Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security for report group 6OBU (transaction S_ALR_87013019)

Former Member

‎11-12-2010 12:37 PM

0 Kudos

I have a situation where a user with access to the transaction S_ALR_87013019, does not return any data during execution. Another user with much lesser access can return data with the same selection criteria.

A security trace doesn't display any authorization failure. I believe there is a user exit EXIT_SAPFGRWS_001 which can be used to add some extra security for this report group but its not implemented.

Are there any special user specific configurations which control display of data for this report?

6 REPLIES 6

Former Member

‎11-12-2010 2:21 PM

0 Kudos

Hi,

Check for S_TABU_DIS, and S_TABU_LIN for the user who was able to execute the tcode.

If both the users have same access, then the reporting group might had been maintained. If so, add the user under the reporting group for the new user.

Hope this helps!!

Rgds,

Raghu

Former Member

‎11-12-2010 10:01 PM

0 Kudos

Hi Aninda,

I would check the user parameters of both the users and see if they are the same, maybe its one of the default parameters which is causing a problem.

Thanks,

Chinmaya

sdipanjan
Active Contributor

‎11-13-2010 10:18 PM

0 Kudos

Hi,

You know the first question came into my mind after reading your issue is whether you understand the difference between different kind of transactions. Please do not mind and search help.sap for getting more information on these and even before checking the sap notes.

Regards,

Dipanjan

Former Member
In response to sdipanjan

‎11-14-2010 4:40 AM

0 Kudos

Thanks to everyone who took the time to answer.

A missing authorization object from the user should come up in the security trace. Thats not the case here.

Initially, even I was looking for a missing user parameter but even using the same parameters as user doesn't help in returnin data.

Finally, transaction S_ALR_87013019 is a parameter transaction which calls the single report defined for the report group 6OBU (List: Budget/Actual/Commitments) i.e you can run the same program from GR55 with the report group 6OBU . Sorry, if the connection was not apparent.

Regards,

Aninda

Former Member
In response to sdipanjan

‎11-14-2010 5:15 PM

0 Kudos

Hi Aninda,

I agree. Authorization trace might not be appropriate in this situation.

Also, user parameters are only to pass on specific values, such as company code, default layout etc and doesn't restrict the user from viewing a report.

As mentioned in my earlier reply, the issue could be with a user exit where the user ID should be maintained in a table or the restriction is applied at the table level.

The other issue could be with the version of SAP GUI. You may ask the user who has issue with viewing the report to login on a different system to identify if the issue is with the authorizations or the SAP GUI.

Hope this helps!!

Regards,

Raghu

Former Member
In response to sdipanjan

‎11-15-2010 2:18 PM

0 Kudos

Using a different selection criteria for the report allowed me to catch the authorization error through ST01. A bit surprised that selection parameters for the same report can result in a completely different security trace.

Thanks to everyone and sorry for my error!