10-24-2007 12:05 AM
Hi All!
re: SAP Authorizations: ST01 - return code 12 (RC=12)
When using ST01 to trace SAP authorizations and you come accross a return code 12 (RC=12), how do change the authorization object to check?
Thanks for your help.
02-12-2013 2:33 AM
Hi - some standard ST01 info I follow
Main RC codes
RC =0 Successful (user is authorised)
RC =4 Failed - user does not have authorisastions but does have the authorisation object in their buffer (different authorisation combination though)
RC = 12 Failed - user does not have the authorisation AND does not have not have the authorisation object in their buffer
With RC =0 it can be due to:
1. The user has access via authorisations
2. SU25 has switched the object off system wide
3. SU24 has switched the object off for the transaction
As a note with RC=12 - I find these fails can identify a misleading authorisation check. That is, the user is not meant to have access. Take care on RC=12, especially for object S_ALV_LAYO, S_DEVELOP, S_CTS_AMDI, S_USER_GRP and when investigating a typical end user.
IF the missing authorisation (RC=12) is required, you will need to fix the PFCG role and generate the authorisations so the user receives it. If the user has the access you will need to check user buffer or role generation/corruption issues.
10-24-2007 12:59 AM
Hi,
My understanding of RC=12 is that not only did the authority-check not find an authorization, it did not even find the object in a fast check to be able to make an authorization check for it.
Cheers,
Julius
10-24-2007 1:20 AM
Sorry, I think I got that wrong (not logged on) and am not sure anymore...
Do you mean the authority-check found the object in the fast check, but no corresponding authorization for it? And you want to change the object?
Can you clarify?
Cheers,
Julius
10-24-2007 2:11 PM
Hi,
Check the following KB article:
[Removed by moderator.]
Rgds,
Raghu
[Removed by moderator.]
Please put your website and other contact details in your SDN Business Card, and not post it in all your SDN threads.
Posting links to a solution, it is of course preferred that you write a blog or make a wiki contribution here within SDN. Specifically, the link you provided does not answer the question about RC=12.
10-24-2007 2:22 PM
Raghu,
There is no information about the question in the link you have provided. Looks like you guys are trying to promote this website and i dont think this is the right place to do advertising. Please use your business card for those things.
Thanks
Prince Jose
02-11-2013 2:55 PM
The first reply was correct, RC 12 means you doesn't have the concerned authorization object. You should have a look on PFCG.
02-12-2013 2:33 AM
Hi - some standard ST01 info I follow
Main RC codes
RC =0 Successful (user is authorised)
RC =4 Failed - user does not have authorisastions but does have the authorisation object in their buffer (different authorisation combination though)
RC = 12 Failed - user does not have the authorisation AND does not have not have the authorisation object in their buffer
With RC =0 it can be due to:
1. The user has access via authorisations
2. SU25 has switched the object off system wide
3. SU24 has switched the object off for the transaction
As a note with RC=12 - I find these fails can identify a misleading authorisation check. That is, the user is not meant to have access. Take care on RC=12, especially for object S_ALV_LAYO, S_DEVELOP, S_CTS_AMDI, S_USER_GRP and when investigating a typical end user.
IF the missing authorisation (RC=12) is required, you will need to fix the PFCG role and generate the authorisations so the user receives it. If the user has the access you will need to check user buffer or role generation/corruption issues.