2012 Sep 25 3:06 AM
Dear Experts,
When we execute T-code SQVI, we get access of T-code-> SQ01 (sap query tab) on homepage of SQVI. We want to restrict access of SQ01 while executing SQVI. I need to create a role for transaction SQVI with restriction of SQ01. If users click on tab "sap query", they should get message of " no authorization".
we use SQVI (QuickViewer) to compare the database tables without using other external toolslike excel to compare.
Also, I tried to dectivate objects s_query & s_translat, but no success, still users can execute it !!!
Please suggest????
2012 Sep 25 9:19 AM
Hi Sumit,
If you created a role containing only the SQVI, edit the related authorizations objects or activity that can be done by SQ01.
This is in PFCG->enter role->authorizations Tab- edit. Find the authorization objects related to it and limit activity.
Cheers,
Rod
2012 Sep 25 8:48 AM
2012 Sep 25 9:19 AM
Hi Sumit,
If you created a role containing only the SQVI, edit the related authorizations objects or activity that can be done by SQ01.
This is in PFCG->enter role->authorizations Tab- edit. Find the authorization objects related to it and limit activity.
Cheers,
Rod
2012 Sep 26 3:09 AM
Dear Rodel,
If we create new role with T-code-> SQVI, it adds only one object i.e. is S_TCODE (which contain SQVI only), so no authorisation object get added in that role except S_TCODE.
How can i modified?
2012 Sep 26 4:20 AM
Hi Sumit,
Whenever you add a tcode in a role, there should be changes that are marked New. You need to click the New button to check what are the new objects added or created. From there, you can modify.
Cheers,
Rod
2012 Sep 26 5:51 AM
Dear Rodel,
Please see below screnshot
Request you check from your end also.
2012 Oct 05 1:05 AM
Hi Sumit,
It seems in your role structure, it is not prposing the auth. object S_QUERY. You need to go into T-code S_QUERY and maintain the indicator yes for proposal for this T-code . Once you will do this and will add this T-code SQVI in your role, it will add onr more auth. object S_QUERY in authorisation tab addition to S_TCODE.
You need to maintain the vaule for activity in this auth. object only translate and generate the role.
Now try to run the T-code SQVI and if you will click on SAP QUERY it will not allow you to go into that. It will give authoriation error.
Please try to do it and let me know if there is any issue.
Thanks
Varun Jain
2012 Oct 05 4:13 AM
Dear Varun,
Thanks a ton, Problem resolved we are able to restrict SAP query from SQVI
2012 Sep 26 10:38 AM
Hi Sumit,
I have tried replicating your problem and yes, I get the same problem on the SQ01.
I believe that SQ01 and SQVI have the same functions and whoever have either of the two will not be restricted in either SQ01 or SQVI.
If you can raise an OSS message regarding this, please do so.
Cheers,
Rodel
2012 Oct 04 11:38 PM
Hi Sumit, Are you adding SQ01 just to pull in the authorization objects required for SQVI into the role? If so check SU24 to ensure S_QUERY is proposed for SQVI.
Best Regards,
Janardhan