How to check the missing authorisation for the user not having the option "/nsu53 ?"
You can use the following procedures to determine which authorizations a user requires to carry out a transaction:
You can use Trace function, ST01, you can trace the user activity and from the log you can see the authorization missing.
Start an authorization trace using the ST01 transaction and carry out the transaction with a user who has full authorizations. On the basis of the trace, you can see which authorizations were checked.
This procedure generally works well. However, sometimes the result is very surprising because certain programs can and do ignore some authorization checks by using preliminary checks and buffered results. In such cases, these methods are not very effective. You can recognize these cases because certain fields of the corresponding programs are specified with * or DUMMY at some point of the authorization check.
Analyzing authorization problems in an unknown program
The most frequently used method to analyze authorization problems in an unknown program involves you setting the Debugger breakpoints to the AUTHORITY-CHECK and MESSAGE commands. Then execute the program and analyze its behavior.
Determining all the authorizations a user has for an authorization object
When troubleshooting, it is often helpful to find out all the authorizations a specified user has for a specific authorization object. A simple method of reading these authorizations as raw data from the user master record is to execute the GET_AUTH_VALUES function module in the SUSR function group. Use the SE37 transaction or SE80 in test mode to do so. The result table is not formatted for output, but is very compact and easy to understand for authorization experts.
Analyzing an authorization problem that occurs for only one user
It is often the case that a certain authorization problem occurs for only one specific user. This kind of authorization problem generally affects users with no Debugging authorization. If you want to assign a user Debugging authorization without changing the HR authorizations, you can add the S_A.DEVELOP authorization profile (if available) to the user’s authorization profiles. In production systems, note that changes such as these to authorizations enable users (with relevant knowledge of the development environment) to access any system data easily (especially in other clients).
Tuesday, February 10, 2009
Subscribe to:
Post Comments (Atom)
Archive
-
▼
2009
(74)
-
▼
February
(65)
- What database and operating systems are supported ...
- Cloning an SAP system
- Backups during upgrade
- Refreshing development system without losing syste...
- Methodology for creating indexes
- Determining the amount of data in a client
- Basic Knowledge and System Navigation Question
- SAP Background Job Administration
- background job failed because of authorization
- Background Jobs
- background jobs via background users
- Background Processing VS Batch processing
- Deleting a scheduled Background job
- Schedule Manager
- how you can assign a Background work process as a ...
- How To Delete a Scheduled Job
- Checking your program Background Job Status
- Availability Check on Quotation
- material Determination based on availability check
- Creating Multiple Materials in Material Determination
- Backward and Forward Scheduling
- Authorization Concept
- SAP’s TCODE checks with the authorization tool
- Listing TCODE transactions used to view what users...
- Authorization Check
- SAP BASIS (BC) Authorization Concepts
- Unlocking a blocked admin user ID in an Oracle DB
- How to Check Missing Authorisation for User
- SAP Profile Generator tables
- Query About Tcode PFCG
- How To Compare The Roles
- Creating New User With Authorizations
- Introduction on Authorizations
- Troubleshooting authorization in SAP R/3
- Shortcut to create role with many reports /tcode
- check which authorisation objects are checked with...
- What are the Authorizations Required
- How do I go about creating an authorization group?
- Frequently Asked Questions on Authorization
- What is an Authorisation Object?
- SAP Create authorization object
- SAP Creating an auth group and assigning a table
- SAP creating authorization levels
- SAP Creating Authorization profile
- SAP creating custamizing autharization objects
- SAP Creating new authorization object
- SAP Creating New Organizational Levels
- SAP S_TABU_LIN
- SAP S_TABU_LIN set up as organizational level
- SAP S_TCODE
- SAP S_TCODE check after upgrade to 4.7
- SAP s_tcode display only problem
- SAP S_TCODE is not in change mode
- SAP S_TCODE Lookup
- SAP S_TCODE with * Value
- SAp S_TRANSPRT versus S_CTS_ADMI
- SAP S_USER_ALL
- Auditor role/authorization
- SAP SU53 Authorization Check
- Authorizations
- System Administration: Authorization Concepts
- SAP Authorization Checks
- SAP Authorization Check
- What is authorization
- SAP auth/new_buffering
-
▼
February
(65)
Translation by Google
Subscription Free
Categories
- ABAP WORKFLOW
- Administration Faqs
- AIS - audit management preparation.sim
- AIS Implementation
- ALE
- ALE Scenario in SAP
- Alert Monitor(CCMS) in SAP
- Analyze Authorization
- Archive
- Archiving
- Auditing Information System
- Auth/new_buffering
- Authorization Concepts
- Authorizations Objects
- Availability Check
- Background Job
- Background Processing
- EDI and IDOCS
- Faqs
- Hot Packages
- Troubleshooting
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
No comments:
Post a Comment