09-07-2015 7:25 PM
Hi Experts,
Good day.
I would like to seek your help to guide me how to maintain auth object S_ALV_LAYO. This is to not allow certain users to save default layouts.
Thanks.
09-07-2015 11:12 PM
Hi Jajah
This is an example of cross-functional access. Like background job access, there should be a policy that you build and restrict access to. If not, you end up with situation where users ring the service desk complaining each day that someone keeps changing their layout or a program fails to run as the default layout has been altered or removed.
Regards
Colleen
09-07-2015 11:12 PM
Hi Jajah
This is an example of cross-functional access. Like background job access, there should be a policy that you build and restrict access to. If not, you end up with situation where users ring the service desk complaining each day that someone keeps changing their layout or a program fails to run as the default layout has been altered or removed.
Regards
Colleen
09-09-2015 2:42 PM
Hi Colleen,
Thank you for your response.
Actually this question came from the issue that the users wanted to disable the "default setting" checkbox in ALV layout. Since it is standard program, we can't do code change. I opened OSS message and sap mentioned this auth object.
To answer your question: The tcodes are being accessed in production.
The original request was to gray out th checkbox for default setting so i assume user specific will be used.
Please assist.
Thanks
09-09-2015 11:32 PM
Hi Jajah
The default is user-specific.
Why would you need to lock that down? If you do that you are taking functionality away from the users.
If you don't grant S_ALV_LAYO to the user then they cannot change default for the report.The user can go into and manage their variants to remove default.
What is the risk in a user creating their own default?
Without seeing the context of what SAP said, that object is all about globally maintaining a layout and publishing it so it's available to all users. Users can still come in and make the choice.
A possible way to lock it down is to grant F_IT_ALV with ACTVT 03. However, this will mean users cannot save their own variants and must use the global display variants. This could frustrate users who access reports frequently and build their own variants (it would apply to all the ALVs).
Regards
Colleen
09-09-2015 11:38 PM
Without S_ALV_LAYO the user is still able to create personal layouts
S_ALV_LAYO enables a user to maintain general layouts, can amend general layouts that are created by other users.
09-09-2015 11:41 PM
Hi Jurgen
Agree but if you do add optional authorisation F_IT_ALV you can restrict the user from creating their personal variants (though it's been a while). Full access to F_IT_ALV is the same as no access to the object.
But yes, that was my point - you can't stop the default flag as it's not secured unless you take away all ability which does not make sense for a user.
Regards
Colleen
09-10-2015 4:54 PM
Hi Colleen,
The user wants to disable the default setting checkbox.
How could we do that using auth object?
Thanks
09-11-2015 2:58 AM
I don't think security authorisation is going to allow that
Again, why does a user want to disable that feature? It is one user or a business requirement? What is the risk?
06-10-2016 7:00 AM
Dear
Can u explain how you did disable default setting i tried S_ALV_LAYO and F_IT_ALV but ni luck
can u elaborate on the same
Regards