cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization object for Sales area determination

Go to solution
Former Member

on ‎06-14-2007 7:36 AM

0 Kudos

Hi Experts,

Im here having service message created with error messages as below:

1. Enter a sales organization

2. Enter a distribution channel

3. Responsible organizational unit (sales) missing

4. Enter a service organization

5. Responsible organizational unit (service) missing

6. Enter the unit of measure

7. Enter a Currency

FYI, the Sales area data has been maintained correctly via Tcode BP. And i realize that the SolMan user id having some missing authorization. Because i did tried to add SAP_ALL to the same user id. After that the message created <u>without</u> any errors.

Thus im suspecting the user id missing some authorization that causing the failed of Sales area data detemination.

Could you please point me out?

Thanks in advance.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-15-2007 3:15 PM
0 Kudos

Hi,

yuo start the test again with the user and without the SAP_ALL role. After the error message you start transaction SU53 (/NSU63). In this list you find the authorization object and value which is missing in the user's role.

You can search in SAP_ALL user'S roles for this object or you use the path in SAP menu:

Architecture and Technology->System Administration->User Maintenance->Information System->Where used lsit->Autorizations

S_BCE_68001396

Then you'll get a list with user who have this auth. object. Then you can only manually compare the user and the values in their roles.

Rgds,

JP

Show replies
Show replies
Former Member
‎06-18-2007 3:03 AM
0 Kudos

Hi Joern,

FYI i did tried on the SU53 check before, the problem is it doesn't return any information by saying the user missing authorization on any areas...

This is the problematic part...sigh... seems like i need to debug on it.

Thanks.

Former Member
‎06-18-2007 7:11 AM
0 Kudos

I supposed there will be only the collecetd messages... Did you try transaction ST01 with the "Authorization check"? Maybe this is showing more details (give the list of all used auth. objects).

SU21:

check class AAAB: B_BUPA_ATT,B_BUPA_CRI,B_BUPA_FDG,B_BUPA_GRP,B_BUPA_PGM,B_BUPA_RLT,B_BUPR_BZT,B_BUPR_FDG

class: CRM:CRM_BP_SA

Jörn

Former Member
‎06-18-2007 7:18 AM
0 Kudos

Hi Joern,

You are the man!!! You save my life again !!!

Yup, from the trace of SU21 i got a list of authorization object that having return code NOT equals to Zero. Hence i added those objects into the user profile and it is working now.....

but im wondering why SU53 did not returned the full list. Do you have any idea?

Thanks in advance.

Former Member
‎06-18-2007 10:53 AM
0 Kudos

SU53 will only show ONE authorization check. And only the last check....and if this has been executed successfully->no errors in the log

Result: You see a summary of messages during creation of a business object. Conclusion: only authority check trace will show all involved checks.

As always, more than one way in SAP to find things

Jörn

Former Member
‎06-19-2007 2:43 AM
0 Kudos

Thanks Joern.

Former Member
‎09-30-2007 8:54 AM
0 Kudos

Hi Joern,

will this ST01 also work for the PCUI or BSP application for finding the authorization objects.

Actually our requirement is that we need to restrict a user searching documents belonging to him and reporting to him.

without any authorizations given we are able to search the documents of all users in activty management under activtiy monitor. we would like to block users to view only documents done by him in his sales area.

can you provide me the details of the authorization object, please.

thanks

Srini

Answers (0)

Ask a Question