11-19-2009 7:38 AM
Hello,
i have two questions.
1. Is there a possibility to hide the "Paramater" tab in the su01?
2. Is there a possibility to hide an specific parameter entry in the "Paramater" tab in the su01?
TIA!
christian
11-19-2009 8:17 AM
11-19-2009 8:17 AM
11-19-2009 8:33 AM
Thank's for your reply!
I've set up a new scenario for Manager's Desktop and given the user's the paramater MWB_SCEN to direct them to their correct Manager's Desktop scenario!
The user's shouldn't be able to change this parameter because they shouldn't have access to an other scenario then their own!
Is there a possibilty to display this?
11-19-2009 8:45 AM
11-19-2009 8:48 AM
It would be the last possibilty, because with su50 the users can't change any parameter
11-19-2009 8:56 AM
If you are using parameters for any form of security then users should not be able to change their own params.
This is a big flaw in the use of parameters for control purposes and the cost of using this method
11-19-2009 9:52 AM
There are other transactions too:
with SU50 you can just show tabs address and defaults - no change
with SU51/SU1 you can maintain address
with SU52/SU2 you can maintain parameters
with SU0 you can maintain defaults.
Regards,
Julia
11-19-2009 8:55 AM
It is possible !
Have you heard about screen variants? (tcode SHD0)
We can disable,enable,hide,etc..(any tab,option etc,.) in sap screens through screen variants.
But its client level. If you disable in a client, it will reflect the same in entire client. We cant do for a particular user.
Thanks & Regards,
Nagendra.
11-19-2009 4:16 PM
I think Julia already gave you one option. Do not give them access to t-codes that can change paramaters like Su52, Su2. Give them SU3, SU51 so that they can maintain Adress or Defaults. Give them SU01D to display.
Flipside is they will always come to you for any parameter ID change.
11-19-2009 10:08 PM
Even if you hide the visibility, the user might find a way to SET the parameter before it is GET. Some transactions and reports do this. A where-used-list might help you further.
If you have used this as a technique, then chances are good that they will work it out...
As mentioned before, it is a preference of the user and should not be used for security purposes.
You will end up with a lot of admin costs and it will not be secure anyway.
A better option is personalization. You can define these keys as an admin in SU01, or even transport them via role assignments.
Cheers,
Julius