cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict Important T- Codes

Go to solution
Former Member

on ‎03-17-2009 9:50 AM

0 Kudos

Hi,

I want to know, many users are having access to the important T-Codes : SU01, PFCG , etc.. which only authorization teams should have, but in earlier days roles was built like that, now if i make some role chagnes then it will mess up. Because many roles providing access to these T-codes.

So what iam asking could you tell me is there any other to restrict these particular transactions to some set of users? It should not reflect any impact on roles.

What is SHD0 transaction and what does it do ? Is there any way to fix this with the helpw of SHD0 transaction?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎03-17-2009 10:15 AM
0 Kudos

Hai,

You can remove the Tcodes from the Tcode list through PFCG and regenerate the profile for that role.

If you have one single role containing these tcodes then it is just a matter of seconds.

Check the below link.....

http://sap.ittoolbox.com/groups/technical-functional/sap-log-pp/shd0-tcode-1411069?cv=expanded

Regards,

Yoganand.V

Show replies
Show replies

Answers (3)

Answers (3)

Former Member
‎03-23-2009 7:31 AM
0 Kudos

HI

To check for users assigned with a particular role, transaction SUIM is your answer. Here you can find a list of all the users who have been assigned a particular role.

Secondly, it is not possible to restrict users for executing any Tcodes without modifications in their assigned roles.What you can possibly do is copy roles, make modifications and assign these new roles with restricted access to the users.

Lastly, the transaction SHD0, is the SAP Transaction Code for Transaction and Screen Variants

Program/Report used to generate this transaction is SAPMSHD0.

I hope this helps you

Regards

Chen

Show replies
Show replies
manu_susankar
Active Contributor
‎03-22-2009 6:25 PM
0 Kudos

Hi Pavithra Balasubramanian,

If you are looking for the SHD0 help docu chek here [SHD0|http://help.sap.com/saphelp_erp2004/helpdata/EN/67/232037ebf1cc09e10000009b38f889/frameset.htm]

Regards,

S.Manu.

Show replies
Show replies
Former Member
‎03-17-2009 10:42 AM
0 Kudos

Hi ,

I got your reply on this . Many thanks . But what Iam asking is , I need an user level T-Code restriction, so could you suggest

And Iam not able to see any relevant information in the below link

http://sap.ittoolbox.com/groups/technical-functional/sap-log-pp/shd0-tcode-1411069?cv=expanded

Hence please advice!

Show replies
Show replies
Former Member
‎03-17-2009 12:33 PM
0 Kudos

Hi,

Please check the roles attached to the users. And remove the tcodes which you want to restrict and generate the profile again.

You can user SUIM to find all the users having access to SU01, pfcg etc.

Hope this helps.

Manoj

Former Member
‎03-17-2009 1:07 PM
0 Kudos

Hi ,

Many thanks for the reply. But what iam asking is, i dont want to touch any roles to restrict any T-codes because if i change one role and for some other users that role may be needed to them, hence the changes to a particular role will get an impact to all the users who are having that role.

Without changing any roles , is there any way to restrict a user from accessing the specific T-Code?

Former Member
‎03-17-2009 1:18 PM
0 Kudos

No, you can't.

Former Member
‎03-17-2009 1:24 PM
0 Kudos

Hi,

Many thanks for the reply. Could you tell me what is meany by SHD0 transaction and what it does and how?

Former Member
‎03-22-2009 8:55 AM
0 Kudos

Hi,

Check the below thread.

Regards,

Gowrinadh

Ask a Question