Need to restrict access to XD02/XD03

Hi All,
I  need to restrict access to some acct group in the search screens for individuals who do not have access to this account group in transaction XD02/XD03.  Other than this group we should not allow to search the screens.
Please guid me if any exit / badi....etc. where i can put this validation.
Thanks.
Raj.

Hi,
Try this link...
Customer Master Maintenace - restriction general data tabs
Regards,
Guru

Similar Messages

  • HT201304 I need to restrict access to Settings on an iPad so settings like VoiceOver cannot be activated while letting them access multiple apps on the device. Is their any way to restrict access to settings without locking the device with a PIN?

    I need to restrict access to Settings on an iPad so settings like VoiceOver cannot be activated while letting them access multiple apps on the device. Is their any way to restrict access to settings without locking the device with a PIN?
    This is so our guests cannot tamper or disable the device. We are already using Apple Configurator but their does not seem to be a way to lock down settings without a PIN.

    There's a lot of restrictions information in Chapter 19 of the 4.2 User Guide.
    http://support.apple.com/manuals/#ipad
    By the way, a more extensive version of the User Manual is available at no charge through iBooks.

  • Need to restrict access to multiple servlet applications on same box

    Hi!
    I have deployed two separate servlet applications to the same IAS. I need
    to restrict access to each application - that is requests from one source
    should only have access to one application and not the other. The web
    server we are using is IIS.
    Should I create a separate IAS to deploy the second application to? Can I
    restrict based on IP - that is port 80 is reserved to application 1 while
    port 81 is restricted to application 2? If so, how do I go about this? It
    appears that the web connector only receives on one port (default 80).
    Any help would be greatly appreciated.
    Sheila

    I see. So do you mean that I can override the port number in the proxy startup script itself? I can try doing that and see if it works fine.
    About Coherence 3.7, yes. I did see that it has some cool features about proxy discovery. But at this point I am stuck at using 3.6 and 3.6.1.
    Edited by: online19 on Jun 29, 2011 5:41 PM

  • Hi guys I need to restrict access to the settings with a passcode but also need passcode for the screen lock due to MS Exchange. Can these codes be different?

    We are introducing iPhonse into the business but have a question regarding security. We need to restrict user access to the settings on the iphone  probably via a passcode. We also need the user to have access to their emails (which when using exchange enforces a passcode). Is this the same passcode that is used for both by default? Because if it is then by allowing the user access to their emails they would by default have access to the code that allows them to change the settings of the iphone?
    Does anyone have any knowledge of this or how I can achieve something similar.
    Thanks
    Paul

    Hi,
    Thanks for your reply
    Could you by any chance provide a few simple steps on how to do this as i not too sure how you differentiate creating a passcode for restrictions and creating a passcode for lock screen?
    Kind Regards,
    Paul

  • Help needed in restricting access

    Hi all,
    Please recommend me a procedure to remove an access from a transaction code.
    The scenario is for transaction CC31-Create Change Request i need to remove the access for a set of users the "Approve ECR" status that which appears in the Set Status page.
    Kindly send me your valid advice.
    Expecting your kind response
    Vineeth

    Hi Ashok,
    Thanks for your quick reply, but my problem is not solved yet.
    I created a role with the T-Code CC31, searched for the field "RLKEY".
    When trying to remove the CHECK from the GlobalReleases option the option is not working. I am neither able to choose any of the options or remove the checked option.
    Hope you understand.
    Though the field "Release Key for Change Master" is kept open, the user assigned has the access to the "APPROVE ECR" task.
    I am not able to understand the concept of RLKEY's is there further need for options through customization?
    Can you please explain.
    Expecting your kind response.
    Vineeth

  • Cisco WLC with ISE - need to restrict access during non-business hours

    Hello,
    We have a requirement to turn off our wireless during non-business hours.  We have a 5508 WLC with ISE.  What is the best way to accomplish this task?  
    Thank you in advance.
    Beth

    Aside from Steve's respond, there are several methods of doing this and this will all depend on how complex your network is and how technical you want to do this.  
    1.  As what Steve said, use PI and you can define several schedules when to turn off/on the SSID; 
    2.  If you have corporate access, you can use AD to schedule non-business hours; 
    3.  If you have Cisco PoE switches, you can enable EnergyWise to power off the APs; 
    4.  If you manage your core network, you can enable time-based ACL to disable the default gateway of the dynamic interface which is attached to your SSID.  
    The most "destructive" method is option #3, because there are chances that your AP won't power up properly, if not power up at all.  

  • How to restrict access to views for some users in the app?

    Hi SDN!
    I have an WD application wich embedded in the portal. Appication has 2 iViews (and 2  pages respectively). These iViews consist several views connected with each other (e.g. one view provide list data, second view is add/edit form for this data). I need to restrict access for some users for view with add/edit form. I can't make separate page for this view.
    What I've done:
    1) create yet another UIContainer for this view in main window and embed view to this container. It was be done for create separate iView for form.
    2) in the portal I create iView for this form but don't embedd in any page.
    When I try to call my form from list data (that is one iView from another) I get exception:
    <b>com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: duplicate usage of view .MyCarRentalAddCity</b>
    Is there a way to get needed functional?
    Thanks,
    Lev

    Hi,
    do you need to remove the IView from the portal menu or do you just want to make a View container in your WD application invisible if the user doesn't have the rights to see it.
    If so, you could create your own roles on the app server:
    You need to create a new class that extends NamePermission like:
    import com.sap.security.api.permissions.NamePermission;
    public class ApplicationAccessPermission extends NamePermission {
               * @param name
              public ApplicationAccessPermission(String name) {
                   super(name);
               * @param name
               * @param action
              public ApplicationAccessPermission(String name, String action) {
                   super(name, action);
    Also, you have to create an Action.XML file that looks like this:
    <BUSINESSSERVICE
         NAME="com.vendor.administration">
         <DESCRIPTION
              LOCALE="en"
              VALUE="actions view usage"/>
         <ACTION
              NAME="View Permission">
              <DESCRIPTION
                   LOCALE="en"
                   VALUE="Show view"
                   />
              <PERMISSION
                   CLASS="com.vendor.utilities.ApplicationAccessPermission"
                   NAME="ShowView"
                   />
         </ACTION>
    </BUSINESSSERVICE>
    If you have created these to files in your packages, you can access this function like:
    IUser user ;
    try {
              user = WDClientUser.getCurrentUser().getSAPUser();
              if(user.hasPermission(new ApplicationAccessPermission("Show view"))){
                   wdContext.currentV_UIElement().setViewVisibility(WDVisibility.VISIBLE);
              }else{
                   wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
         }catch (WDUMException e1) {
              wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
                    e1.printStacktrace();
    You have to bind the ViewVisibility attribute of the context to the View Container you want to hide.
    The applicationAccessPermission you defined in the XML File will be visible in the UME Manager of you J2EE engine. With this action you can create a new role and group that you can map to the users that should see you view.
    But, the exception you get is because you have embedded one view twice, which is not possible.
    Hope this helps.
    Regards,
    Dennis

  • Restricting Access Based on IP Address

    I am wondering how Oracle Identity Management lets us check if the request comes from a specific IP Address before authentication. I need to restrict access to web pages for a username or role to a certain location and IP address, in fact a bank branch.
    Please note that I don't want to limit access to the server to one IP address in general, but I need to let in a pair of (IPx,Usernamex) in other words bind IPs and identities.
    Any suggestion for this?
    Thank you
    Regards,
    Farbod

    Hi
    Sorry for not answering until now but I have been busy the last couple of days.
    You need to implement this functionality on the first node in your system so that you can get the originator IP. If your application server is behind something that changes the originator IP you will simply not be able to read the IP and the approach of using SSO call outs will not work. SSO call out will only work if the app server is placed in front.
    If you have a load balancer in front you will need to install a reverse proxy of some kind in front of the load balancer. If you have the money for licenses I would recommend looking at OAAM.
    What you will be building is basically a SSO setup so as long as the SSO system supports your authentication scheme and has an SSO plug in that supports your app server you will be fine.
    If you have plenty of time but little license money you might want to look at building something based on Apache and Mod_proxy or mod_security. I did a little bit of work on this back in 2003 but it doesn't seem to be a common pattern today so I am not sure how viable this option is.
    Hope this helps
    /M

  • Is there a way to restrict access to who can change the TVARVC table?

    Hi experts,
    We have a requirement where we need to restrict access to who can maintain the variables in tvarv table.
    How do we go about it?

    Hi,
    We had kind of a same scenario. We have table where we enter the Average Item values week wise. We wanted to restrict change and delete access to users for the entries which has already been saved. For this purpose we had created an ABAP program in the "Table Maintenace Generator".  The basic idea about this program is when you create an entry in the table or delete it, a specific event generates. We check the event id whether its "delete" or "change" on the click of save button. If it is Delete or Change, then an error message will be generated saying "You dont have authorization for deleteing or changing the data".
    You can try this approach.
    - Jaimin

  • Restrict access on login to some users

    Hi
    I'm building an appllication for internal use and i need to restrict access to some users... Is it possible to do that during login, considering that the authentication scheme selected is "Database Account"...?
    I thank in advance all your replies!

    Hi
    Thank you for your reply.
    I liked your suggestion of setting a condition on the login process on logon page and it's exactly what i want... But it's not working... If i set the condition when the login button is pressed, no one enters the application... If i don't set it that way, all users enter, including the ones on the "exclude list"... I'm using condition type ="SQL Expression".
    What might i be doing wrong?
    Best regards

  • Restrict access of "domain user" to specific computer

    I need to restrict access of "domain user" to a specific computer in the domain/
    I try to Do it by using "Active Directory Administrative Center"
    In Computers\Computer name\Properties\Extensions\Security
    I add the name of user and I marked deny to all and I canceled inheritance
    And yet the user can login to the computer
    I searched Policy that contradicts the security and I not found.
    With the "gpo" I was able to block, but I need necessarily used the Security
    Because of Security can be partial restriction.

    Hi,
    Based on your description, I understand that you want to allow some certain users to access specific domain
    computers.
    Please open ADUC (Activity Directory Users and Computers) and click User container. Then select that specific
    user account, open its Properties and navigate to Account tab. Please click
    “Log On To…” option to open Logon Workstations panel. In Logon Workstations panel, please change
    This user can log on to: All computers to The following computers. Then type the specific computer names. Please check if this can help you to achieve target.
    If anything I misunderstand or any update, please don’t hesitate to let me know.
    Hope this helps.
    Best regards,
    Justin Gu

  • Restricting Access but still allowing acces to Java Apps

    I have a university lab that needs to use a Marching Band charting program that was written in Java. It uses the Apple JRE. I heavily restrict application access on these Macs and I can't get the Java app to run as the check box will not stick under User Limitations.
    The company says that this is an Apple bug because the User Limitations restricts access to the JRE and Java only apps won't run.
    Does anyone know a way around this? I need to restrict access but they need this app.
    Thanks,
    David

    I can't help with the mail problem, but you can always disable autologin via System Preferences->Accounts. That will prevent anyone from logging in without the password. If you have other admin accounts, either delete them or make them nonadmin accounts. To prevent anyone from booting the machine with an install disk or external HD, set an open firmware password. See http://docs.info.apple.com/article.html?artnum=106482 for details.

  • Hi, I keep getting this message: Creative Cloud attempted to access a secure website, Parental Controls restricts access to secure websites. To add this website to your approved list, click Add Website. To do this, you need an administrator password.

    Hi, I keep getting this message: Creative Cloud attempted to access a secure website, Parental Controls restricts access to secure websites. To add this website to your approved list, click Add Website. To do this, you need an administrator password.
    what is this? what password do i need?
    I am trying to download Creative Cloud but it not working?

    Tamaro34896425 the error message you have posted appears to be related to the settings of your security software.  You can find guidance on how to configure software firewalls at Sign in, activation, or connection errors | CC, CS6, CS5.5 - http://helpx.adobe.com/x-productkb/policy-pricing/activation-network-issues.html.  You can find a link to the list of secure servers that the computer will need access to.

  • SSH login- how do I restrict access to a shared folder?

    I have created Shares in WGM for SMB and AFP access on my OS X 10.4.8 Server. However when I connect via SSH it's not restricting access to the folder based on the User Name I login with- I see the entire volume! How do I restrict access to a specific folder based on a user name setup in WGM? ACL's?

    Hey George,
    It sounds like you are trying to limit ssh/sftp users to a specific area, aka jails. The FTP server lets you 'chroot' users to a certain area making it appear as the root thus preventing them from navigating up the hierarchy, which is what I think you, and me and many others are trying to accomplish.
    The ssh compiled into OS X is missing this very needed feature. There have been a few documented workarounds, but they've either been too insecure or too clunky for me.
    I've dealt with the fact that my users can get to the root of the hard drive, and have just been very careful about my privileges (by using ACLs), thus preventing them from getting inside areas they shouldn't.
    There's a good write up here: http://www.schwie.com/brad/macosxsftpchroot/ and if you include the term 'chroot' in your searches, you should find a bit about it here too.
    And Roger, I think George meant the file sharing protocol used by ssh. man sftp.

  • How can I restrict access to add. internal hard drive by account?

    Hello! Okay, so I am my computer's administrator, and I have a secondary 'guest' account that anyone else can use. So, I know that all my data on my main, OS hard drive is secure from the guest account accessing it, but what about the additional hard drive that I have installed?
    I have a good deal of sensitive data and files stored (and aliased) on my second internal drive that I do not care for 'guest' users to stumble upon. How can I restrict access to the secondary storage hard drive from my Guest login account, and/or just plain hide it from it? Surely, there is a need for this that has brought about a solution. Any tips/advice/solutions?
    Thanks!!!
    =)

    Click here and follow the instructions followed by placing the folders and files on the image; if the password is in the keychain, it will be supplied whenever you're logged in.
    (41018)

Maybe you are looking for