My manager wanted nothing to be in the menu tab for the user. So how could I disable that?

curious why does the manager want this, does he understand SAP or is he an amateur?

Hi JC,

Thanks for your reply. Since that was a copy of another role I can still delete the copied role and startover again. Now I need inputs on the following.

1) Is there a way that I can disable or remove what is there in the menu tab without actually deleting them?

2)How to maintain the org level once I save the profile? Will clicking on the maintain authorisations tab show it again.?

I also strongly encourage you to pick up the Authorizations Made easy at a minimum prior to even considering maintaining any roles.

You need to have an understanding of the SAP security authorization concept; all the authorizations from a role are generated from the transactions assigend to the menu.

If the user shouldn't see the user specific menu, then the specific roles need to be removed from the user ID. By deleting the menu, you are deleting all the authorizations that the user would have access to (AND for any other users assigned this role); pick up the book or look at SAP help to at least understand how SAP security works.

Message was edited by:

Julie Nguyen

Yes if your objective is for the user not to see the user menu, then either updating table SSM_CUST - as already mentioned - will turn off all user menus. The other option is table USERS_SSM - this will give you the option to turn off menus for some user and not others.

ORG level values can be maintained in the auth tab - it should be called "organizational levels" just below the find binoculars. These should actually be maintained first before you maintain the other values.

Just curios why should you want to delete the menu??

The user will never be able to do more than the TRX you assigned them. So what is the purpose of deleting menu’s for users?? Does the manager who ordered this know what SAP authorization is about or is he <b><removed by moderator></b>??

Message was edited by: Moderator

Please keep it civil.

Sorry you're asking wrong person - "rookie" posted the question.

There might be some reason that they don't want the user menu to be seen and just default the SAP menu - which is what I think rookie was getting at and not necessarily to "delete" the menu.

In that case the SSM option seems the best solution to me???

Stil am curious: so rookie can you answer the question??

I have been asked to do the same in the past by some amateur SAP specialist in the business, but could convince the requester that it had no use to do these kind of things.

Based on your questions I totally agree with Julie Nguyen.

Based on your thread I think you just want to hide the transaction from the menu. Btw, this can be done. Let me know if this is the case and I can post explicit instructions.

Hi,

If you only want the sap default menu, do as the previous answere. If you want in a role a transaction that will not appear in the user menu, then use the tab authorization default in the men tab. The user will not see that transaction, but can execute it knowing the transaction code.

What you did deleting the menu in the role is deleting all transactions. If you did not generate the profiles again, the old profiles must be still there. So this is very dangerous. Using the profile generator always generate the profiles after changing the role.

Have fun

Jan van Roest

What is your goal? What are you trying to acheive with your changes?