We've created a ABAP Z transaction without security that runs a BDC session & a direct DB update (I know that's...
bad). The problem is that the tcode can only be run using SAPALL. Any other ID causes it not to work. We're on 4.5b. Our Basis guy is very green, what can help him determine what the tcode is bouncing off of when executed by a regular user ID other than SAPALL?
I think you can troubleshoot this problem in several ways.
1. You could perform a system trace (ST01).
2. You can assign this new transaction to a user that does not have SAP_ALL and then have him/her run SU53 as soon as the system displays an authorization problem running the Z-transaction. The screen SU53 returns should help you determine the auth. objects that are being denied.
3. Create a new activity group and assign just the Z-transaction to it. Then, go into the Authorizations and Change Authorization Data to find out what authorization objects are related to the transaction. Once you find this out, your Basis admin will be able to add them to a specific activity group.
4. You could also perform auditing. But, this needs to be performed and it degrades performance.
Dig Deeper on SAP Basis
Related Q&A from Giovanni Davila
Learn how to transfer a client from one server to another in this administration tip from Basis guru Giovanni Davila. Continue Reading
Learn fundamentals of transport management and STMS from Basis guru Giovanni Davila in this expert tip. Continue Reading
Giovanni Davila, Basis expert, provides advice on how to copy all SAP users from one system to another in this tip. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.