Steps:
1. When user receive an authorization error such as the below dialog box, request the user to enter /nSU56 or /nSU53 to display more details on the authorization issue.
0005-auth-001


2. In Su56 or SU53, expend the menu and you will see the object value and transaction type. In this scenario we know user do not have authorization on object “C_PROJ_TCD”, value “0111″ and type “V”.0005-auth-002


3. Try to find out from the user what T-Code he/she is using when the error occurs.


4. Use T-Code SUIM to search for the authorization object. In this scenario we enter the username and authorization object and it will display the role.
0005-auth-003


5. Below is the results. Now we have to find the correct role which we need to give authorization too. If you are not sure which role to edit, consult with the consultant.
0005-auth-004


6. Once we determine which role to edit, open T-code PFCG to edit the role.


7. Enter the role name.


8. Make sure you click the "pencil icon". Click on Authorization tab and click “display authorization data”


9. Expend the menu and locate the object or use the “FIND” button to search for object “C_PROJ_TCD”
0005-auth-005



10. Now click on the pencil icon to edit object C_PROJ_TCD



11. In this case, we select “0111 which is Basic WBS dates”
0005-auth-006



12. Save


13. Click on generate profile button> then click back.
0005-auth-0056


14. Now perform user comparison
0005-auth-007


15. Ask user to re-login and try the transaction again.


Addtional Info
You will need to perform transport to a QAS or PRD server. We shall cover this topic later.