would suggest as minimum buy the book Authorisations Made Easy from AMAZON.com and read that first.

Secondly would advise to contact your local SAP eduction Centre and follow courses ADM940/950/960 ASAP, as security is far to dangerous to play with when not knowing how to.

Jurjen

luckily the one sentence is not enough to do it also!

>

> Dear Surya,

>

> The remarks that you may hear from the experinced folks must not ( read NEVER) down your desire to work harder. I have head enough and have lived up to these suggestioons !!

What is your problem when the advise to read a good book or follow a SAP course is given??

We all had to learn it that way.

> Please read these as beating on your knuckles from your teacher!! to allow our commuinty of practioners grow !!

What do you mean by this remark???

>

> I am expecting more and more during this year...one way to reduce it is ......obey your teaher !!

Of what do you expect more this year???

What should be reduced?

Juluis,

Could this person not be a ' top gun" in the corporation ?

Julius,

Thanks for your concern. The odd ball out here is SE37. We are aware of this. This profile is not for the production but for the development and QAS. There are few function modules which gets executed using sy-uname. As part of the testing I may have to debug our Java Webdynpro application by setting an external break point in R/3 function modules and debug. That time, I need to login to R/3 using the end user userid and that userid needs a se37 access. Hope I made my-self clear here. I am not going to move this role to Production. Please let me know if you have any questions about my approach here.

Thanks!

Surya.

Hello Surya,

Thanks for confirming that this is a role for development system purposes.

Yes, I think your approach is on the right track, but have some small comments:

By "end user" I assume you are describing a "dialog user" for debugging purposes.

I also assume that this application will oneday be running as a service in a production system.

Will your customers have access to the backend system?

In my opinion, VA01 is the odd ball out here, and you should be debugging the session of the service (user) (only) with VA01 authority to find the bugs.

Kind regards,

Julius

>>By "end user" I assume you are describing a "dialog user" for debugging purposes.

End user means the real end user which is a franchise id

>>I also assume that this application will oneday be running as a service in a production system.

You are right

>>Will your customers have access to the backend system?

No.The only way they can access the R/3 functionality is by using the WebDynpro for java application.

>>VA01 is the odd ball out here,

We are implementing FI processes and order procurement process. Franchises are going to place orders to the central unit and they are going post the Goods Reciepts.

P.S : I am the WebDynpro/Adobe developer but I was asked to take this security role as we don't have a security specialist here.

Thanks!

Surya.

Dear Surya

As i understand from the expert discussion, they have objection not to give authority on the SE37.

Regards

Anwer Waseem

I still think VA01 is the odd ball out, as it is the service. You are a developer, why should you not have access to SE37?

See my answer to your [other thread on a related topic|;.

Cheers and good luck,

Julius