Follow the below mentioned steps to identify the root cause:
- Check if there is a user comparison issue. (The role name will be suffixed with Red light, instead of green)
- Check the object S_TCODE existence in the authorization object of that particular profile.
- Check SU56 to know the objects/values available for the user.
If there is an issue with the 1st mentioned point, simply go to Profile Generator and perform a user comparison, which will adjust the user master record. If the issue is with 2nd, you need to regenerate the profile.
Incase, if you find that some of the objects are not loaded properly in SU56, you need to identify the # of profiles assigned and ensure that they are below 312, as you can’t assign more than 312 profiles to a SAP User ID.
If the issue happens even with very few profiles, verify the Number of authorizations in User Buffers value in the Instance profile. The value for Auth/auth_number_in_userbuffer parameter can be increased.
The size of the buffer must always exceed the maximum number of authorizations as authorization checks are made only against those in the buffer.
The default value is 800, but this can be set to a value which is between 1–2000.
Other references: OSS notes 84209 and 75908
No comments:
Post a Comment