07-04-2013 11:52 AM
Hello,
My goal is to delegate the printers management to groups of operators. These groups of operators can manage (create/update/delete) only the printers associated with their client respective.
To realize this, I take each printers that I associate in the respective mandt/client of each company (SPAD-> client).
In the SAP help it is mentioned regarding the spool administration that the authorization object S_ADMI_FCD can take two values:
Spool Administration
Authorization for spool administration is controlled in two groups of authorization values. You require authorizations from both groups to execute spool administration.
These groups are:
Client authorizations
o SPAD: Authorization for spool administration in all clients
o SPAR: Authorization for client-dependent spool administration
I created a role for my test (PFCG) that contains SPAD transaction in the menu, I then go into the authorizations and I remove the "SPAD" value to leave only SPAR in S_ADMI_FCD.
Maint.: 0 Unmaint. org. levels 0 open fields, Status: generated
ZM_TEST_SPAD ZM_TEST_SPAD
|
|-- Standard Cross-application Authorization Objects AAAB
| |
| --- Standard Transaction Code Check at Transaction Start S_TCODE
| |
| --- Standard Contrôle code de transaction lors du lancement transaction T-S971006200
| |
| ------ Transaction Code SPAD TCD
|
--- Maintained Basis: Administration BC_A
|
|-- Standard System Authorizations S_ADMI_FCD
| |
| --- Standard Autorisations système T-S971006200
| |
| ------ System administration function SPAA, SPAB, SPAC, SPAM, SPAR, SPTD, SPTR S_ADMI_FCD
|
|-- Maintained Spool: Actions S_SPO_ACT
| |
| --- Maintained Spool : actions T-S971006200
| |
| |----- Authorization field for spool ATTR, AUTH, BASE, DELE, DISP, PRNT, REDI, REPR SPOACTION
| ------ Value for authorization check * SPOAUTH
|
|-- Standard Spool: Device authorizations S_SPO_DEV
| |
| --- Standard Spool : autorisations pour périphériques T-S971006200
| |
| ------ Spool: Long device names * SPODEVICE
|
--- Standard Spool: Restriction on Maximum Number of Pages S_SPO_PAGE
|
--- Standard Spool : limitation du nombre maximal de pages T-S971006200
|
|----- Spool: Long device names * SPODEVICE
------ Spool: Page number of a reques *
I create a new 'operator' user in one mandt/client and I associate him this role.
I connect me in this operator, I execute the SPAD, I open one of these printers I had associated to this client.
I am in display mode!
I can't switch to edition and can edit only the printers associate in this mandt/client?
Could you help me understand what am I doing wrong?
Best regards
Laurent
07-04-2013 3:05 PM
07-05-2013 7:59 AM
Hi Nagarajan,
Thanks for your reply.
In my first message, I had mentioned that I had defined "*" in S_SPO_DEV-SPODEVICE.
Is this object authorization that you speak of?
I tried if still need to define printers associated with this mandt/client in this role.
I set this and this changes nothing.
| --- Changed Spool : autorisations pour périphériques T-S971006200
| |
| ------ Spool: Long device names LON-PRT201, LON-PRT202, LON-PRT204 SPODEVICE
Best regards
Laurent
07-07-2013 10:59 AM
Hi Laurent,
Yes, I was referring the same but instead of "*" try specifying the device name and see if that works.
Nagarajan
07-08-2013 9:45 AM
Hi Nagarajan,
I had been replaced "*" with "LON-PRT201", "LON-PRT202", "LON-PRT204", but it has not corrected.
Best regards
Laurent
07-11-2013 12:08 PM
Hi Laurent,
I lost access to my server so not able to try and see further about the problem you described...as soon as I get access back I will see for the possible solutions.
Regards,
Nagarajan Viswanathan