on 06-14-2007 7:36 AM
Hi Experts,
Im here having service message created with error messages as below:
1. Enter a sales organization
2. Enter a distribution channel
3. Responsible organizational unit (sales) missing
4. Enter a service organization
5. Responsible organizational unit (service) missing
6. Enter the unit of measure
7. Enter a Currency
FYI, the Sales area data has been maintained correctly via Tcode BP. And i realize that the SolMan user id having some missing authorization. Because i did tried to add SAP_ALL to the same user id. After that the message created <u>without</u> any errors.
Thus im suspecting the user id missing some authorization that causing the failed of Sales area data detemination.
Could you please point me out?
Thanks in advance.
Hi,
yuo start the test again with the user and without the SAP_ALL role. After the error message you start transaction SU53 (/NSU63). In this list you find the authorization object and value which is missing in the user's role.
You can search in SAP_ALL user'S roles for this object or you use the path in SAP menu:
Architecture and Technology->System Administration->User Maintenance->Information System->Where used lsit->Autorizations
S_BCE_68001396
Then you'll get a list with user who have this auth. object. Then you can only manually compare the user and the values in their roles.
Rgds,
JP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I supposed there will be only the collecetd messages... Did you try transaction ST01 with the "Authorization check"? Maybe this is showing more details (give the list of all used auth. objects).
SU21:
check class AAAB: B_BUPA_ATT,B_BUPA_CRI,B_BUPA_FDG,B_BUPA_GRP,B_BUPA_PGM,B_BUPA_RLT,B_BUPR_BZT,B_BUPR_FDG
class: CRM:CRM_BP_SA
Jörn
Hi Joern,
You are the man!!! You save my life again !!!
Yup, from the trace of SU21 i got a list of authorization object that having return code NOT equals to Zero. Hence i added those objects into the user profile and it is working now.....
but im wondering why SU53 did not returned the full list. Do you have any idea?
Thanks in advance.
SU53 will only show ONE authorization check. And only the last check....and if this has been executed successfully->no errors in the log
Result: You see a summary of messages during creation of a business object. Conclusion: only authority check trace will show all involved checks.
As always, more than one way in SAP to find things
Jörn
Hi Joern,
will this ST01 also work for the PCUI or BSP application for finding the authorization objects.
Actually our requirement is that we need to restrict a user searching documents belonging to him and reporting to him.
without any authorizations given we are able to search the documents of all users in activty management under activtiy monitor. we would like to block users to view only documents done by him in his sales area.
can you provide me the details of the authorization object, please.
thanks
Srini
User | Count |
---|---|
87 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.