Solved: Restriction of SQ01 from SQVI

Former Member · ‎09-25-2012

Dear Experts,

When we execute T-code SQVI, we get access of T-code-> SQ01 (sap query tab) on homepage of SQVI. We want to restrict access of SQ01 while executing SQVI. I need to create a role for transaction SQVI with restriction of SQ01. If users click on tab "sap query", they should get message of " no authorization".

we use SQVI (QuickViewer) to compare the database tables without using other external toolslike excel to compare.

Also, I tried to dectivate objects s_query & s_translat, but no success, still users can execute it !!!

Please suggest????

Former Member · ‎09-25-2012

Hi Sumit,

If you created a role containing only the SQVI, edit the related authorizations objects or activity that can be done by SQ01.

This is in PFCG->enter role->authorizations Tab- edit. Find the authorization objects related to it and limit activity.

Cheers,

Rod

Former Member · ‎09-25-2012

This message was moderated.

Former Member · ‎09-25-2012

Hi Sumit,

If you created a role containing only the SQVI, edit the related authorizations objects or activity that can be done by SQ01.

This is in PFCG->enter role->authorizations Tab- edit. Find the authorization objects related to it and limit activity.

Cheers,

Rod

Former Member · ‎09-26-2012

Dear Rodel,

If we create new role with T-code-> SQVI, it adds only one object i.e. is S_TCODE (which contain SQVI only), so no authorisation object get added in that role except S_TCODE.

How can i modified?

Former Member · ‎09-26-2012

Hi Sumit,

Whenever you add a tcode in a role, there should be changes that are marked New. You need to click the New button to check what are the new objects added or created. From there, you can modify.

Cheers,

Rod

Former Member · ‎09-26-2012

Dear Rodel,

Please see below screnshot

Request you check from your end also.

Former Member · ‎10-05-2012

Hi Sumit,

It seems in your role structure, it is not prposing the auth. object S_QUERY. You need to go into T-code S_QUERY and maintain the indicator yes for proposal for this T-code . Once you will do this and will add this T-code SQVI in your role, it will add onr more auth. object S_QUERY in authorisation tab addition to S_TCODE.

You need to maintain the vaule for activity in this auth. object only translate and generate the role.

Now try to run the T-code SQVI and if you will click on SAP QUERY it will not allow you to go into that. It will give authoriation error.

Please try to do it and let me know if there is any issue.

Thanks

Varun Jain

Former Member · ‎10-05-2012

Dear Varun,

Thanks a ton, Problem resolved we are able to restrict SAP query from SQVI

Former Member · ‎09-26-2012

Hi Sumit,

I have tried replicating your problem and yes, I get the same problem on the SQ01.

I believe that SQ01 and SQVI have the same functions and whoever have either of the two will not be restricted in either SQ01 or SQVI.

If you can raise an OSS message regarding this, please do so.

Cheers,

Rodel

Former Member · ‎10-04-2012

Hi Sumit, Are you adding SQ01 just to pull in the authorization objects required for SQVI into the role? If so check SU24 to ensure S_QUERY is proposed for SQVI.

Best Regards,

Janardhan