topic Re: Transaction Variant & Security in Application Development and Automation Discussions

Transaction Variant & Security

Former Member — Tue, 18 Nov 2008 21:44:25 GMT

I created transaction variant 'ZME52N' from origianl transaction 'ME52N'.

This variant is to be used by a specific group of users. Those users must not execute the original transaction 'ME52N'.

Could someone tell me how to do this?

Thank you,

Nizar

Re: Transaction Variant & Security

Former Member — Tue, 18 Nov 2008 23:06:44 GMT

Please approach to basis person,they will surly will able to do this.

Re: Transaction Variant & Security

Former Member — Tue, 18 Nov 2008 23:23:05 GMT

Basis has no answer! Does any one know if the variant name is visible anywhere in the transaction and if yes, where?

Regards,

Nizar`

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 00:25:53 GMT

ask your security person to build a roile based on these transaction codes, and provide only theh Z one to the users, not the standard one

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 02:08:12 GMT

Hi Nizar,

U just find the correct User-exit or BADI and write the code like this..

if sy-uname ='''''' and

write the code for authoirzation check.

screen-input = 0.

else.

sreen-input = 1.

endif.

Thanks,

srii..

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 02:11:32 GMT


> Hi Nizar,
> 
> U just find the correct User-exit or BADI and write the code like this..
> 
> 
> if sy-uname ='''''' and 
> write the code for authoirzation check.
> screen-input = 0.
> else.
> sreen-input = 1.
> endif.
> 
> Thanks,
> srii..

This is the Ugly why of coding.

Imagine how many user name we suppose give in if condition?And what if in future some new user id has been created?every time we cannot ecpect to go in user-exit and badi to do these changes.

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 04:18:13 GMT

HI,

For authorization related Issues contact your Basis Administrator, they will create the User profiles and roles.

Thanks,

Sriram Ponna.

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 04:40:29 GMT

Any Different language we (Me and MxG) used?

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 05:03:27 GMT

Hi,

there are few thing which you can do.

1. if you want restrict the access to the perticular user, then Basis gut can set the profile.

2. Write user-exit or badi and maintain user names in Ztable who can access.

3. when you create varient, there is one option called User-specific, Tick this check box.

but first option is more reliable.

you can see all variants saved when you click on varient icon.

Hope this may help you.

Thanks & regards

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 17:27:18 GMT

Thank you all for your good suggestions.

The issue still remains that the user who has access to ZME52N must also have access to ME52N (at least at the security level). If we deny him access to ME52N, and he runs ZME52N, SAP message is triggered with 'YOU ARE NOT AUTHORIZED TO RUN ME52N'. And if we give him access to ME52N he/she can enter ME52N directly....which obviously defeats the purpose of the transaction variant concept of creating a variant to restric access to certain fields on the screen.

It would be nice if we can see the variant t-code instead of the original t-code in a BApi or an exit.

ANY SUGGESTIONS?

Regards,

Nizar

Re: Transaction Variant & Security

Former Member — Wed, 19 Nov 2008 17:30:26 GMT

What do you mean?

Re: Transaction Variant & Security

Former Member — Mon, 24 Nov 2008 06:29:31 GMT

I agry with Amith but some time we have perticular user only so that its not a big problem to change the user or adding the user

And if u want to in a right way please see the table:AGR_USERS

Thanks,

srriii..