cancel
Showing results for 
Search instead for 
Did you mean: 

Limit to UIU authorization

Former Member
0 Kudos

Hello Experts,

I faced a issue recently where I am not able to include any more UIU_comp authorizations. The error that pop up is "All authorizations beyond the maximum number are ignored" . Is there a way where we can increase the limit of authorization objects in a given PFCG?


Thanks!

Neha

Accepted Solutions (1)

Accepted Solutions (1)

former_member196467
Active Contributor
0 Kudos

Hi Neha,

This problem usually happens due to bad role design. The error message
description is most likely the following:

"...
Message no. 5@026

Diagnosis
The maximum number of 100 authorizations per object was exceeded.

System Response
All authorizations beyond the maximum number are ignored.

Procedure
Additional authorizations can only be included if you first delete a
corresponding number of existing authorizations. Note that deleting
authorizations with the status "Standard" or "Maintained" can lead to
the inclusion of new default authorizations at the next merging of the
authorization data. Avoid the maintenance associated with this by
removing only changed or manual authorizations.
..."

Probably you have a role that has among other authorization objects,
more than 100 occurrances for authorization object UIU_COMP. This is
more than the recommended, as the system limit of 100. You can confirm
that by selecting the role in question and reviewing this object in
table AGR_1251.

So, in order to overcome the problem, all you have to do is to
approach your Security expert and ask for a redesign on this role. It
will be most likely needed to split your authorization data in more
than one role, to avoid trespassing the expected limit.

==================================================

Hoping that above is helpful.

Best regards - Christophe

Former Member
0 Kudos

Hello Christophe,

Thanks for your reply. The reason for this UIU_COMP exceeding is not duplication of certain component, but the role is master role and has lot of UIU_COMP ( logical links assigned to it)

Nonetheless the last point which you said about spliting the authorization data is already done. I was looking for a solution where in the same PFCG role I can accommodate the authorization object.

Thanks again

Neha Gupta

Answers (0)