Skip to Content

BAPI_GOODSMVT_CREATE Goods Issue auth object V_VBAK_AAT

Hi all,

I wrote some code recently using BAPI_GOODSMVT_CREATE to do some automatic Goods Issues to sales order line items movement type 231. Some users are running into runtime errors of 'MESSAGE_TYPE_X' with the error analysis stating the following:

Yes, it seems pretty obvious that they are missing likely change authorization for sales orders of type ZOR, but what has me confused is that they run into no authorization issues when doing the same goods issue from mb1a and (they claim) MIGO. Can anyone help me explain why this additional security is necessary for the BAPI?

Thanks much,

-Chris

z0yni.png (18.3 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    May 16, 2017 at 06:41 AM

    Call transaction SU24 'Auth. Obj. Check Under Transactions' and input transaction/MB1A, then look at authorization-object V_BAK_AAT row, Column 'Check Ind' should display 'Do not Check' value. For MIGO it should show 'Check'.

    (Some reference can be found in online documentation like Level 5: Document: Editing Authorization Default Data (Customer System)Editing Authorization Default Data (Customer System) in ABAP Authorization Concept)

    Add comment
    10|10000 characters needed characters exceeded

    • Thanks, this is the closest to what I was looking for. I'm aware they have different authorizations between them but was trying to understand the why behind it. I'm guessing MB1A and MIGO/BAPI_GOODSMVT_CREATE are set to check v_vbak_att by default and users have been getting around it for the goods issues using MB1A as that has always worked for them.

  • avatar image
    Former Member
    May 12, 2017 at 07:15 PM

    Take authorization ST01 trace when you run from BAPI and when you run from MIGO; compare it you will get the answer.

    Thanks

    Anand

    Add comment
    10|10000 characters needed characters exceeded

  • May 12, 2017 at 11:54 AM

    Hello,

    you are talking about 2 different types of authority-checks and here checks are performed by the BAPI itself.

    Check S_DEVELOP authorization object.

    thank you.

    Add comment
    10|10000 characters needed characters exceeded

    • I appreciate the input, but I'm not sure I follow. S_DEVELOP is for developer/debug access. I can't imagine anyone needing that to be able to complete a Goods Issue via BAPI or MB1A/MIGO.