on 01-15-2016 2:32 PM
Hi everybody,
there is a process type for example ZZ10 and i want to that only one user can create, change, display and delete this process type, other users can onyle display this process type.
i created pfcg role 'Z-SAP_CRM_UIU_SLS_PROFESSIONAL' and actived the object like in below
And then i generated that object and assign to the user. But the user can still create and change ZZ10 process type.
what should i do?
Hi,
The logic is that the logon user is authorized if any auth object from any profile assigned to this user allows the action.
I do not think anyone will have an answer as we cannot see your system.
there might be 2 solutions.
1, understand the online contect given by Dinesh, go through all this user's profiles and find out which auth obj allows it. Tcode SU22 to get overview of all auth this user have.
2, debug crm_order_check_authority_gen.
3, turn on auth trace in tcode st01 and create a new document, then analyze the trace.
Hope it helps.
Spencer
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Utku,
Please read the below link's material. You will get the basic understanding of PFCG:
SAP CRM Authorizations: Process flow of the Authorization Check in Business Transactions
All the best.
Best regards,
Dinesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
7 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.