Solved: Autorizations to execute programs in background

Former Member · ‎2011 Sep 16

Hi Gurus,

I need to permit to the final users to execute programs in background, but only for specific programs. This means that I need to grant authorizations for scheduling jobs and probably to SM36 transaction but the user can only schedule jobs for a specific program contained in the job. I think with the standard authorization objects this is not possible. Anyone with any ideia to do that?

Thanks

PJP

murtuza_chhatariya · ‎2011 Sep 16

I think in the start of every program, authorization can be checked manually and if user is allowed then proceed else throw error. custom table can be created to store the permitted user ids.

Thanks,

Murtuza

murtuza_chhatariya · ‎2011 Sep 16

I think in the start of every program, authorization can be checked manually and if user is allowed then proceed else throw error. custom table can be created to store the permitted user ids.

Thanks,

Murtuza

Former Member · ‎2011 Sep 16

Hi Murtuza,

Thanks for your reply

What do you mean about checking authorizations in the start of every program? I think we can do that for the Z programs, but how can we do that for the standard ones?

Regards,

pjp

Former Member · ‎2011 Sep 16

Whats the standard program you are running? can you please elaborate more?

if its a Z program, then using authority-check you can make sure the authorization for the users. if its some Report writers or so, then you have exits where you can check the authorizations.. whats your case?

Thanks,

Sam.

murtuza_chhatariya · ‎2011 Sep 16

Oh yes, I thought about custom programs only.

In other case, programs and its t-codes have authorization objects. What's the issue with Authorization objects defined in attributes?

Former Member · ‎2011 Sep 16

Hi Sam,

Thanks for your answer.

At the moment I don't have yet all the requirement from the client, but I think they don't want to do that for a specific program. They want something like that. Once a user needs to execute a program in backgroud or schedule a job, they need to check if the user can do that. I can not do this by authorization program because the user, for example, can have permitions to execute the program or transaction in dialog mode.

Regards,

pjp

Former Member · ‎2011 Sep 16

Hi Murtuza,

Please read the message that I have sent to Sam.

PJP

murtuza_chhatariya · ‎2011 Sep 16

I agree with Sam,

User-exits are the best option, check for sy-batch EQ 'X' and then check for authorization of the user.

Let me check for other options if possible.

Thanks,

Murtuza

Former Member · ‎2011 Sep 16

Hi,

You can take help of your basis team. SAP has given some standard authority objects.

[Please look into|http://help.sap.com/saphelp_nw04/helpdata/en/5f/ff2138faeb3807e10000009b38f889/content.htm]

Shiva

murtuza_chhatariya · ‎2011 Sep 16

I guess there is some authorization configuration by which one can restrict that user can schedule a job or not.

Now create one user id specifically to run background jobs. And give that user's login details to those users who are permitted to schedule background job. No user can directly schedule job from his/her own id.

Little bit odd solution

Thanks,

Murtuza

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Autorizations to execute programs in background