cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

authorisation group for reports ??

ashish_vikas
Active Contributor

on ‎01-07-2011 1:36 PM

0 Kudos

Hello friends,

Can some one tell me how can i create a new authorization group for programs/reports. I need to use this value in authorization Object S_PROGRAM > filed P_GROUP.

On SAP help, i understand table TPGP should be updated.. But should i update table directly OR there is some additional transaction available ?

(I am not talking about authorization group for tables)

thanks

ashish

Edited by: ashish vikas on Jan 7, 2011 7:17 PM

Edited by: ashish vikas on Jan 7, 2011 7:19 PM

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

madhumsr
Participant
‎09-12-2014 5:12 PM
0 Kudos

This message was moderated.

Show replies
Show replies
Former Member
‎01-07-2011 3:02 PM
0 Kudos

You don't have to create an auth group anywhere to be able to enter the characters against a program or in S_PROGRAM.

You can create program auth groups in SE54 like you would for tables.

Show replies
Show replies
ashish_vikas
Active Contributor
‎01-07-2011 3:13 PM
0 Kudos

then what this thread talks about ?

thanks

ashish

Former Member
‎01-07-2011 3:44 PM
0 Kudos

A brief browse indicates that it is telling you how to see what auth groups are assigned to programs and how you can update those mappings. For the sake of repeating myself, you do not need to create an auth group to be able to populate a value against a program or update a role. Open up SAP and experiement!

ashish_vikas
Active Contributor
‎01-07-2011 4:27 PM
0 Kudos

Alex.. what i understand now is, I can assign authorization groups to a program in 2 ways :

1. SE38 approach - By editing the attribute. if I do so, i need to create authorization groups in TPGP.

2. Through RSCSAUTH - I use this and it assign authorization groups to the program.

However, I do not find this new authorization group TPGP table now.. Is this OK ?

Will in BOTH CASE, role with this authorization group will be used ?

thanks

ashish

Former Member
‎01-07-2011 7:02 PM
0 Kudos

Hi,

Both methods will work, just like table auth groups you don't need the group to be created - it's a free form field that will allow arbitrary entries (at least it is on the ECC6 system last did it on).

Former Member
‎01-07-2011 7:40 PM
0 Kudos

You can edit the available list of groups via SM30 using view V_TPGP. This is always better as you have a value help (F4) for it when assigning the groups.

When the group does not exist, or in SE38 you change the attributes although RSCSAUTH wants to remember a different one, then the system throws a warning at you that the group does not exist or is going to create an inconsistency.

Generally, you can accept warnings by hitting the "Enter" key and save the group anyway.

Best practice is to create and document them - that way you have more consistency.

However, to be honest, the S_PROGRAM mechanism is a major pain and will hopefully become obsolete oneday with newer programming techniques. You should only use it as a blunt method to prevent upfront the execution of really critical programs (though such programs should contain correct checks in the correct coding locations anyway, so...).

Cheers,

Julius

ashish_vikas
Active Contributor
‎01-08-2011 10:37 AM
0 Kudos

fine.. Let me summarize what i understand.

1. Create Authorization groups via SM30 using view V_TPGP

2. Assign this Authorization group to any program by any one of the two methods(SE30-attributes or report RSCSAUTH)

Correct ??

thanks

ashish

Former Member
‎01-08-2011 11:02 AM
0 Kudos

To avoid inconsistencies between the trdir and srepoath records you should only use one of the methods, and rscsauth is by far the better method to use, particularly if you are protecting some SAP standard reports.

Cheers,

Julius

madhumsr
Participant
‎09-12-2014 6:08 PM
0 Kudos

This message was moderated.

madhumsr
Participant
‎09-13-2014 1:07 PM
0 Kudos

This message was moderated.

Ask a Question