Explanation
This is one of the ways that the security administrator can resolve the issue and still provide the user with the needed access to MM50. Transaction SE97 is a tool that allows you to maintain check indicators for called transactions, which determine whether an authority check for object S_TCODE is performed when a transaction calls another transaction. By setting the check indicator to NO for MM01 when it is called by MM50, the user can run MM50 without being authorized for MM01. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_

Explanation
This is one of the things that a user can access with authorization object S_SPO_ACT when the 'Value for Authorization Check' field is set to "USER" and they are authorized to run SP01 transaction. S_SPO_ACT is an authorization object that controls access to spool requests based on various criteria, such as spool request number, output device, or user name. SP01 is a transaction that allows you to display and manage spool requests, which are requests for printing or outputting data from SAP systems. If the 'Value for Authorization Check' field is set to "USER" in S_SPO_ACT authorization object, the user can access all spool requests for their own user name in the client where they are logged on. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?

Explanation
These are some of the characteristics of HTTP security session management in SAP systems. HTTP security session management creates security sessions at logon that store information about the user's identity and authorizations in a session context on the server side. The security sessions start with a short user-based expiration time that can be extended by user activity or terminated by logoff or timeout. The security sessions refer to the session context through a session identifier that is passed between the client and the server using cookies or URL parameters. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_

Explanation
This could be the issue that causes the end user to get an authorization error when attempting to call a Transaction Code (TCD) that exists in their User Menu. SE93 is a transaction that allows you to create and maintain transaction codes and their properties. One of the properties is the authorization check, which determines whether additional authorization objects are checked when a transaction code is executed. If the authorization check for a transaction code is set to Yes, the user needs to have the corresponding authorization objects in their role or profile, otherwise they will get an error message. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?n

Explanation
This is one of the options that you would recommend to accomplish such a request of having an RFC user with a password expiration of 180 days instead of 60 days based on your company guidelines. SECPOL is a transaction that allows you to create and maintain security policies for password settings, such as minimum length, expiration time, or lockout threshold. You can assign different security policies to different users or user groups based on their roles or requirements. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?