03-12-2007 1:27 AM
Hi
Can anyone please let me know to set authorization to Table and Reports in SAP .
Thank you.
03-12-2007 12:02 PM
Hi Ravi,
Give access to transactions:
SA38 for Report programs
SM30 for Tables.
The 2 main objects cheked mainly are:
S_DEVELOP
S_TABU_DIS, respectively.
<u><b>S_DEVELOP:</b></u>
This contains the following fields:
<b>Development class for transport system</b>: Development class for which a user is authorized.
<b>Development object ID</b>: Object types for which a user is authorized.
<b>Node name</b>: Name of the programs or other types of objects, for which the user has authorization (also generic).
<b>Authorization group with ABAP programs:</b> Valid authorization groups for ABAP programs and associated objects. If you are not using your own authorization groups, you should set this field to the value *.
<b>Activity</b>: Operations that a user can perform.
<u><b>S_TABU_DIS</b></u>:
The object contains the following fields:
<b>Authorization group for DD objects</b>: Authorization for tables by authorization class according to table TDDAT.
Enter the name of the allowed classes. Table classes are defined in table TDDAT.
<b>Activity:</b> Allowed operations.
Hope it helps.
Please award points if it is useful.
Thanks & Regards,
santosh
03-12-2007 7:46 AM
Access to table maintenance can be restricted using the authorisation object S_TABU_DIS
( the field DICBERCLS defines the Authorisation Group, which you can define in the table maintenance generator, The field ACTVT defines the different activities (edit, delete, read etc...)
You can restrict access to table maintenance (sm30) by using this authorisation group.
To restrict access to reports, you could create transactions for them and then restrict the access with the S_TCODE autorisation object.
03-12-2007 11:28 AM
Hi Ravi,
To set the authorization for the table.
1. FInd out the authorization group for the table in the transaction SUCU, if no authrization group is assigned ask the abaper to create and assign the auth.group for the table.
2. while creating the role specify the auth.group in the DICBERLS field and mention the required activity in the ACTVT field in S_TABU_DIS auth.object.
To set the authorization for the single report.
1. While creating the role, there will be option called reports in the menu bar of PFCG transaction, click on the reports button and specify the report in the report columnand aslo select the report type: ABAP report.
Regards,
Ashok
03-12-2007 12:02 PM
Hi Ravi,
Give access to transactions:
SA38 for Report programs
SM30 for Tables.
The 2 main objects cheked mainly are:
S_DEVELOP
S_TABU_DIS, respectively.
<u><b>S_DEVELOP:</b></u>
This contains the following fields:
<b>Development class for transport system</b>: Development class for which a user is authorized.
<b>Development object ID</b>: Object types for which a user is authorized.
<b>Node name</b>: Name of the programs or other types of objects, for which the user has authorization (also generic).
<b>Authorization group with ABAP programs:</b> Valid authorization groups for ABAP programs and associated objects. If you are not using your own authorization groups, you should set this field to the value *.
<b>Activity</b>: Operations that a user can perform.
<u><b>S_TABU_DIS</b></u>:
The object contains the following fields:
<b>Authorization group for DD objects</b>: Authorization for tables by authorization class according to table TDDAT.
Enter the name of the allowed classes. Table classes are defined in table TDDAT.
<b>Activity:</b> Allowed operations.
Hope it helps.
Please award points if it is useful.
Thanks & Regards,
santosh