one tcode,say sa38, is assigned to 10 diffrent users
through a same role.I want to restrict one of those 10
users to execute only a few reports in sa38 but not all
reports.what are the possible ways of getting it done?
Answers were Sorted based on User's Feedback
Answer / jeevansukka
if we make changes to the exisiting role, then access will
be changed to the rest of the users also,hence as per my
knowledge, the best way is to maintain a seperate role to
restrict the access and provide it the user, who has to be
|Is This Answer Correct ?||30 Yes||2 No|
Answer / vikas srivastava
Report can be secure by authorization object S_PROGRAM
S_PROGRAM has two field P_Action and P_Group
P_Action cab have these values:
SUBMIT: Start the program
BTCSUBMIT: Schedule the program to run as a background job
VARIANT: Maintain variants.
P_Group requires authorization group which is attached to
report by this way we can restrict a report to access.
|Is This Answer Correct ?||3 Yes||0 No|
Answer / rax
Generally all roles (containing t-codes) are planned and
created depending on an individuals position (ex- sales mgr)
during implementation. So, the above situation never arises.
According to me this question is just to know the
For this particular scenario the answer would be ....
The end user to access reports or programs he needs to have
access to authorization object S_PROGRAM. So,we first
manually add this authorization object to his existing role.
This object has an authorization field called AUTHORIZATION
GROUP in which we can maintain all programs or reports he
has to be given access to....
|Is This Answer Correct ?||3 Yes||4 No|
I create one BRF+ rule and captured in TR while releasing TR , I am getting error , WHy?
Can we delete a Role and transport it?Explain How?
Hi, I want to import my Transport request from DEV. to Test system (from STMS buffer of DEV.(domain only) but I don’t want Login/PWD screen while importing from DEV to Test System. But I need login/pwd screen while importing TR from Test to PRD system. Presently I have activated all systems as a non trusted systems. If any one has idea please let me know. Thanks in advance! Regards, Raj Chavan.
Give one example of master data that is shared between AC, PC and RM? (grc 10)
Which transaction code is used to manage lack entries?
what is the difference between usobt_c and usobx_c?
different b/w Direct assigment and indirect role in bi security whn will go direct assignment
where do you find the manually added tcodes in role tables.
when performing client copies what steps you need to take from CUA point of view?
In which scenario we use SUPC
Hi , Currently i am working in an MNC company as an SAP Security tier1 member , we will take care of User Administration , Profile/authorization administration activities .Could any one tell me , is i am eligible to apply for an SAP Security job for 2 years experience . Could any one tell me about SOD , SOX Audit and Virsa tool , i have never worked before . Prakash
Which of below authorization object that protect transaction code execution? A. S_TCODE B. P_TCODE C. Q_TCODE D. X_TCODE