Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SPRO present after transaction was removed

Former Member

‎11-01-2007 5:16 PM

0 Kudos

Hi

The transaction SPRO was removed from a role, however a user who has that role is still able to execute the transaction. However, there are no access rights within SPRO. Its strange coz i verified S_TCODE and that does not have SPRO in it. It does not show up when i search thru SUIM. The objects which the transaction SPRO holds are also not present in the role.

Any ideas?

- ravi

10 REPLIES 10

Former Member

‎11-01-2007 5:37 PM

0 Kudos

Did you check S_TCODE to ensure there wasn't a S* or SP*? What about the other roles assigned to the user - have those been checked as well?

Former Member
In response to Former Member

‎11-01-2007 5:38 PM

0 Kudos

S_TCODE does not have it.

Former Member
In response to Former Member

‎11-01-2007 7:42 PM

0 Kudos

Hi Ravi,

How did you check it?

TCD-BIS might have it, or it is included between VON and BIS.

Helpfull would also be your release & SP level.

Cheers,

Julius

Former Member
In response to Former Member

‎11-01-2007 7:52 PM

0 Kudos

Hi

The other roles does not have SPRO in it. The user has logged off and logged back on... So both of that cannot be the cause.

What exactly is TCD-BIS? I dont understand VON and BIS as well.. could you please explain?

- ravi

Former Member
In response to Former Member

‎11-01-2007 8:01 PM

0 Kudos

Hi Ravi,

The values might be ranged for the Tcode.

VON 'FB03' BIS 'ZFB03' would include 'SPRO'.

The affect (at least for TCD) would be as wide the number of threads you have started and not returned to.

Cheers,

Julius

Former Member
In response to Former Member

‎11-01-2007 8:14 PM

0 Kudos

Hi Julius

I checked out S_TCODE and could not find any of that(VON 'FB03' BIS 'ZFB03' )

Do you suggest there is something else I can check out?

- ravi

Former Member
In response to Former Member

‎11-01-2007 8:25 PM

0 Kudos

Hi Ravi,

How did you check it?

How did you check all the other threads you have started?

Which release and SP are you on?

Awaiting your follow-up,

Julius

Former Member

‎11-01-2007 6:44 PM

0 Kudos

Check this specific user what role and profile he/she has, also make sure that this user log off once and then log back on.

Former Member

‎11-02-2007 9:05 AM

0 Kudos

I guess SPRO would be coming from any other T-code...being called from su24..thats why you can't see that in S_Tcode also.

Look into suim for user assignment, if you get SPRO then that is definitely coming from su24..

You will have to manually check all the t-codes for their su24 entries. May be that is coming from some other object..like p_tcode!

fredrik_borlie
Contributor

‎11-02-2007 7:04 PM

0 Kudos

Ravi.

I do not have any system to test in currently , but have you tried to analyze the trace?

Exactly what authorization checks are done? Is really S_TCODE SPRO checked?

Run the ST01 with auth check and let the user go again.

If you see the trace allowing S_TCODE SPRO the user have that authorization somewhere in the buffer. If not, well, then you are on the right track!

Regards Fredrik