authorization for process type

Former Member · ‎01-15-2016

Hi everybody,

there is a process type for example ZZ10 and i want to that only one user can create, change, display and delete this process type, other users can onyle display this process type.

i created pfcg role 'Z-SAP_CRM_UIU_SLS_PROFESSIONAL' and actived the object like in below

And then i generated that object and assign to the user. But the user can still create and change ZZ10 process type.

what should i do?

spencer_liang · ‎02-01-2016

Hi,

The logic is that the logon user is authorized if any auth object from any profile assigned to this user allows the action.

I do not think anyone will have an answer as we cannot see your system.

there might be 2 solutions.

1, understand the online contect given by Dinesh, go through all this user's profiles and find out which auth obj allows it. Tcode SU22 to get overview of all auth this user have.

2, debug crm_order_check_authority_gen.

3, turn on auth trace in tcode st01 and create a new document, then analyze the trace.

Hope it helps.

Spencer

Former Member · ‎01-17-2016

Hi Utku,

Please read the below link's material. You will get the basic understanding of PFCG:

SAP CRM Authorizations: Process flow of the Authorization Check in Business Transactions

All the best.

Best regards,

Dinesh

authorization for process type

Accepted Solutions (0)

Answers (2)

Answers (2)

Excel / SAP does not overwrite exciting file name

Re: How to get all logs or list of all events trig...

Re: How to get all logs or list of all events trig...

Re: Kl

Re: Media collection not editable in SmartEdit