This is in continuataion to the previous question.
a user is assigned with tcode SA38.how to restrict him to
execute only a few reports,say rsusr003.If you're going to
modify the role(having sa38) assigned to the user,that will
affect other users also because that role might be assigned
to multiple users.I don' want that to happen.so what is the
solution?
Answer Posted / shanu
In that case you need to create and assign authorization
group to report rsusr003. you can also create tcode for
this report and assign it to user in separate role.In the
new role maintain the object S_PROGRAM with specific auth
group.
No need to remove the SA38 from role.
Just make sure the SA38 role should restricted the access
got object S_PROGRAM. It should not be '*'.
Program Check (Object – S_PROGRAM, Values – Execution and
the authorization group).
Is This Answer Correct ? | 5 Yes | 0 No |
Post New Answer View All Answers
How do I change the name of master / parent role keeping the name of derived/child role same? I would like to keep the name of derived /child role same and also the profile associated with the child roles.
How to create users?
List the various user types.
Which t-code can be used to delete old security audit logs?
Explain internet-level security?
What is the maximum number of profiles in a role and maximum number of object in a role?
Is it possible to have more than one st of org-level values in one role? Explain your answer.
Can wildcards be used in authorizations?
What does the item category specify in a purchasing requisition in SAP Materials Management?
What is the difference between usobx_c and usobt_c?
how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS
What are su22 t-codes used for?
Attributes in SE01?
Explain transport system-level security?
What is the use of su56?