Hi Dimitri,

User group parametr is same in UAT and Production that is 25,

UAT is rcent refresh of production.

Thanks and Regards

Hi Paul,

User is not having authorization to use this transaction PFUD in production.

Thanks and Regards.

Visali Malepati.

Hi John,

As mention before user is not authorised to use ST01 in production.

Thanks and Regards

Visali Malepati.

Visali,

That is a good start "User cannot run ST01". At least you have secured this transaction from the general user population. You will be running ST01 and not the user.

I will read the rest of the thread and reply if your question haven't been answered.

Hi John,

I think we need to run ST01 using users login id right. I am an ABAPer so i seldom use this transaction code. User is not having authorization to use this Transaction.

I would like to know the impact if I do reset user buffer in SU53 in production system. I am afraid will it cause any side effect. Even I raised to OSS message also but no reply.

Thanks and Regards,

Visali.Malepati

Message was edited by:

visali malepati

Visali,

Have the user logon, and before he/she is about to run the transaction that is failing run ST01 with authorization checked. After the authorization failure analyzed the trace. Enter the User ID and check for 12's hard failure, sometime you might need to also correct the soft failures of 4's.

Good Luck.

Hi Puneet and Chaitanya,

Reagrding SU53.

It is showing

Authorization level = W

Infotype = 0000

Personnel Area = *

Employee Group = *

Employee Subgroup = *

Subtype = *

Organization Key = *

User is having more than this required in two roles.

1 <b>Z_CC-ESS</b>

Authorization level = *

Infotype = 0000

Personnel Area = JTC* ( We have only with JTC*)

Employee Group = *

Employee Subgroup = *

Subtype = *

Organization Key = ESS ( We have two organization keys one is ESS and other one Prof)

in and in another role ( <b>Z_CC-Prof</b> )

Authorization level = *

Infotype = 0000

Personnel Area = JTC*

Employee Group = *

Employee Subgroup = *

Subtype = *

Organization Key = Prof

Both these roles are assisgend to the user and both roles user compare is done in production.

I read in one thread about Buffer over flow. Do any one have any idea about Buffer over flow. Please throw some light on Buffer overflow.

In SU53 Tcode there is one option under menu tab authorisation values that is Reset user buffer. what is this for?

Thanks and Regards,

Visali Malpeati.

Hi

Users will be able to get authorization from First 312 Profiles ( In some verson only 300 Profiles ) assigned to users.

Check the number of profiles that user is having in Production?

If it is Greater then 312 then user will not get the access of that excedding Profiles.

Hi Sushil,

I checked the user's profiles under profile tab of SU01 screen. Records are not even 30. So is there any other thing that is over riding in production for this user.

Thanks and Regards

Visali Malepati.

The answer is in your Su53

The SAP system requests * for Personnel Area and Organisation Key so pls create role with that wide autorisation and retest.

Hi Auke,

We have personnel Areas starting with "JTC" only and we have only two Organisation Key that is ESS and PROF. Both these ascess are given to the user through two seperate roles and mire over with this same set of roles the user is able to do in QA system and development system.And more over another user is able to perform PA40 with this set of roles even in production. But I am facing problem with this User only.

Thanks and Regards

Visali Malepati

I suggest to try to create a role with values star and test to see if it solves the issue. As in SU53 it demands the star value.

Hi Sushil

If we use structural authorizations then how to get missing authorization.

I strongly believe that there is no missing authorization for that user.It is some where some settings i need to do or need to reset user buffer in SU53 transaction code. Before resetting user buffer, I want to do the impact analysis of that as the problem is in production server. I am afraid if any thing happens, user will make noise. If you have any idea please let me know.

Thanks and Regards

Visali Malepati.

Try to execute this report in SE38

RHPROFL0

If this is showing output then your system is confirgured for Str Auth.

Check this tcode also : OOSB

If Str Auth is directly assigned to a user it will be available in OOSB

Str Auth is restricting the user access after getting access from General Profile ( PFCG Roles)

There is one additional thing to bear in mind. Although you use Structural Authorisations roles that have * (STAR) values overrule any Structural Authorisation set up.

So when the SU53 tell you that it wants to see a STAR in a Structural field you simply have to build a role with the STAR in the field or you will get an authorisation error. And that has NOTHING to do with structural authorisations!!

Use this report to Reset the USER Buffer in all client

RSUSR405.

It will reset only User Authorization.