Hi Suresh,
Try running a TRACE while user performs this function. This will help you to find the object to be restricted.
Peeyush
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
↧
Dynamic Authrorization Restriction for Administrator group in info typ 0001 HR Security
Hello Experts,
I have to implement a scenario where HR administrators are authorised only to a group of employees, for this I have used extended check authorizations for administrator (P_ORGXX) and the field SBMOD for restriction.
With the above restriction I will have to create roles for each administrator and then change the roles as and when administrators move with in the organization. Can we in any way achieve it with out using BADI
Best Regards
Mohammed
↧
↧
Re: SAP Security note 1826162 (July 2013) cannot be downloaded.
Very useful answered!
Thank you!
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
Not sure where you are trying to go.
The tabstrip "Others" can only be used/posted with certain movement types (like, in your example 201). If you don't want to allow postings for things that don't come with a reference document (like a purchase order or something), just restrict the corresponding movement types.
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
Another idea just occured to me. Why not authorize MIGO_GR, MIGO_GO, but not MIGO_GI or MIGO itself?
↧
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
Thank for your prompt response peeyush ,
actually I switch on the trace but iam not find the any object related to "others " restriction
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
Hi mylene,
I have to block only movement type 201 "others" strip that only the requirement
Iam not getting please explain briefly authorization MIGO_GR, MIGO_GO, but not MIGO_GI or MIGO itself?
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
MIGO is a transaction that works with contexts - which basically means, that you get the whole setup of the table controls and fields and such from the context as it is defined in table TCVIEW. Context GR = goods receipt, GO = in reference to a material document, GI = others. You can call the context from MIGO by switching the menu on tabstrips or you can call the respective context directly via its assigned transaction: MIGO_* (look it up in SE93 or test it).
↧
Re: Creating the Authorization Matrix?
Hi Abhishek,
I am new in sap security, can you please provide case study for requirement gathering and creation of authorization matrix in any module like FI,MM,SD? So it would be understandable.
Thanks,
Kartiki
↧
↧
Display Tcode for F110?
HI,
Is their any Tcode which can work instead of F110.
As we need to add the same to the display role so required tcode which can display all the features of F110.
So please let us know if there is a similar tcode to be used as viewing only to see payment runs and invoices paid
↧
Re: Display Tcode for F110?
↧
BI aggregated authorization (colon)
Hi
We're having a discussion regarding BI Authorization and aggregared levels.
The authorization is on both level "0PLANT" and 0PURCH_ORG" and the discussion is about to put in colon for aggregated authorization.
Is there any risk with this? Could this be equivalent with "star" in som cases on aggregated level? or is it totaly safe to fut this value?
https://help.sap.com/saphelp_nw70ehp1/helpdata/en/46/932b839c8019ade10000000a11466f/frameset.htm
↧
Re: Restricting Tcode using Roles
HI,
Thanks for the reply. For the Current role, I have given access to all Tcode. I just want to restrict STMS_IMPORT. I cannot include all the TCODES in the current role. Please suggest.
Thanks.
↧
↧
Re: Restricting Tcode using Roles
Hi Jalina,
You can try below option.
Thanks,
Shakthi Raj Natarajan
↧
How to maintain trust between Azure/Office 365 and SCI
Hello All,
We can maintain trust between our own domain (corporate network ad) and Office 365 using ADFS .
We can maintain trust between HCP (HANA Cloud ) and our own domain(corporate network–ad ) using ADFS.
I would like to know can we main trust between SAP Cloud Identity Service (SCI) and Azure/Office 365 .
I found some helpful links in msdn from Azure/Office 365 side, since I am new to security in SAP and SCI , Can someone say is this possible with SCI or any other way
https://msdn.microsoft.com/en-us/library/azure/jj679342.aspx
https://msdn.microsoft.com/en-us/library/azure/dn641269.aspx
P.S : Our goals is to maintain trust between C4C to Office 365 and HCP to Office 365
Regards,
Showkath.
↧
Re: Restricting Tcode using Roles
This is a Basis/Security question and should ideally be posted in that SCN space. Security folks are better placed to answer this.
↧
Re: BI aggregated authorization (colon)
HI Jacob,
: is not considered as a star value. In fact ':' is used to pass the authorization check that happens when auth relevant characteristic is present in the Info provider/Multi provider on which the report is built on and we don't want to restrict the report on that characteristic ( Info object) but also did not want to give star value. hence its absolutely safe to use ':' for those info objects.
Thanks,
Kalpana.
↧
↧
Re: BI aggregated authorization (colon)
Hi Jacob,
Please check this note
1140831 - Colon authorization during query execution
Regards,
Sireesha
↧
Re: Restricting Tcode using Roles
Hi Jalina,
I wonder why would you even give access to all T codes in S_TCode, which is quite dangerous. Instead, try giving access to those T codes which is required by the user. And in case the user needs access to some critical transactions, then you may either suggest the user to use FF ID or may be you can give him/her access on temporary basis. I do not see a point in adding '*' in S_Tcode. Also I dont think it is SOX complaint.
Regards,
Mohamed Fazil
↧
Re: Authorization restriction for Goods issue .>> others radio button in migo tcode
Hi Mylene,
can you please give me Briefly step by step procedure .Am not understand procedure
↧
