Include Custom transactions  GRC ruleset

Similar Messages

• XMII - How to include custom transactions into services.... ?

  Hello XMII Gurus:
  We have done some customization in XMii to develop custom transactions. Now the dilemma is how to give end users access to these new transactions. Working with the developers I see that you can have URLs associated with these transactions, but I am looking for a way to associate a transaction with a service, so that it can be included in a security role, which in turn can be assigned to a user.
  Any help is much appreciated.
  Regards,
  KT

  Jamie:
  I have a custom URL transaction in place, works fine with a USER-ID which has the SAP delivered XMII Developer security role assigned. What I am trying to figure out is the service within the XMII Developer role which makes this possible.
  For this, I made a custom role in UME and assigned it all the services which were under the developer role, and to my surprise it didn't work. I have also taken care of the reader/writer role assignment to transaction through the workbench.
  Do you know why this is happening, am I missing something here?
  Regards,
  KT

• Custom Transaction using RSDMD to go to MD Screen Directly

  Hi,
  I have created a custom transaction for Master Data Maint. which uses RSDMD and the InfoObject name.
  By using this custom transaction I can reach to
  the screen to filter the records. Here I click on
  execute (F8) to reach the actual data.
  I used SHD0 to create this custom-transaction.
  How do I include the "execute / F8" functionality in my custom transaction, so that when I use custom-transaction I can go directly to the data.
  Would appreciate your help.
  Thank you,
  Pramod.

  Hi Mark,
  Your design of going for Name01, Age01 , Date01.....
  is absolutely correct. Stdandard SAP even does the same thing.
  Regarding the dump...you can do one thing..try referring
  standard infotypes which uses table control like Basic pay infotype 0008.
  If you get any help from there then its fine..or just post send the dump analysis (point 3 of dump) to forum i guess from that definitely we can conclude at the reason for dump...
  Enjoy SAP.
  Pankaj

• In LSMW how to include customer fields in BAPI method ?

  Hi all,
  We have a requirement to use BAPI method in LSMW. We have some custom fields defined needs to be handled in BAPI structures.Please tell me how to handle BAPI extension structures(EXTENSIONIN/OUT) in LSMW.

  Hi Venugopal,
  You can use the sold to party field fiield for your requirement.
  Press f4, you will get a pop up to select customer depending on various selection criteria including customer name.
  If can enter the customer name, which will sort out the sold to party number whihc you can use.
  If this is not wat is required you have to copy the transaction and create a new Zreport.
  Hope this helps you.
  Thanks
  Arun

• How to include Customer Name in VA15N

  Hi All,
          The standard report VA15N does'nt include customer name.User wants the customer name aslo to be included in the report.Kindly suggest how to include the customer name in the standard report or any other alternative.
  Regards,
  Venugopal

  Hi Venugopal,
  You can use the sold to party field fiield for your requirement.
  Press f4, you will get a pop up to select customer depending on various selection criteria including customer name.
  If can enter the customer name, which will sort out the sold to party number whihc you can use.
  If this is not wat is required you have to copy the transaction and create a new Zreport.
  Hope this helps you.
  Thanks
  Arun

• Custom transaction attached to SAP delivered code

  HI
  We have a requirement that all custom program and transactions are secure. Usually we have the developers add an auth check statement to the program and add that check to the custom t-code in SU24.
  today I have the situation that we are using SAP delivered code and attaching a custom transaction. Since we don't want to modify the SAP code, how is it possible to get any check on the transaction? I know that SU24 won't force the check unless the program is changed. So is there any way to have any type of auth object checked? Or is this a situation where no check would be needed and no objects added to the role when the new tcode is added? (SE93?)
  Hope that makes sense!
  Thanks
  Bobbi

  Here is where I run into problems. I am not a developer and have a hard time reading the code. This particular report is to display vendor address data. As far as I can tell I do not see anything that appears to be authority checks.
  This is the top level of the code:
  report AQZZZVEND=======ZVEND_ADDR====.
  include /1BCDWB/IQG000000000055DAT.
  data %dtab type standard table of /1BCDWB/IQG000000000055 with header line.
  data %subrc type sy-subrc.
  include /1BCDWB/IQG000000000055SSCR.
  include /1BCDWB/IQG000000000055SSCRAT.
  start-of-selection.
    if %runmode-extr_on <> space.
      call function '/1BCDWB/IQG000000000055EXTR'
           tables     %selopt = %seloptions
                      %dtab   = %dtab
           changing   %rtmode = %runmode
           exceptions no_data = 1
                      others  = 2.
      %subrc = sy-subrc.
      call function 'RSAQRT_CHECK_EXTR'
           exporting extr_subrc = %subrc
           tables    dtab   = %dtab
           changing  rtmode = %runmode.
    endif.
  end-of-selection.
    if %runmode-show_on <> space.
      call function '/1BCDWB/IQG000000000055SHOW'
           tables   %dtab   = %dtab
           changing %rtmode = %runmode.
    endif.
     special code for old API and BW extractor calls
  form %set_data changing p_lines type i.
    import ldata to %dtab from memory id 'AQLISTDATA'.
    describe table %dtab lines p_lines.
    free memory id 'AQLISTDATA'.
  endform.
  form %get_data tables p_dtab  structure %dtab
                 using  p_first type i
                        p_last  type i.
    append lines of %dtab from p_first to p_last to p_dtab.
  endform.
  form %get_ref_to_table using p_lid   type aql_lid
                               p_ref   type ref to data
                               p_subrc type i.
    if p_lid = %iqid-lid.
      create data p_ref like %dtab[].
      p_subrc = 0.
    else.
      p_subrc = 4.
    endif.
  endform.
  ================================================================================================
  The abaper doesn't seem to understand what  I am asking of him so I am stuck. It appears this custom transaction will go in without any checks on it unless you can perhaps advise me on how to proceed. Any help is appreciated.

• Add a custom tab to include custom fields in Shipment Screen (VT03N)

  Hello every one,
  We have a requirement to add a custom tab to include custom fields in shipment header.
  Can any one of you help me on this?
  Thanks in advance !!!
  Regards,
  Ganga

  Hi Ganga,
  This is the question of customer exit....you will get very good links on the forum itself...but i can give you some hint:
  1. fing out the package or program name for the transaction(by gng in the setting)
  2. go to se84 and in the enhancement->customer exit tab...with the help of pkg name got above find out the various enhacement for this tcode.
  3.find out the appropriate one by putting in the break point.
  4. You can get an exit with a screen exit where you will create your own screen(with the custom field if.....then you have to append them in the table) or with the std fields.
  5. there you will get the fm exit for PBO and PAI as well.
  Hope this might help you in solving the problem.
  Pooja

• Custom Transaction code .... back ground run

  Hi All,
  We have custom transaction ZPRS(Module pool program)... which contains selection screens ..
  usually user run give the values on selectin screens and press submit.. it displays the list of values on table control..
  But user asking instead of table control .. after selection screen input they have run in BACK GROUND.
  Please suggest how to that... I know submit is for executable program,...
  Thanks...
  reddy.

  >
  Dave L wrote:
  > so, a little very basic analysis here....
  The first bit of analysis would include looking at the date of the initial post
  Rob

• New Z tcode which calls BAPI - add this to GRC RuleSet

  Hi,
  There is a development currently underway in house where a z transaction has been created which calls the BAPI:
  BAPI_ACC_GL_POSTING_POST
  I have been asked to add this transaction to the GRC RuleSet but i don't think there's any point in doing this yet as i don't feel the z transaction is calling an authority check in the right way.
  When i trace the test user, or check the transaction in RSABAPSC, i cannot see any posting activity taking place i.e. i cannot see ACTIVITY 01 being called anywhere.
  The developer added the FM Z_AUTH_BUKRS_FROM_BUKRS at my request but i think he should go further and add a check with an ACTIVITY 01. Only then will GRC be able to properly analyse this tcode for SOD violations because as-is, it's not calling enough.
  I hope i have explained this in enough detail.
  Has anyone come across an issue like this in the past? Any advice greatly appreciated.
  Regards,
  Colin

  Hi Colin
  You can still define your function but you do need to clarify what the checks should be. At the moment, your function defintion would be the S_TCODE for the Z transaction.
  However, if you just define it like that and there are additional checks then you increase the level of false positives. If there isn't then you are right that the code still needs to be hardened
  As you have mentioned a Z authority check none of us can comment on the security. Did you run a security trace on the Z transaction with the BAPI to see what is checked? How has the developer coded the authority check.
  I would push back if there is insufficient checks from a security point of view. But if the Z transaction activity forms part of a risk and is available to end users you should capture it and then start the remeidation/mitigation processes.
  Regards
  Colleen

• To restrict a user from using a custom transaction

  Hi,
  I have a created a custom transaction  ZTEST. Now i want only a few users to use this and not all. How can i achieve this. I see an authorization object in the SE93. But can anybody explain me in detail regarding the same ?
  Regards,
  Pramod

  Hi
  We can use authorization to restrict the access to a perticular transaction. Permitted Activity configurations are performed into it.
  Before a User can be granted permission by the Authorization Object, the User’s Master Record is assigned a Role, which includes a Profile.
  The Profile contains what is simply called the Authorization and is where the specific data for the Authorization Object’s field is assigned to the configured Permitted Activity.
  You need to create a role or modify any existing role, using t code pfcg . On the authorizations tab in “Maintain Authorization Data and Generate Profiles”, press the “Change Authorization Data” button.
  On the next popup screen named  “Choose Template”, select the “Do not select templates” option.
  Press the button “Manually”, and enter the authorization abject attached in your transaction.Select the Tick button to continue.
  Expend all the nodes.
  Press edit icon  or line 'activity'. and choose the one which you want to allow to user.
  Generate the Authorization using the generation.
  Now all the users who has a role attached which you edited or created, will not be able to execute that t code.
  go to t code su01 to attach role to perticular user.
  Regards
  Vishal Kapoor

• Uploading Critical Permissions in GRC Ruleset

  Hi Everyone ,
  I am trying to upload the critical permission for my GRC Ruleset and need some guidance here. I have already uploaded all the files and my system can perform risk analysis for SOD and Critical actions .
  Now I have identified the critical permissions for my system and have created the Function_action as well as Function_permission notepad files for upload. I have replaced the tcode information in these files with ^! so that system understands that its doesnt have any action. I just kept all the function id's and have added all the Auth objects with replacing tcode tab with ^!.
  I just want to confirm if uploading these files would make this work or if there is any other step that is required to have this work.
  Thanks guys for all your help .. Appreciate your guidance.   
  Vikas

  Hi Raghu ..
  Thanks for your reply .
  I am not modifying any SAP delivered xml files , i was just trying to make changes to my rule set to have critical permission added to it.  This issue is now resolved however let me explain so that everyone our here in forum is aware of the procedure.
  I was trying to upload these critical permissions in GRC 10 Box . Manually creating 100+ functions and then creating risks mapped with them doesn't make sense as it would have taken a lot of time so i updated my existing rule set to have these critical permissions updated .  I exported my rule set from the system and added new function's to Function_action and function_permission data with " ^! " in place of Tcodes so that system doesn't consider this value while doing the analysis at critical permissions file . After updating my existing rule set i used the Overwrite option as my ruleset has my existing working functions plus the changes that i have made to include critical permissions. So  , Its working fine now and i was able to do the analysis .
  Sap Note 1225227 was very helpfull here.
  Vikas

• Summary of Customized Transactions - please help

  Hi gurus !!! I am not a technical guy but I am pretty sure that there should be a way to get it. What file(s) can I use to get a list of all Customized Transactions and Customized Reports with the last date of use. It might be helpful for me to include a column for the module in the list as well (SD, MM and so on ).
  Any other suggestion to get the list will be greatly appreciated. Basis people already sent me a list but I just want to be sure that we are not missing any customized object (transactions and reports).
  Thanks in adavance.
  Marco.

  In case you want the Z T.Code details...i.e. when exactly they were last used, then you need to approach to BASIS guys...as whenever a T.Code is executed, it goes & creates a log in some tables.. like as in structures (i am not knowing the exact details)...they will be the best resource to provide you that information...normally...they are refresing that data by a T.Code..say after 1 month..or 2 months...so u better ask them.
  Reward points if it helps,
  Regards,
  N

• GRC Ruleset for Logistics (IS-D, IS-M)

  Dear All,
  I'm working on a GRC Implementation project & need GRC Ruleset for IS-Media & IS-D (Circulation) Modules. As No Standard rulset is available for these modules, any guidance on Custom ruleset will be of great help.
  Regards,
  Sudhakar S

  hi Nathan,
  SAP provide pre defined rules as text files in 5.x and as BC sets for activation in 10.0. You should be able to find the BC sets within your system (should contain the words GRAC and RULESET). Over the years the rule sets delivered by SAP have been updated and refined, but majority of the rules defined have remained the same as a whole.
  From these pre delivered rules you should be able to compare the "standard" definition to your custom rule definitions.
  I Hope that helps.

• Creation of custom Transaction for confirm goods in SRM

  Hi Experts
  i need to create a custom transaction same as standard one  for confirm goods/servics in SRM portal.
  In sap GUI, the transaction is BBPCF03
  Can you please suggest any good sources where i can learn to Custome Tcodes for my requirement
  Thanks in advance
  Edited by: kittu reddy on Nov 19, 2008 7:27 AM

  Hi Hussaini,
  Here are the steps.
  1> Customization needs to be completed in SPRO. Logistics Execution -> Mobile Data entry section. Also compare entries with LM01 for understanding.
  2> In the 'Define menu management', you can create dynamic menus. For Menu or transaction type, if you enter "1", a menu appears; if you enter "2", a transaction appears. Custom transactions can be created and assigned here.
  Once that is done, when you execute LM01 you will see your custom transactions come up. Make sure that these are created keeping in mind the RF device screen size and limitations.
  Regards,
  Anand.

• How Can I Include a Transaction in Maintenance View

  Hi All,
  Can anybody help me on how can I release transactions to be available to the end user by putting it in maintenance view? There is a request to include the transaction S_ALR_87001487 into the maintenance view put I need to know how can I achieve this.
  Thanks,

  Hi Ahmad,
  Can you please explain clearly.
  Are you asking us on how to create a maintenance view for transaction S_ALR_87001487 . You can create a Z transaction of similar attributes as that of standard one and give authorizations for the ztransactions for which user will be allowed to edit.
  Regards,
  Gautham Paspala