Pymt Terms - Ability to LOCK down Users from Input or Change

Similar Messages

• ME53N Prevent user from making a change

  How do you prevent a user from making a change to a purchase requistion via transaction ME53N?  We want the user to make a change to the purchase requisition using transaction ME52N not transaction ME53N.  When the user is in transaction ME53N and clicks on the pencil to change the purchase requisition we want to prevent the user from making any changes by sending a message or force the screen to go to display mode.  Thank you in advance.

  Sharon,
  I don't believe that your exact requirement can be met with standard SAP.
  However, this is a very odd requirement.  It sounds like you are saying that it is OK for a user to make a PR change in ME52N,  but for the same user it is not OK to make a PR change in ME53N.
  In most companies, if it is not OK for a user to make a PR change in ME53N, it is therefore also not OK for this user to make a PR change in ANY transaction, including ME52N.
  It is a straightforward matter to allow a user access to ME53N and ME52N, but to block his ability to change any PR at any time.  If this  is your requirement, then consult with your authorization team about the authorization objects that are checked in the ME5* series of transactions.  As I recall, it is possible to tailor authorizations (create/change/display etc) by plant, by Purchasing group, by purchasing org,by  document type, etc.
  Rgds,
  DB49

• How to restrict the user from making any changes in Sales order- item level

  Hi to all
  How to restrict the users from making any changes in sales order at item level if the same sales order is released by senior user through status profile.
  Regards
  Anish Parikh
  Edited by: anish parikh on Jan 24, 2008 5:16 AM

  Hi Anish,
  This can be achieved through the roles and authorization.
  This can be done through the basis team. they can create user profiles and roles.
  For the roles they assign some transaction codes so that they can view the only assigned tr. codes.
  Like that ur requirement can be done.
  Also u can prevent the user to change any fields in the sales order screen (VA02). for that please modify the authorisations.
  Hope i answers.
  Reward points if useful.
  Edited by: kaleeswaran bhoopathy on Jan 24, 2008 9:57 AM

• Can we lock down user admin functionality to allow password changes only?

  Hi,
  Is it possible to lock down the user admin functionality so a specific role can only change passwords?
  We have a large user base of >10K infrequent users that are forced to change their passwords every 30 days. We suspect a lot will require password changes and we are keen to not have the tech team spending most of their time dealing with such requests. We would like to pass this task onto data management but not allow them the system administrator functionality.
  We know we can create a responsibility with a limited menu available so the operator can see only the security/user/define menu. But this will still allow the person to add responsibilities to existing user accounts and create new user accounts, both of which are deemed unacceptable security risks. Is it possible to lock down the form as well as the menu? Allowing operators to only change the password of existing users? Or can we use the custom.pll to error when a user tries to do anything except edit the password field when in this role?
  Thanks
  Matt

  You should be able to do that. You would create a new privilege level (ie 7), assign all commands to that level except (this is my guess) the command vpn-sessiondb, you would put that at a lower privilege level (ie 6). Here's a write-up that may help getting you in the right direction.
  http://www.packetpros.com/2012/08/read-only-asdm.html

• Wireless Controller locking down User per SSID

  I am using Wireless Controller 4112. We use WPA enterprise mode for authentication and encryption via Microsoft IAS server and MS AD domain.
  My question is how to lock down a user to a specific SSID? I would guess that this is via some vendor specific radius attributes, am I right? And if so, what would be the name (and ID) for the attributes?
  Thanks in advance.

  Making progress in setting up the wireless controller with multiple VLAN and WLAN/SSID. I create a virtaul interface at the controller and assign a VLAN number to it. The controller mgmt port is also set to a trunk port. Create a new SSID WLAN and have it mapped to the new virtual interface. Things work good.
  The new problem I am trying to solve is how to prevent wired users to access the controller admin web interface via the virtual interface IP. I try create ACL and map it to the virtual interface. It doesn't seem working.

• How to prevent user from inputting in a Date field?

  Hi, everyone
  I have another small problems, for a Date field, user can choose from a date window or input from keyboard, is there any way to forbid user to input?
  I want to make the date field behave like a Drop-down list. User can just choose from list, can not input. is it possible?
  Thanks

  What is the objective of disabling date entry? Are you concerned about the date format?
  Steve

• Restrict users from input

  Hi Experts,
  Is there a way to restrict users from sending data through input schedules ?
  My requirement is to lock the weeks as we go . for example if data has already been sent in week1 no one should be able to modify it through input schedules.
  other weeks should be open for sending data. The weeks that have passed need this restriction.
  Any ideas ?
  Thanks

  Hi,
  You should first maintain the work status at the appset level. Please refer to the below link from help.sap:
  http://help.sap.com/saphelp_bpc75/helpdata/en/f8/d51b881cfa4c5992de481ccfa05db3/content.htm
  Hope this helps.

• Restrict users from making repository changes

  We want to restrict certain users from making workbench/repository changes.  Is this possible through transaction PFCG by roles?  If so, what authorizations do I need to customize?

  In a nutshell users should have limited authoriztions to items of S_DEVELOP auth. object.
  Regards,
  Mike
  Message was edited by: Mike Puzankov

• Locking down users

  I'm trying to find a way to give access to some IT staff in some of our smaller sites, but I'm not finding exactly what I'd like to do. Our hope is that we can give them access similar to the "Help desk user" preset (locks them down to only the message tracking screen). Unfortunately, we'd also like to restrict what domains they are able to track messages for, but I'm not able to find any way to restrict them other than the pre-made categories.
  Anyone ever done anything like that before, or know if it's even possible?

  Hello -
  We do not have that ability available in Message Tracking. You might be able to work around this limitation by having certain admins / help desk users only have access to certain appliances (if you could limit each site's appliance to handle only certain domains). You might chose to only give these help desk users quarantine access for simple tasks, or perhaps delegate only the more savvy help desk folks with more access.
  Take care!
  Andrew Wurster

• Is there a way to prevent or lock a user from pasting text from another source into a text field in Acrobat Reader?

  We require them to enter their own text into the field. The form was created in LiveCycle Designer and is accessed by users in Reader. Thanks

  You can't prevent someone from pasting, but you can use a script to check if more than one character was pasted at a time, and prevent it if it's true. This would be a reasonable alternative it seems, but you should post this question in the LiveCycle Designer forum if you need help with the script.

• Access Connections v4.52 - user rights in locked down environment

  I'm currently working on a small project to deploy various Lenovo wireless drivers, Access Connections v4.52, Hotkey and Power Management drivers via SMS but have come across a slight issue with Access Connections that I can't seem to resolve.
  I'm hoping to provide my locked down users with a selection of standard profiles that are copied to their machines on logon but would also like to give them the ability to create and modify new ones too - this is where I'm having problems.
  Through Group Policy I have set:
  Allow Windows users without administrator privileges to create and apply WLAN location profiles using Find Wireless Network function
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Lenovo\AccessConnection\EnableCreateProfilewithFWN 1
  Allow Windows users without administrator privileges to create and apply location profiles
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Lenovo\AccessConnection\EnableUserMode 1
  I have also manually set the following:
  HKEY_LOCAL_MACHINE\SOFTWARE\Lenovo\Access Connections\Install\AllowPrfCreationThruFWN 1
  I couldn't find a key for the 'EnableUserMode' option
  Unfortunately, none of these give standard users access to create or modify profiles.
  Have any of you come across this in your environment and if so did you manage to come up with a suitable solution?
  Thanks in advance.

  Hi,
  the steps, that you performed are correct.
  However I would not do the last step:
  HKEY_LOCAL_MACHINE\SOFTWARE\Lenovo\Access Connections\Install\AllowPrfCreationThruFWN 1
  This might cause confusiong.
  I have just tested it in here and it's working fine with the 5.x version of AC
  Cheers

• Locking down Firefox Connection settings

  Due to Google removing their support for IE8, I'm being forced down the road to look at an alternative Browser to support my users when connecting to Google tools.
  Using IE I have locked down users to enforce them to use our cloud based web security using a PAC file and now need to use the same with firefox.
  I've edited the registry with the PAC file but now want to effectivly grey out the options on the Connections setting page
  I've read a few guides and tried them but they are all for older version of FF.
  Can anyone out there point me in the right direction?

  If you really want to prevent users from changing settings then the only way to achieve this is via a mozilla.cfg file.
  It is not really that difficult.<br />
  You need to create to plain text files.
  Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.
  <pre><nowiki>pref("general.config.filename", "mozilla.cfg");
  pref("general.config.obscure_value", 0); // use this to disable the byte-shift
  </nowiki></pre>
  The mozilla.cfg file to be located in the main Firefox program folder should contain these lines:
  <pre><nowiki>// mzila.cfg should start with a comment line
  lockPref("network.proxy.type", 2);
  </nowiki></pre>
  See also:
  *http://kb.mozillazine.org/network.proxy.type
  *http://kb.mozillazine.org/Locking_preferences

• How Creative Cloud working under locked down IT administration environment

  We are  existing CS6 and would like to sign for Creative Cloud. Just want to know how it works on the locked down user computers (without local administrator rights)?
  DISCLAIMER The contents of this email and any attachments (together "this email") may contain information that is confidential to Breville Group Limited (and/or its associated entities) (together"BRG"). Information contained in this email is subject to copyright. If you are not the intended recipient, you cannot print, use, rely, or disseminate any part of this email. If you receive this email in error, please notify us immediately by return e-mail and erase all copies. If you are the intended recipient of this email you should not copy, disclose, or distribute this email without the authority of BRG. Any views expressed in this email are those of the individual sender, except where the sender specifically states them to be the views of BRG. If this email contains any defamatory comments expressed by the individual sender, these comments are made outside the scope of his/her authority. BRG does not accept liability in respect of such defamatory comments. BRG does not warrant that the integrity of this email has been maintained, or that this email is free of errors or viruses, and has not been intercepted or interfered with. It is your responsibility to scan this email for computer viruses and other defects. BRG does not accept liability for any loss or damage however caused, whether by negligence or otherwise, which may result directly or indirectly from this email. In any event, BRG's liability is limited to the cost of re-supplying this email. Please consider the environment before printing this email. ***************************************************************

  The deployment is just the same like for the conventional suites and the same rules apply, so I'm not sure what you are asking.
  Mylenium

• How to lock a user by using random password?

  hello,
  i need to lock a user from a target system by pushing in random passwords for the accounts. i am successfully able to create an adapter that can generate a random string, but the place where i am stuck is that where to use it as i just need to lock the user and not delete it. if the corresponding manager approves the suspension then the account needs to be deleted else again the account needs to be enabled.
  Please help!
  Thanks!

  ok... sorry...
  so what i did is that i have created a resource that has to be provisioned to the user if the user is to be terminated, in which the manager will mention the user to be terminated and the reason.
  now OIM has to lock the user till the reason that has been given by the manager is deemed valid by the second level manager.
  so for that i have a approval and a process form and processes associsted with them. but the problem is that i need to lock the user using the "Entity Adapter" so i need to do so only in the "Data Object Manager" and thus the problem starts as i dont know where to map the adapter that generates the random password so as to lock the user.
  please, if you find anything confusing here, go thru the discussion in the whole of the thread.
  Thanks!

• Lock OBIEE User

  Hi,
  I have some questions about locking OBIEE user (native user):
  1. Can we lock OBIEE user from the admin tool or from other place? Usually, if I don't want a user to log in, I have to delete that user.
  2. Can we set that when a user enter 3 consecutive incorrect password, then the account is locked automatically (like the one in the Oracle database).
  Thank you very much for the help.

  Some people have posted some helpful answers but they have not answered your questions.
  1. No, you can't lock a user in the RPD. The best you could do is to change the user's password which you could script via UDML.
  2. This is not possible in the current version.