05-23-2007 2:56 AM
Hi All,
I need to restrict Transaction SE38 from end user execution.?
Transaction SE38 is not available in the roles assigned to end user, but still it is available for the end user to execute.
Points
1. Enduser is having some reports for execution at ECCS level.
Can any one help me out in sorting the issue?
regards,
vivek
05-23-2007 6:01 AM
Hi Vivek,
1. If you have not given authorization for se38 then it can't be accessible to the user.
2. Have you checked whether he types se38 in transaction window and he gets the access?
3. if yes then check the object s_tcode and remove se38 from this object.
Please confirm if this solves your problem.
Else you can write back with more details of your problem.
Cheers
---Shamish
05-23-2007 6:01 AM
Hi Vivek,
1. If you have not given authorization for se38 then it can't be accessible to the user.
2. Have you checked whether he types se38 in transaction window and he gets the access?
3. if yes then check the object s_tcode and remove se38 from this object.
Please confirm if this solves your problem.
Else you can write back with more details of your problem.
Cheers
---Shamish
05-23-2007 6:11 AM
Hi
Create a role and assigne T code in this role if you not assigne SE38 in this role the user not access this t code.
and if want to lock SE38 go T code SM01 and lock this T Code.
Thanks
Pankaj Kumar
05-23-2007 7:52 AM
Please remember, locking se38 through sm01 will lock it for everyone which is not your requirement.
developers will need this transaction even in production system.
Cheers.
-
Shamish
05-23-2007 8:11 AM
Hi,
verify if the roles
assigned to the end user have
any of the following values
S_TCODE with S* or * or SE* or SE38
If the role has any of these values then he will have access.
If you dont want access remove these values or make necessary modifications to range of values given to make sure that SE38 is not available in that range.
Apart form that also check the S_DEVELOP and S_PROGRAM which are auth objects which mainly control access in this Tcode.
Hope this helps
Manohar
05-23-2007 10:32 AM
Hi Vivekanandan,
Just check if any of the following transactions exist in any of the roles assigend to users:
MN0Z
OODR
OVNN
OVRC
OVRE
RBDMIDOC
The above mentioned transactions will give access to run ABAP Editor. And also this transactions will bring up the objects S_PROGRAM, S_DEVELOP when added in the role. So just check out if these transactions are added in the role.
Hope it helps.
Please award points if it is useful.
Thanks & Regards,
Santosh