Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSO2 --Authorization

former_member1190121
Explorer

‎01-25-2010 8:52 PM

0 Kudos

Hi,

I am in process of creating BI sustainement role.I have added the tcode RSO2 in the role.Still the BI team is not able to acces the RSO2 trasanction.The reason for this is ,In the the back end RSO2 takes the data from some cross client tables.As per customer policy we should not give cross client table access in sustainment role.

If i allow the cross client table maintanence,they will abe to access & change all cross client tables.We don't want to give all the access.

Is there any way to give authorization to only few cross client tables?

Thanks,

Nagarjun.

6 REPLIES 6

Former Member

‎01-25-2010 10:17 PM

0 Kudos

Hi,

You use S_TABU_DIS to restrict access to the table groups that are required. If you also give access to change cross client tables then it will only be x-cli tables that are permitted through the S_TABU_DIS groups that you already have listed.

If you carefully select your table groups then you will achieve what you want.

Personally it sounds like your client has got hung up on "banning" an authorisation object without necessarily understanding how the control can be enforced.

Former Member
In response to Former Member

‎01-26-2010 6:47 AM

0 Kudos

Hi,

RSO2 is not required on daily basis for BI activities.So Instead of adding RSO2 in sutainment role. You can also create one separate role for RSO2 including S_TBAU_CLI and give the role access only for temporary purpose based on approvals. You can propose this idea to your company.

Or you can try whatever Alex mentioned.

Best Regards

Imran

former_member1190121
Explorer

‎01-26-2010 9:50 PM

0 Kudos

Hi,

Still i am not able to fix this.

Can any one please guide me on this?

Thanks,

Nagarjun.

Former Member
In response to former_member1190121

‎01-26-2010 11:38 PM

0 Kudos

Elaborate the issue you are facing, where are you stuck only then you can get help.

Regards,

Rajesh

Former Member
In response to former_member1190121

‎01-27-2010 1:55 PM

0 Kudos

Nagarjun,

Which part of my post did you not understand?

You limit access to tables via S_TABU_DIS so with S_TABU_CLI users can only change cross client tables that you have permitted in S_TABU_DIS.

Former Member

‎10-20-2011 7:17 PM

0 Kudos

I found this thread because I faced a similar issue. Someone requested RSO2 for PRD support but we didn't want to assign it because it's a maintenance txn that requires s_tabu_cli=X in order to start the txn. The users have &nc& in s_tabu_dis (we are working to remove that but for the time being they have it) and didn't want to add to the problem by giving s_tabu_cli=x.

The solution is to assign RSA2, a display txn that doesn't check s_tabu_cli.