Solved: Only Display Role

Former Member · ‎09-07-2007

Hi,

I have to make one role. Users with this role must be able to display all the transactions, but cannot edit or create anything.

I want to set the "ACTVT" authorisation field value to "Display" only. Is there any where to set "ACTVT" field value globally?

Is it possible by some ABAP script?

Thnx in advance.

Former Member · ‎09-07-2007

You can't set display globally & as far as I'm aware there is no script for this. It would be difficult to do this as there are a number of different activity values that constitute "Display"

It takes about 2 hours to create a role with all auth objects in and then change all activity values to show the particular display modes. You should also be careful to ensure that you have identified and changed (or removed) all sensitive auth objects (e.g. S_ ). Don't forget that this sort of role shouldn't be used in your production system either.

There is loads of other info on the forum if you use the search box for SA_ALL_DISPLAY

Former Member · ‎09-07-2007

You can't set display globally & as far as I'm aware there is no script for this. It would be difficult to do this as there are a number of different activity values that constitute "Display"

It takes about 2 hours to create a role with all auth objects in and then change all activity values to show the particular display modes. You should also be careful to ensure that you have identified and changed (or removed) all sensitive auth objects (e.g. S_ ). Don't forget that this sort of role shouldn't be used in your production system either.

There is loads of other info on the forum if you use the search box for SA_ALL_DISPLAY

Former Member · ‎09-10-2007

Thanks alex, I have got my answer. I knew this method only. Searching for a better method only.

Warm Regards,

Anirban.

Former Member · ‎09-07-2007

Assuming that you are planning to use S_TCODE with a "*" with this role - this can be dangerous since there are some tcodes that do not have an auth object like RZ11.