07-06-2007 1:59 PM
We just created a transaction that combines two transactions xd01 and fd32. I need to add this new transaction, but remove access to users inputting the above transactions. How do I do that?
Thanks,
07-06-2007 2:04 PM
Maritza,
You will need to find all of the roles and that have access to XD01/02. You can use SUIM to run a report to find out where the access resides.
You will then need to use transaction PFCG to remove the access from the various roles. Then add the new transactions to the roles which need the access.
Other steps may be necessary depending on the security design in your environment.
Cheers,
Ben
07-06-2007 2:04 PM
Maritza,
You will need to find all of the roles and that have access to XD01/02. You can use SUIM to run a report to find out where the access resides.
You will then need to use transaction PFCG to remove the access from the various roles. Then add the new transactions to the roles which need the access.
Other steps may be necessary depending on the security design in your environment.
Cheers,
Ben
07-06-2007 2:07 PM
I have used SUIM and have removed these two and when I execute the Newly created transaction it says you are not authorized although via the Role I am in I see the transaction.
It appears that when I remove these two transactions the Newly created one does not work. Any suggestions?
i have even taken the long way and just added the objects.........still a no go.
07-06-2007 2:11 PM
Maritza,
Run a ST01 trace with a powerful ID to find out all of the security objects that are needed to perform the transaction. If you don't want to do this you can run SU53 after the failure (to get the failed object) however you will likely have to do it several times as there a few objects being checked in XD01/02.
Add these objects to the custom transaction in SU24.
Edit the role and add the custom transaction again and the objects will be added.
Or you could just manually insert the objects to the role.
Cheers,
Ben
07-06-2007 2:05 PM
Hello Martiza,
Using report RSUSR070 find out the role which give access to xd01 and fd32 and remove the transactions from those roles. You may then add the new transaction to those roles.
Regards.
Ruchit.