How to restrict users from creation of varients in report transaction

Hi All,
I have a requirement where buisness wants to restrict users in creating varients in report transactions.because of create options users will be creating more screen varients which will be disturbing for the other users to select a particular standard varient.Kindly give ur input regarding this
With regards
Girish A

Hi,
First edit the role assigned to users using PFCG.
Then go to Authorization tab and click on "Change Authorization Data".
It will opened up the profile of the role. now find the authorization object "S_PROGRAM".
In that edit "User action ABAP/4 program" object.
Remove "VARIANT" check box if it was checked and save. Now press
Generate button or "Shift+F5".
That's it.
You can ask for this to your basis team. They can perform this task  easily.

Similar Messages

  • How to restrict users from printing documents and exporting to local file

    Hi SAP gurus,
    I have two questions.
    1. How can I restrict users from printing a document? i.e. billdoc? I would like to know if I could block it though authorization. If yes, what auth obj to use?
    2. How to restrict certain users from exporting to local file? the System> List>Save-->Local File. I have tried restricting it using auth object S_GUI but it seems it is only applicable to older versions of SAP. im on ecc6.
    Thank you in advance.

    Hi,
    Check this:
    Create your own gui status and attach it to the list in the event START-OF-SELECTION.
    In the menu painter extra -> adjust template.
    Make it a list status and you will see all the standard list options appear including list->download
    Deactivate the ones you don't want. 
    If you just want to prevent users from downloading the list you can achieve this with authorization object S_GUI, activity 61. Menu option will still be there though.
    Please note that if you remove authorisation for S_GUI activity 61 then all downloads will not be possible. 
    If you just want to disable downloads only for a particular report, you can try this test program:
    Code:
    REPORT ztest. 
      DATA: PROGNAME LIKE SY-CPROG value 'Z_CHECK_AUTH', 
            FORMNAME LIKE SY-XFORM value 'F_CHECK_AUTH'.
    START-OF-SELECTION. 
        CALL FUNCTION 'SET_DOWNLOAD_AUTHORITY' 
             EXPORTING 
                  FORM    = FORMNAME 
                  PROG    = PROGNAME 
             EXCEPTIONS 
                  OTHERS  = 1.
      WRITE: / 'TEST'.
    You also need this:
    Code:
    PROGRAM z_check_auth.
    FORM f_check_auth USING pe_result TYPE i. 
      pe_result = 5. 
    ENDFORM.
    Also have a look at the exit SGRPDL00.
    Hope this helps you.
    Rgds,
    Raghu

  • How to restrict users from saving a transaction in PCUI

    Hi Experts,
    I am working on a requirement where in I have to restrict the user from saving a followup up transaction if an order already exists for the same,in PCUI.I am able to display the error message in the PCUI screen but unable to restrict the user from saving the transaction.
    I have implemented the CRM_COPY_BADI ,copy method to check the item copy and populating the message from there...The requirement is fulfilled in GUI by giving a abandon message which restricts the user from saving the transaction.but in PCUI the abandon message is not working..So is there any way to deactivate the save button for a particular transaction in PCUI and this is to be done from within the CRM_COPY_BADI..
    I would sincerely appreciate any help provided on the issue..

    We can do this by populating an error message in the Application log

  • SM58 - How to restrict users from viewing all the idocs?

    Howdy,
    The users want to be able to use SM58 to view any idocs that have failed. Unfortunately they currently can access the IDOCS of all countries, in addition to their own country. Does anyone know how we could restrict them?
    Or if there another transaction that we could ask them to use?
    Many Thanks!

    Hi,
      You can restrict by the Transactional RFC Destination which should be different.
    regards
    Aveek

  • How to restrict users from uploading malicious files(exe, dll,etc) & limit file size in a webform

    Hello, please i have a file atachment field in a form on my site. I want to restrict the size of the file that can be uploaded and the type. It's a vacancy page and I want candidates to only upload doc and pdf files. I want to also limit the file size to 50mb only. How can this be done within the BC system.
    Thanks.

    The file extension can't be trusted, like the mime-type it can be faked by a malicious user. Also this method can just be avoided altogether by anyone who has javacript turned off. Using javascript for this is not even remotely secure.
    Isn't there a way to allow file uploading but specify a whitelist of filetypes (preferably checked using byte headers or some effective method) somewhere in admin?
    Liam Dilley wrote:
    Hey there,
    You can do the file extension with jquery for example. The basic aspect of that is:
    var ext = $('#my_file_field').val().split('.').pop().toLowerCase();
    if($.inArray(ext, ['exe','dll','jpg','jpeg']) == -1) {
        alert('invalid extension!');
    So what is hapepning there is that it checks the value of the field when someone has added the file and checks the file extensiona and produces an alert but you can do as you need.
    You could run this on hover of the submit button, on change of the actual file attachement field or on click of the submit button in the checks before it submits.
    BC limits files to 100mb anyway so you should be ok on that front, they wont be able to be crazy uploading.

  • How to restrict user from deleting record

    Dear All,
    Kindly share your experience...
    Situation: My client have one SOB, used by several branches. Each branch has its own branch code in Chart of Account (accounting flexfield). Currently, to prevent branch accessing other branch's journal in General Ledger Module, we set account security (segment Branch) for each responsibility. In this way, batch header and journal header are still shared. Branch A still can see branch B's batch header and journal header, and even can delete the journals. This is very risky. Client urges to hide 'delete' icon from the toolbars and menu or disable 'delete' journal function for certain responsibility.
    Questions: how to solve that problem without modifying the form?
    Thanks,
    KC

    You may want to consider using the CUSTOM.pll. Basically its an "approved" way to do Form customization. You will need to understand basic Forms programming.
    Metalink Note 73505.1 is fairly good.
    There's also an OAUG white paper (2000) by Brad Goodwin
    Ken

  • Need to restrict users from adding or modifying folders or reports

    Requirement: Need to restrict users from adding or modifying folders or reports through Info view and to reflect the modifications only thriough LCM.
    Issue: Customer wants to restrict users from adding or modifying existing reports from Infoview and need to force users to do make the changes through Life cycle manager tool.
    As per my understanding LCM can only be used to to promote folders and objects from one environment to another and to schedule the promotion of these jobs on a daily basis.My query is:
    Can we add or modify existing reports or folders using the LCM tool?
    Could you please help me out in this issue and provide me your suggestions.
    Thanks in advance.
    Prashanthi Rayaprolu.

    You can not restrict that using LCM. Need to modify the rights at the folder level.
    Explicitly remove the following rights for the user group,
    Add objects to the folder
    Edit objects
    Delete objects
    Copy objects to another folder (check this if required)
    Once the above four are denied then users wont be able to Edit/Add/Delete reports in that folder.

  • How to restrict users working on Windows 7 clients from accessing Windows Explorer and other systems in the network through Group Policy with a domain controller running on Windows Server 2008 r2

    Dear All,
    We are having an infrastructure setup of around 500 client computers managed through group policy.
    Recently the domain controllers have been migrated from Windows Server 2003 to Server 2008 R2.
    Since this account requires extremely strict environment, we need to figure the solution for restricting the users from access anything locally.
    It would be great if you can assist me with the following query.
    How to restrict users logged on Windows 7 clients from accessing Windows Explorer and browsing other systems in the network through Group Policy with a domain controller running on Windows Server 2008 r2 ?
    Can we disable Network Tab on the left hand pane ?
    explorer.exe is blocked already, but users are able to enter the Windows Explorer by clicking on the name which is visible on the Start Menu.

    >   * explorer.exe is blocked already, but users are able to enter the
    >     Windows Explorer by clicking on the name which is visible on the
    >     Start Menu.
    You cannot block explorer.exe when you do not replace the shell - the
    desktop you see effectively IS explorer.exe...
    Your requirement sounds like you need a custom shell:
    http://gpsearch.azurewebsites.net/#2812
    Martin
    Mal ein
    GUTES Buch über GPOs lesen?
    NO THEY ARE NOT EVIL, if you know what you are doing:
    Good or bad GPOs?
    And if IT bothers me - coke bottle design refreshment :))

  • How to restrict users in separate OU's from seeing each others presence

    We have an Enterprise Lync 2010 server environment in place, and are using msRTCSIP-GroupingID to restrict address book lookups. We are now looking to restrict presence viewing to only user within the same OU. In other words it should not be possible
    to see the presence of a user outside of your own OU, unless that user allows it explicitly.
    It seems that the Multitenant pack for Lync can arrange that, but it's just not feasible to install that when you already have an active Lync environment in production. Is it possible to achieve this separation another way? Maybe with msRTCSIP-TenantId?
    (which is already available in our current schema)

    Hi,
    Using the GroupingID will completely separate the users into unique address books. But searching by SIP URI will always work and you cannot prevent the users from communicating with other Lync users in the same organization. If you want
    to restrict presence viewing to specific users, you can try ABS Configuration Tool.
    http://www.justin-morris.net/how-to-hide-users-from-the-lync-address-book/
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found
    there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
    Kent Huang
    TechNet Community Support

  • Windows 2008 : How to Restrict Users to Copy file from Shared Folder

    Hello All,
    I need to Restrict Users to Copy file from Shared Folder. Please let me know is there any method to achieve this requirement.

    If user have Read permission, they can copy it. So actually you cannot restrict user from copy your files if they could read/edit.
    Some programs could help restrict users from edit/modify/copy the content of their files such as Office files, PDF files etc as Oscar said above.
    TechNet Subscriber Support in forum |If you have any feedback on our support, please contact [email protected]

  • How to prevent users from taking print through ME23N

    Hi Everyone,
    Please guide me for the following query:
    How can we restrict users from taking print through ME23N as through print preview in ME23N user is provided an option of taking print of the document.
    Please guide with authorization object information.
    Please guide.
    Thanks and Regards

    Hi Dear,
                     Consult with ur BASIS person.he can help u ........
    thanks

  • How to restrict user access in Oracle Application Server 10g (9.0.4)?

    Can anybody please let me know how to restrict user access in 10g AS? To be specific, how to allow http requests from specific IPs only?

    Hi,
    You have to edit httpd.conf and modify acces rights for each protected directory
    e.g.
    <Directory /var/www/sub/payroll/>
    Order allow,deny
    Allow from 192.168.1.0/24
    </Directory>
    then you have to restart Oracle HTTP Server
    jm--

  • Restrict Users from saving files on Local PC but forced to Network Shared Location

    Hi,
    We have the Domain in Windows 2003 Standard.
    How can I restrict users from saving files in their Local PC? 
    Also, need to forced them to save the files in Network Location with permissions...
    Thanks.
    ~CoolPra~

    Hi,
    You can create a file screen to prevent users from saving files on a certain volume. File screens are used to block specific types of files from being saved on a volume or in a folder tree. A file screen affects all folders in the designated path. You need
    to update the server to Windows Server 2003 R2 to install the File Server Resource Manager.
    File Screening Management
    http://technet.microsoft.com/en-us/library/cc772675(v=ws.10).aspx
    Best Regards,
    Mandy 
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • How to restrict user to must enter value in compulsory fields

    Greetings !
    I had a personal information form. I want to restrict user to enter values in all fields e.g Compulsory fields (Username, D.O.B etc)
    how i restrict user to must enter value in Compulsory fields

    I created an example on apex.oracle.com
    http://apex.oracle.com/pls/apex/f?p=18686:1:0:::::
    like you see a red staric placed on ID it means it is complusory to enter because it is a primary key, i want this on every field or to restrict user to enter all data , if any field left blank it will give error "to Fill respective field ", but not on creation but on left blank (if user type ID e.g 12 and skip ename field and go on Job field it gives error to fill Ename first)

  • Restricting users from removing EFB paramter

    Dear all,
    We have defined user parameter EFB in OMET to ensure users have reference documents when creating a PO. This EFB parameter is then added to the user profile via SU3's parameter tab.
    However, all users have access to SU3 to define their own set of parameters. With that, we run into the risk of users removing the assigned EFB parameter themselves, thus allowing creation of PO without reference.
    Is there anyway that we can restrict users from removing this parameter or are there any alternatives?
    Thanks.

    Hello,
    Sorry, but there´s no option to prevent the change if the user parameters.
    I could find the answer from a developer:
    "the maintenance of PIDs is designed without any authorization check. The background is that every user should have the possibility to fit his/her own PIDs for daily work.".
    Best Regards,
    Arminda Jack

Maybe you are looking for

  • Java Proxy Runtime:  failure to locate proxy bean on inbound call

    Hello gurus of the SDN, I have been trying to get an inbound Java Proxy scenario to work in XI 3.0 but have not been able to get the JPR to recognize my generated and deployed java code.  My scenario is set up to call the java proxies generated from

  • GR/IR Account assingment

    Hi In GR/IR automatic account assingment, we have to enter 3 accounts 1. Reconcilitation acc 2. Adjustmet acc 3. Target acc What are these accounts means please explain in deteails in accounting terms? Thank you.

  • I'm having trouble connecting my iphone to my itunes on my computer

    So for christmas I got an iPhone and currently, I'm having trouble connecting my iPhone to my iTunes on my computer. If I get on my computer and open my iTunes, I can use it perfectly fine but once I tried to connect my phone to it, it told me the so

  • Change font and font size in a textedit

    Hi, I am using a textedit UI element in read only mode. its getting the value from context attribute. I need to change font and font size ( atleast the later) and make it bold. how can this be done ? plz help...... Thanks Akash

  • Why won't GUI display correctly ?? --URGENT--

    Hi, I am copying the code from my book. For some reason the color doesn't work when I copy+paste teh code into Eclipse. Am I doing something wrong or do I have to enable something in Eclipse options??? I keep getting 2 windows WITH NO TXT and NO COLO