Re: SU25 UPG ENHP : how to find modified roles?
Hi Colleen,thank you very much for your appreciated collaboration. We are not using a sandpit client on DEV but a Sandbox system (which is a copy of DEV) on which we have upgraded the ENHPs. This...
View ArticleRe: LDAP Connection problem
Hello Shripad, the error LDAPRC091 is being reported by the LDAP client library here to SAP (this is not an error in the SAP application rather the LDAP directory). Therefore check...
View ArticleRe: HR-Security: Restriction at PSA/Orgkey(VDSK1) wise
Hi Ramesh, If your requirement is to have authorizations based on the PSA (assuming Personnel Sub Area) then I believe using the org key is indeed the best approach. As far as your math is concerned...
View ArticleLDAP synchronization: Users only exist in database
Hi, we are running LDAP synchronization periodically In program RSLDAPSYNC_USER, box "objects that only exists in the database", we choose the option "Ignore objects". We'll probably change it to "lock...
View ArticleRe: Difference between * and ALL in P_ORGINCON for PROFL field
Hi Sheenam, There are several possible explanations for this behaviour. The most likely explanation would be that you're not using the standard (SAP example code) implementation for HRBAS00_GET_PROFL....
View ArticleRe: HR-Security: Restriction at PSA/Orgkey(VDSK1) wise
Hi Brent, Am very thankful to you for putting effort/analysis to solve my issue.Yes, you are correct but in my case the requirement will change according to my core team, that's the reason am in...
View ArticleRe: Variant SAP&_ACTVGRP of program RSUSR002 is not the current version
Hello Husin, In order to correct the system variant you can use report RSVARDOC_610. For that please enter report RSUSR002 and variant SAP&_ACTVGRP on the selection screen. Please do that in client...
View ArticleRe: CALL C FUNCTION NO AUTHORITY
Hello! Try add the authorization object 'S_C_FUNCT' with follow options: PROGRAM = * (that is, for calling from all programs)ACTVT = 16 (call authorization)CFUNCNAME = * (authorization for all...
View ArticleRe: Authorization missing
Hello! Try add the authorization object 'S_C_FUNCT' with follow options: PROGRAM = * (that is, for calling from all programs)ACTVT = 16 (call authorization)CFUNCNAME = * (authorization for all...
View ArticleRe: LDAP synchronization: Users only exist in database
Hi, unfortunately, RSLDAPSYNC_USER does not return a list of objects in DB if you choose option Ignore. You can get it with help of debugger. Put a break point on line 570 in report RSLDAPSYNC_USER....
View ArticleRe: Variant SAP&_ACTVGRP of program RSUSR002 is not the current version
Hello Fonseca, Thanks for your sharing.The problem is solved now. Regards,Husin.
View ArticleRe: Mass Role Assignment using SECATT in ECC with EHP6 - Role Name parameter...
Hi Karhik, Did you ever solve this issue? I have found the same issue when using LSMW and SU10. I have found the cause to be a new version of SU10 introduced before ECC6 SAP_BASIS release 731 release...
View ArticleRe: Mass Role Assignment using SECATT in ECC with EHP6 - Role Name parameter...
Hi Jeremy, I hit this issue just recently. SAP re-wrote these transactions. They use component that is not visible in batch input session. Hence you can not add roles to a user. As a workaround for...
View ArticleRestrict user login on multiple terminals
Hi, I am looking for a solution to restrict user from logging-on from multiple terminals. User should allowed to login from any terminal for the first time, and the terminal ID should be recorded. He...
View ArticleUser login logout date/time
Hi, Is there a way I can capture the user login, logout time & date without enabling SM19/SM20 audit logs? Rgds,Raghu
View ArticleRe: User login logout date/time
Hi Raghu i truly don't think so. Why don't want enable sm19 that btw it's good security manner? Let me knowa
View ArticleRe: Restrict user login on multiple terminals
Hi, there is a standard user exit SUSR0001 that gets called after user logs on with SAP gui. You could use it to implement this logic. It only works for sap gui. It does not work on web based apps such...
View ArticleReport availale: granted authority and used authority per user ID?
Hello dear collegaues, May I ask, can you help me please? My quesition is: Is a possibility to make a report per User ID where I can see all the functions the user is allowed to use,and the effective...
View ArticleRe: Report availale: granted authority and used authority per user ID?
At a transaction, RFC, WebService or WebDynpro level you can compare the authorized functions to the ones in their menus and then compare them to the statistics database. That produces nice colourful...
View ArticleRe: User login logout date/time
Hi Andrea, The reason why I don't want to rely on SM19 is that the logs will consume more space. My client has around 50,000 users and is not willing to use SM19 audit logs. Appreciate any other views....
View Article