05-22-2008 3:10 AM
hi,
should SE03 be given to developers or consultant ? because i find that they can actually access to "client setting" (SCC4) from SE03.
SE03 --> Set System Change Option --> Client setting
comment and advice will be highly appreciated.
thanks.
regards,
kent
05-22-2008 4:28 AM
Hi,
I dont think there is any harm giving them access.
However, just limit it to your DEV systems.
Rgds,
Amal
05-22-2008 4:28 AM
Hi,
I dont think there is any harm giving them access.
However, just limit it to your DEV systems.
Rgds,
Amal
05-22-2008 7:25 AM
SCC4 is nothing else than a parameterized version if SM30. The client settings have more backdoors like SE03. Especially in dev systems I wouldn't worry too much as developers often have sufficient options to change this data. Taking transactions way from developers in dev systems only creates fake security.
To actually change client settings the user also needs S_TABU_DIS with ACTVT '02' and DICBERCLS 'SS'.
05-22-2008 10:11 AM
hi Jurjen Heeck,
i modified the existing role and take out S_TABU_DIS with ACTVT '02' and DICBERCLS 'SS'.
but the id still can make changes in the client settings scree.
regards,
kent
05-22-2008 10:15 AM
> i modified the existing role and take out S_TABU_DIS with ACTVT '02' and DICBERCLS 'SS'.
>
> but the id still can make changes in the client settings scree.
You've misunderstood me. That's what someone needs to change this table. If you give only ACTVT 03 they should have read-only access.
05-22-2008 2:22 PM
Access to the set system change option in SE03 is usually given to just basis team. You can control access to this by using auth object S_CTS_ADMI - value SYSC.