01-28-2009 10:32 AM
Hi All,
I would like to know if a user can be restricted to view spool created by his/her own jobs by including S_ADMI_FCD, in auth profile. Can some one help me with this, i got an requirement where i need to restrict the user to view her own spool in SM37, but currently S_ADMI_FCD is disabled and she is getting an error,
"No authorisation to select from spool request"
Your answers are much appreciated.
Regards,
Sandhya
01-28-2009 11:16 AM
<b>Note: Spool requests are created under the username defined in background job step and can be different from the user scheduling the job.</b>
With that in mind, I can think of two cases:
(a) Assuming the username defined in background job step is equal to the user scheduling the job, and you want the scheduling user to be able to view the spool for his/her own background jobs; then the user should have authorizations for auth. obj. 'S_ADMI_FCD' with |S_ADMI_FCD=ST0R|.
(b) Assuming the username defined in background job step is different from the user scheduling the job but you want the scheduling user to be able to view the spool anyways; then the user should have authorizations described in (a) + auth. obj. 'S_SPO_ACT' with |SPOACTION=BASE, DISP; SPOAUTH=<USERNAME>|, where <USERNAME> is the username defined in background job step.
There are other possible SPOACTION values that you might want to assign. See the object documentation for these.
01-28-2009 11:16 AM
<b>Note: Spool requests are created under the username defined in background job step and can be different from the user scheduling the job.</b>
With that in mind, I can think of two cases:
(a) Assuming the username defined in background job step is equal to the user scheduling the job, and you want the scheduling user to be able to view the spool for his/her own background jobs; then the user should have authorizations for auth. obj. 'S_ADMI_FCD' with |S_ADMI_FCD=ST0R|.
(b) Assuming the username defined in background job step is different from the user scheduling the job but you want the scheduling user to be able to view the spool anyways; then the user should have authorizations described in (a) + auth. obj. 'S_SPO_ACT' with |SPOACTION=BASE, DISP; SPOAUTH=<USERNAME>|, where <USERNAME> is the username defined in background job step.
There are other possible SPOACTION values that you might want to assign. See the object documentation for these.
01-29-2009 5:34 AM
my answer is not of your question but, what i am thinking why you want to go with SM37/own spool view, you can do it via SMX, user can see only their own job and spool request.
Regards,
Subhash
01-29-2009 6:18 AM
Depends on your release.
On R/3 Enterprise Core, SMX is very limited in functionality; on Netweaver '04, it is much better and would indeed be a better and simpler solution then the one I suggested.