01-10-2008 2:14 AM
We want to give people access to transaction SOST to display and resend notifications, but not to delete them. The transaction checks object S_OC_ROLE, but I can't find any info about the possible values for OFFADMI. ADMINISTRATOR gives delete access, so does * and without this object you can't even start the transaction.
Any help would be appreciated.
01-11-2008 12:08 AM
Thanks for the reply.
I had a look at SOSB but it only shows the users own transmissions. The people I mentioned need to see all users transmissions
Unless there is some way to configure SOSB to show all transmissions then it is of no use to us.
01-10-2008 10:46 AM
Hi
Please give him access on the SOSB instead of SOST. then the users are not allowed to delete the message.
Regards
Anwer Waseem
SAP BASIS
01-11-2008 12:08 AM
Thanks for the reply.
I had a look at SOSB but it only shows the users own transmissions. The people I mentioned need to see all users transmissions
Unless there is some way to configure SOSB to show all transmissions then it is of no use to us.
07-10-2008 11:07 AM
Hi Everyone!
Today, I reaised that sometimes, we dont realise the solution though it is just infront of our eyes!!! I solved this solution as below. May be useful to others whoever facing this problem.
I guess the below information is sufficient being you guys are from Security Team.
1) Use T code SOSG
2) Create one user group and add the relevant users under this group
3) Use authorization object S_OC_SOSG
Extract from SAP HELP
The selection can be restricted further by specifying the sender and send method. In the Sender field, you can enter user names and user groups. If a user group is entered, all users are selected that have this group entered in their user master record (transaction SU01 -> User Group for Authorization Check), or that are assigned to this group (transaction SU01 -> Groups).
If a user is only allowed to select send requests of particular users or groups, he or she can use transaction SOSG to do so. This transaction corresponds to transaction SOST but makes additional authorization checks. A user does not need the authorization ADMINISTRATOR in the authorization object S_OC_ROLE to use this transaction. The authorization for selecting users or groups in transaction SOSG is controlled by the authorization object S_OC_SOSG. In transaction SOSG, if a user chooses the input help for the Sender field, only those users and groups are displayed for which the user has display authorization.
regards
S
07-10-2008 11:57 AM
11-21-2008 5:16 AM
I have tried the steps and information you provided. However, I am still unable to disable the delete and re send request functionality from SOSG. Any ideas?
05-13-2010 5:48 PM
We are facing the same problem. I just wondering if any soultion found to the DELETE function? Thanks
Alfred
05-17-2010 2:22 PM