03-20-2007 12:14 PM
HI,
How to restrict the spro settings for particular module.
for example sd user is there he want to do customizations settings in sd module only like that we have to restrcit the user.
03-20-2007 12:24 PM
Hi Chinnu,
Its tough but we listed out all SD Tcodes related Customizatiopn and assigned them to Module related roles...
So just giving SPRO does not provide them complete authorization to do all customizing...so it shd be backed up by reletive Tcodes as well.
Check this earlier thread and response by Wolfgang for Info.
Hope it helps.
VBr,
Sri
Award points fo rhelpful answers
Message was edited by:
Sri Raghu Kishore Pusapati
03-21-2007 7:06 AM
03-29-2007 10:21 AM
this is actually not as hard as you would think.
first, you can specify the different customizing areas in SPRO_ADMIN by creating a scope. In this scope you can easily specify the nodes which you want to be turned into a role.
I used to make this while differentiating between different functional areas, but it's up to you how you want it to be split up.
once you're done creating different scopes for different activities, you can create roles (empty) and in the menu-tab of the PFCG you can go to <b>Utilities-->Customizing auth.</b> and select the scope for which you want to make a role.
It will insert all required transactions and their corresponding authorization objects. you will obviously have to maintain the different objects manually and also make sure that user and role maintenance are excluded from the different scopes as they will be automatically included in most of them.
finally, you can assign these roles to the required users.
I hope this helps!
Message was edited by:
Dimitri