
05-03-2015 11:05 AM
Then something is syntactically incorrect in your authorization object and / or the SU24 proposals which are suggesting this object are inconsistent with the fields and available values for the object and / or the fields and values in table TSTCA do not correspond to the object anymore.
Basically it is corrupted.
So... go to SU24 for the transaction which is proposing this object (well done BTW!) and delete it. Then add the object again as a proposals and maintain the fields which you can.
Alternately you can try to run report SU24_AUTO_REPAIR for the transaction, but it does not always work for all types of corrupted data.
Cheers,
Julius
05-02-2015 2:49 PM
Hello Jay
Can we go back to basics please?
Where is the SU53?
Adding * to auth objects is not a good idea to see if the 'problem' goers away.
Maybe you are not authorised for this particular profile ? especially if in PRD
Kind regards
David