This is in continuataion to the previous question.
a user is assigned with tcode SA38.how to restrict him to
execute only a few reports,say rsusr003.If you're going to
modify the role(having sa38) assigned to the user,that will
affect other users also because that role might be assigned
to multiple users.I don' want that to happen.so what is the
solution?
Answers were Sorted based on User's Feedback
Answer / shanu
In that case you need to create and assign authorization
group to report rsusr003. you can also create tcode for
this report and assign it to user in separate role.In the
new role maintain the object S_PROGRAM with specific auth
group.
No need to remove the SA38 from role.
Just make sure the SA38 role should restricted the access
got object S_PROGRAM. It should not be '*'.
Program Check (Object – S_PROGRAM, Values – Execution and
the authorization group).
Is This Answer Correct ? | 5 Yes | 0 No |
Answer / naveen kumar
The question is bit logic, you have to create a new role
with tcode SE38 and in authorization object S_DEVELOP the
activities DEVCLASS '*'
OBTYPE '*'
OBNAME ' RSUSR003'
p_group '*'
activity '03'
Is This Answer Correct ? | 5 Yes | 1 No |
Answer / ratnadeepika
Hey guys , One more solution is there .
Go to SE93 ...create a new tcode for eg : ZSA38 .
with the option Transaction with parameters option ...
In the main screen Tcode field give SA38 as tcode ...and u
will find 'DEFAULT VALUES" ...Add the entry
Name of the screen field : RS38M-PROGRAMM
Value : RSUSr003 save . If u want u can add some more
values .
Give this Tcode access to the user u want to restrict .
Try it and let me know if u are facing any problems . Mail
me for screenshots .
Is This Answer Correct ? | 0 Yes | 0 No |
Hi,
In that case you need to create a new role for such users.
Remove the SA38 role.
Create a new role with the required reports and assign the
role to the user.
Thus user will loose access to SA38 and get direct access
to required reports eg rsusr003.
Regards,
Subal
Is This Answer Correct ? | 0 Yes | 1 No |
Hi This is Prakash . Can any one tell me what is the use of SU24 and SU25 transaction code exactly
The system raised a message that authorizations are missing but you have SAP-ALL. What would you do?
What is the differrence b/w Copy Roles and Derived Roles ?
Using which table transaction code text can be displayed?
Hello!!! We are asked to generate a report/collect data on users concurrently accessed to the system and what operations they performed with their concurrent access. Apart from they want info on the duration of thier concurrent/normal session (date, time etc). Can anyone help us to know any particular transactions (as of our knowledge STAT & STAD can render certain segment of data), reports available with SAP to collect the above requested info.
why we are using the landscape in sap r/3 ?
In 4.7 EE, we have an option as User -> Settings -> Automatic Comparison at Save. Is it right if i say that this option checked will automatically prompt for User cpompare when we simply save the data after entering the users to the role? But whether the option is checked or not i did not get any prompt for User compare on saving the data after entering Users info in the role. My another doubt is whats the difference between User and Complete Compare options. If i dont do complete Compare, wiill that effect? Is it right if i say that User compare assigns the users to the role and Complete Compare updates the user master recoirds , i.e., User master record comparison is current.
Please let me know if there any vacancies for 3 years of Experienced level in SAP Security
What are su25 t-codes used for?
What are su10 t-codes used for?
I want a list of users along with roles for a client ? hou to do it?
Can wildcards be used in authorizations?