Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restict the user from changing the default printer set in User master

Former Member

‎03-26-2015 1:04 AM

0 Kudos

Hi All,

We need to restrict the end user from changing the default printer set in User master?

please let us know if there is any option in SAP. ?


Thanks

Thiru

3 REPLIES 3

former_member183424
Active Contributor

‎03-26-2015 5:25 AM

0 Kudos

Remove the authorization for t-code SU3 and SU01 from the user.

Former Member

‎03-26-2015 5:50 AM

0 Kudos


Hi,

Our company has very strict rule for not changing any data in user master.

Contact your basis team

Whenever i go to change any details the system is giving an error message saying

Message no. 01492-

You are not authorized to change users in group

Authorization object: S_USER_GRP: Basis: admin (activity-02)

You can give give only display option to the users.

Regards,

Priti.

Former Member

‎03-26-2015 3:37 PM

0 Kudos

Thiruthiru,

First of all you need to understand what transaction the user is executing to get to the user defaults page.      If you are not the SAP Security administrator then you should direct this request for change to that group with your requirements so that the role granting it can be updated.

A few transactions can be executed to get to this screen:

SU01  -   User Maintenance Initial screen   (restricted to security personnel or other approved resources how manage the user population in differing degrees)

SU3 -  Maintain User Profile   -  Used to maintain Address, Defaults (printers), and Parameters tab.

SU2 - Maintain User Profile -     Used to maintain Address, and Parameters only

SU1 - Maintain User Profile  -  Used to maintain Profile only

SU0  -  Maintain User Profile -   Used to maintain Address and Defaults only

SU01D -  Same as SU01 but by default restricted to 03 display only access (unless you change it)

Next you must ask yourself what are my requirements for end user management across my domain/environment.

1.  Should users be able to view all of their information but not change any data?

2. Should they only be able to view their profile data, and if so what profile data should they be able to view and what should they be allowed to change?

Once you answer that, then you need to understand which of the above best meets those needs and go through your testing process in your development environment to validate what authorization restrictions need to be made in the role or if any auth. value changes need to be updated via SU24 to accomplish your goal.

You may even need to create a custom z_transaction for one of the above and restrict some of the fields to be display only or even hidden.

-M