cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security issues in OM Actions

Go to solution
Former Member

on ‎05-16-2006 2:11 PM

0 Kudos

Hello gurues,

I had customized some actions for PA and I could customized parameter UGR so that not all of them would be displayed in PA40 (depending on UGR parameter of each user)

Now, I have to deal with OM actions and I realize They dont use parameter UGR.... Is there any way to implement some security issues in these actions? How can I deny or grant access to OM actions to some users?

Please ANY comment will be very apreciated, thanks very much in advance.

Regards, Cristian.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-16-2006 3:32 PM
0 Kudos

I don't know of a parameter to help you with this but a couple ideas: obviously, standard security will restrict folks from using actions they're not supposed to, but they'll still see them in the drop down list in transaction PP03 - they just won't be able to use them; you can use the actual transactions for the actions and only give people authorization to the transactions they're supposed to use (these are listed in Table T77S0 under group 'TCODE' and you have to look for them b/c they're mixed in with other transactions - for example, the action 'Create Position' is PQ13); you could just use PPOCE/PPOME, which is much cleaner than actions and the method I have recommended my clients use since 4.6C. The client won't have to dig through a list of irrelevant actions.

One word of warning - don't delete the delivered actions you're not using. They're used throughout the system. For example, all the Training Management actions drive the screens in the Training Management function. If you delete them, the training screens will be gone. That may not matter now, but it could impact your client as they grow their footprint in the future.

Hope this helps.

Cheers,

Sharon

Show replies
Show replies
Former Member
‎05-16-2006 5:09 PM
0 Kudos

Sharon, THANK YOU A LOT!

Im gonna use your first idea (using table T77SO).

Let me ask you one thing more, you said "standard security will restrict folks from using actions they're not supposed to", how come that? I thought that standard security was in the level of accessing or not to some transaction (pp03 in this case) but not in the level of restricting the execution of some actions.

Thank you again

Former Member
‎05-16-2006 8:26 PM
0 Kudos

Hi Christian,

In PD security, you restrict by Transactions first but then you also restrict by Object Type and infotype. So you can indicate that someone can see an object type but not create/change it's IT1000 (or 1001), for example. Or that they have no access to that particular object at all. However, it will still show up in the Action pick list because the pick list is the Action IDs, not the objects themselves. So, while they can see the action, if they selected it, they wouldn't be able to do anything with it.

Hope this helps.

Cheers,

Sharon

Answers (0)

Ask a Question