Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> ERP CRM >> SAP >> SAP Security
  2. Suggest New Category

we have one parent role and we derived five roles from that
and i assigned these derived roles to five users now i want
to restrict 2 users for couple of T-codes and rest of the
users work with those T-codes , How we can solve the problem

Question Posted / sumeithmn

Answer Posted / sumeithmn

We can change the Authorizations of those 2 specific derived roles by removing the desired tcodes and generate. But this actually defies the derived - template roles concept.

Also, whenever the template role is modified for some reason i future, and if the change is inherited via the template role, then the 2 specific derived roles will lose all the changes made to them (as above) and will get the same auths as the template role again.
The only solution in this case is to not derive all roles from the template role after template roles modification, but to derived individually each of those 3 derived roles, and make the changes exclusively to those 2 derived roles. This is possible but proposes a very weak and unnecessary overhead task for Security administrator.

Is This Answer Correct ?    0 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What authorization are required to create and maintain user master records?

1160

In Agr_1251 we are able to see 100 roles but in SUIM we are able to see 120 roles what's the reason behind this ? why is the difference between the SUIM and the AGR table ?

1078

what is the different b/w su10 and su12

2995

HI FRIENDS..... CAN ANY ONE GIVE BRIEF EXPLAIN ABOUT PAM & QUICK SIZER

2094

How can sap security be improved?

1131

Give an example of SOD with object level control & also decide the Risk implication from the Technical standpoint.

4728

What are su22 t-codes used for?

1147

how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS

2165

Tell me about derived role?

1087

By which parameter number of entries are controlled in the user buffer?

1412

Explain transport system-level security?

1176

Can wildcards be used in authorizations?

1210

how we Custom Authorization Objects and Custom Transaction maintenance and how we do User classification, Running systems measurement reports during license auditing through USMM and SLAW

2353

Can you explain snc in sap security?

1177

What does user compare do?

1213