01-20-2009 8:22 AM
Hi,
Can anyone tell me what is the procedure to restrict the Person Responsible in Project Builder ( CJ20N ) from seeing the other project definitions. I'm new to SAP Security and would really appreciate if someone can guide me through the process of enforcing security control in this regard.
Thanks
01-20-2009 8:37 AM
Hi Adeel,
The following authorization objects need to be manually inserted in the users role and maintained:
C_PROJ_KOK PS: Controlling Area for Project Definition
C_PROJ_PRC PS: Profit center for project definition
Thereby you can control the authorization of the user based on the controlling area and profit center that has been assigned to the project definition.
Both these objects have an action field which can be used to control the level if activity like create, change , display etc and the org element field (Profit center or controlling area) depending on the object.
Regards,
Subbu
01-21-2009 8:18 AM
01-20-2009 8:52 AM
>
> I'm new to SAP Security and would really appreciate if someone can guide me through the process of enforcing security control in this regard.
>
Sooner or later someone is bound to mention this, so it might as well be me.
SAP authorization security is not that difficult, but it is easy to make a big mess of it if you don't have the fundamentals and intended way of going about it well understood.
I would recommend investing in some training first, or spend some time reading up about the important concepts on your own, before making changes.
Please take this in a positive way!
Cheers,
Julius
01-20-2009 10:10 AM
Hi,
Thanks.. can you please tell me any references .. links... for starting with security readings.
01-20-2009 12:43 PM
You can start by searching for the terms you have used, but learning to use the system itself is a better option in my opinion to get you going.
Choose your country => http://www.sap.com/services/education/index.epx
Or search for the "Authorizations made easy" book, for example.
Cheers,
Julius
02-12-2009 7:17 AM