Skip to Content
avatar image
Former Member

User Group org unit

Hi guys,

I have an issue with user group (S_USER_GRP) when I create role in my dev system with SU01 or any other security T-codes that brings authorization object S_USER_GRP but some reason it doesn't show up as an org unit in my organization list inside the role. However, it is working fine in QA environment.  I'm not sure what causes this issue in Dev.

I thought someone delete the org field (CLASS) from the configuration but I can' find any place in SPRO where this field has been configured because it is standard org unit, it is not like company code or plant.

My manager runs create org program  to create org fields as a new org level field as an org unit but this one is already there by standard because you assign different user groups to maintain user master record.

Please direct me to the right direction to look for any resolution for this issue. I also checked my Basis team to find out if there is any difference in SPs between DEV and QA but it is same.   I think something delete or changed in the system that's the reason the User group doesn't show up as an  org level. Since this is standard org unit, I can't create this one again through the org field program.

Any help will be appreciated. Thanks in advance

Regards,

Faisal

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Oct 17, 2015 at 04:55 AM

    hi mukhtar,

    Please Check table USVAR regarding  org level.



    Regards,

    Ankit Patel

    Add comment
    10|10000 characters needed characters exceeded

  • Oct 17, 2015 at 05:04 AM

    USGRP is not an org value by default.

    It sounds like someone ran PFCG_ORG_FIELD_CREATE (or PROMOTE) via SE38 directly in QA system

    Your options are to either promote it in DEV and then fix the roles and transport or to run the deletion version in QA to reset it back to an standard auth field and then transport your roles from DEV

    Search for the program and you'll find heaps of information

    Regards

    Colleen

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Feel free to also open a customer message with SAP and ask whether there could be some "switchable framework" instead of coding modifications which protect SAP fields from demotion.

      I tried but was not successful.

      Cheers,

      Julius

  • avatar image
    Former Member
    Oct 21, 2015 at 06:50 PM

    Hi Faisal,

    It sounds like someone created the the ORG field in QA but not DEV or the PFCG ORG CREATE change got overwritten or as Julius pointed out GRC Add-On software is the culprit. 

    Depending on your prefered resolution - Either,

    1. Run PFCG_ORGFIELD_DELETE in QA on field CLASS

    2. Run PFCG_ORGFIELD_CREATE in DEV on field CLASS

    Both environments run PFCG_ORGFIELD_ROLES to synch.

    Thanks,

    Patrick

    Add comment
    10|10000 characters needed characters exceeded