Authorization issue in solution manager for Charm and BPmon
Issues with the Trusted RFCs in CHARM
Trusted RFCs should be created with current user id and not any other user id because when you will log on from charm to do any modification after creating the transport request in web ui of charm it will not allow you to own the request(owner is changed).
All developers should have access to S_RFC and S_RFCACL objects.
This can be the main reason you won’t be able to schedule the transport release tasks in SCMA as it will initiate the call to TMSSUP* RFC.
Transport of copies are not getting created
While creation of transport copies, TMW rfc will be used and hence SMTMSMP user should have access to execute the function module TMW* in managed system, the main authorization object for this is S_RFC.
Bpmon security authorization issues
Sometimes monitoring object greyed out and alert cannot be viewed in WorkCentre also.
Solman read user in the rfc does not have proper authorization in managed system setup.
Required authorizations are profiles S_CSMREG and S_CUS_CMP
Also S_TABU_DIS authorization is required with field value as SS for DICBERCLS
File monitoring issues
Also for the file monitoring in BPMON, it is very much required for the user in managed system setup assigned in READ rfc from the solution manager to have the authorization object with S_CTS_ADMI with the value of TABL and EPS1.
Note:- The important role SAP_SM_BPOANA_ALL should be checked for all the users and should be configured as per the analytics guide.
Job monitoring issues
Error occurred in the job monitoring objects: This is the error occurred if the job documentation is not created and further not assigned to the job monitoring object. The authorization object required for this is SM_JOBDEF or SM_JSM_DOC. These objects are delivered through SAP_SM_SCHEDULER_BPO role. You need to see and activate the object SM_JOBDEF (in case old authorizations are active you need to adjust it accordingly). Further for configuring the business process monitoring the specified roles should present with user BPO_ADM_<SID>. Similarly for technical monitoring the corresponding user is SMC_JMON_<SID>.