06-02-2009 9:21 AM
Hi all,
I want to control the IT users' authorization as display only for each Authorization Object.
As i know, there are 177 Item of field "ACTVT" in ECC system, But i'm not ture which the value can limited the authoirzation as display only.
Im worry about IT users have not authorization for the work if just keep "03-display" in authorization object, I plan to remove below value of ACTVT:
01-create, 02-change, 05-Lock,06-Delete,07-Activate, generate
But i'm not sure whether should be removed for below values:
52-Change application start
60-Import
61-Export
62-Create automatic Ledger
63-Activate
64-Generate
70-Administer
75-Remove
C3-Maintenance of manual auth.
C4-Develope Payment Card
FP-Change customer field selectn
...
Could anyone can tell me, Which values of ACTVT can limited the authorization as display only. at the same time, it havent an effect on work of IT users.
06-02-2009 9:27 AM
Oh dear....
> As i know, there are 177 Item of field "ACTVT" in ECC system.
Besides that, I've identified 130 other activity-related fields with 1800+ possible values in total. At that point I gave up on trying to technically define 'read only'. Building and testing is definately faster.
06-02-2009 9:37 AM
Yep, I agree with Jurjen. It is not only limited to ACTVT, but rather fields of other objects as well which are "action" or "activity" related.
I would start the other way around - give them '03' only and investigate any transaction specific claims that it is not enough. There will be a few...
Cheers,
Julius