Any help ?
↧
Re: SPRO Error
↧
Re: SPRO Error
Hi Aravind,
Could you please ellobrate this issue , Have you tried to give the above missing authorization to the user , could you please confirm the system status as well.
Thanks
↧
↧
Re: SPRO Error
Hello
Run a ST01 Trace and you will see what has authorisation failed.
Regards
Vijay
↧
Re: Function module "/VIRSA/Z_BEFORE_PROF_GEN" not found.
Hi,
remove the entry for that FM in table SSM_CUST(the entire entry). You/somebody seems to have activated the user exit.
b.rgds, Bernhard
↧
Re: How to get the list of deleted users in ROLE (SAP Security) ?
Hi Abdul,
In the same way can you please say how to get back all deleted users for profile
please suggest me Report generation transaction code
↧
↧
Re: SU25 Step 2B not displaying any data
Dear Linda
Sorry for the late reply!!!
As Bernhard said, I executed Step 2A in expert mode and filter the T codes marked as "Manual Comparison Recommended (Step 2b)", those are the T codes which are part of SU25 Step 2B.
Dear Bernhard,
Thanks for the reply!!! All the notes mentioned in 440231 are not relevant for my system and can't be implemented.
Thanks and Regards
Vinit
↧
Security changes doesn't take place in QA
Hello Experts,
I have made a change in Authorization Object Field"Actvt", and I have import the TR to QA. However when I check for the changes in QA, it is not implemented. I tried re-importing successfully, still same issue. please suggest
Regards
Piyush
↧
Is it safe to delete a (allegedly) orphaned entry from table USOBHASH in a Fiori Hub System
Dear all,
we have a Fiori Frontend Server Hub system (it's a DEV System) where we also try some things out. We added a service using /IWFND/MAINT_SERVICE which is pretty straight forward in a Fiori system.
Now I later deleted this service in the same transaction but found out that there's still an entry in Table USOBHASH for this service with the following format (example Data)
| Name | Type | PGMID | OBJECT | OBJ_NAME | SERVICE_TYPE |
|---|---|---|---|---|---|
| AAB455FB69A479A2B06A54988FBCC3 | HT | R3TR | IWSG | Z_<MyServiceName>_0001 |
While this does not affect any process on the system, this entry still shows in PFCG when using the authorization object S_SERVICE.
My questions are:
- Would it be safe to just delete the entry?
- If not what else might I want to check beforehand?
- Would it be wise to open an incident at SAP why that USOBHASH entry wasn't deleted in the first place when I was deleting the service in /IWFND/MAINT_SERVICE or am I just to anal about the orphaned USOBHASH entry
Many thanks and kind regards
Jens
↧
Re: Security changes doesn't take place in QA
Hi,
did you check the import log? For role transports the RC must be 0 (and not 4, like for other transports)....
b.rgds, Bernhard
↧
↧
Re: Security changes doesn't take place in QA
Hi Bernhard,
I got it fixed by re-creating the Transport. However to keep informed, I already tried re-importing successfully. Thanks for taking up this concern.
Regards
Piyush
↧
Re: Authorisations for ABAP Developer
Hello Venugopala, You would need basic t-code like se38, sa38, se80 debugging and authorisation objects like S_Develop, S_program, S_dataset, S_transprt. You can create a dummy role in development system giving them the required t-code and add it as and when required(I mean switching on System trace on it)
↧
ABAP GRC FireFighter concept in Portal
Hi All,
Can we able to create/develop a same FireFighter (ABAP GRC) concept in portal without using NWBC?
Thanks & Regards,
Ashok Sarkar
↧
SU24 Proposal 'NO'
Hello All,
It might be a silly question. But I could find a proper answer for this and an ABAP-er it needs some to find an answer for this. Can someone help me here
In SU24, why we have the Proposal 'NO' details? I understand that they are just values which is not pulled into the authorization while the T-code is added to menu. But, then where are these being used? When it is required? Ex: In SU01, S_ARCHIVE is set as 'NO'. For what functionality of SU01 this authorization object is required?
↧
↧
Re: SNC name for AD sub domain users
Hi Megumi,
We are facing same scenario,
Can you please let me know when you say 're-set SNC name of user specifying the cheracter of Windows logon', what exactly it means ? what needs to be changed ?
Regards,
Kunal Salunkhe
↧
No user exists with SNC name
Hi Experts, We'd like to use SAPGUI SSO with Kerberos. ERP is installed under AD root domain (ROOT.COM) in the forest. Users belong to AD sub domain (SUBDOM.COM) however users UPN root domain (ROOT.COM) in the same forest. ERP is installed under ROOT.COM, service user is kerberos@ROOT.COM. 1. SNC name in user profile (SU01) is p:CN=TESTUSER@ROOT.COM (In CAPS) 2. Kerberos Token in SAP Secure Login client TESTUSER@ROOT.COM (In CAPS) 3. SAP Logon entry for SSO has SNC name, p:CN=SAP/SSO-@ROOT.COM (In CAPS) Then user tries to log on via the entry for SSO, the error message "No user exists with SNC name "p:CN=4933346D58BB455ASDSAFSHGFHSFGWI"" (I do not understand why it does not show any specific value) Kindly advice what setting is missing in our environment? Regards, Kunal Salunkhe
↧
Re: SNC name for AD sub domain users
It means the SNC field is upper/lower case sensitive. The UserID must exactly match the Windows 2000 login name in Active Directory, and the domain name should be in upper case.
↧
Re: No user exists with SNC name
Hi Kunal,
every time you see this kind of "scrambled" SNC name you are dealing with "SNC Client Encryption" on the client side.
This is SAP's free of charge client library to enable SNC based encryption without supporting SSO. To support SSO you need "Secure Login Client" out of the "SAP SSO" license package or some different SSO tool from third party vendors.
So the scrambled SNC name is the way SAP disables SSO with their free-of-charge solution.
Regards,
Lutz
↧
↧
Re: Error in ECATT command TCD PFCG
Hi, Is the problem re-solved. If yes, please let us know the solution as well.
↧
Re: SPRO Error
Thanks for all your responses.
when the user try to execute the tcode SPRO, he is getting the error message " you are not authorized".
We did a testing by adding the missing authorizations. it worked. But why this was calling even no where this authority-Check was defined in the program and in other system, SPRO is working fine with out adding those missing authorizations.
The solution I observed was, there are different patch levels in both systems and in latest patches, program performing additional checks at S_RFC object.
↧
Re: SU24 Proposal 'NO'
Please see also:
http://help.sap.com/saphelp_nw74/helpdata/en/9c/6a76e9725b4b12a11064bd0d083b00/frameset.htm
Bernhard
↧