Restrict the Users from doing Transactions from transactional Iview.

Similar Messages

• How to restrict the user from making any changes in Sales order- item level

  Hi to all
  How to restrict the users from making any changes in sales order at item level if the same sales order is released by senior user through status profile.
  Regards
  Anish Parikh
  Edited by: anish parikh on Jan 24, 2008 5:16 AM

  Hi Anish,
  This can be achieved through the roles and authorization.
  This can be done through the basis team. they can create user profiles and roles.
  For the roles they assign some transaction codes so that they can view the only assigned tr. codes.
  Like that ur requirement can be done.
  Also u can prevent the user to change any fields in the sales order screen (VA02). for that please modify the authorisations.
  Hope i answers.
  Reward points if useful.
  Edited by: kaleeswaran bhoopathy on Jan 24, 2008 9:57 AM

• Is it possible to restrict the user from creating a sibling and allow him to ONLY create child nodes in DRM?

  When in a hierarchy, a user right clicks on a node to crate a new node, he has two options
  -Child
  -Sibling
  Is it possible to restrict the user from creating a sibling and allow him to ONLY create child nodes?
  Business cases:
  1. different level nodes need to have different prefixes.
  - Thus, the default prefix property definition uses the level number to assign a prefix
  - Also, a validation, to ensure the correct prefix, uses the level number
  But if the user can create a child and a sibling then the default prefix will only be right for a single case and not both.
  Thanks

  If the images are exactly the same size then make sure the layer with the mask
  is the active layer and in the other documents go to Select>Load Selection and choose
  your document with the layer mask under Source document and under channel choose the layer mask.
  After the selection loads press the layer mask icon at the bottom of the layers panel.
  MTSTUNER

• Restricting the user from deleting a personel number

  Hi All,
  Can anyone help me in restricting the user from deleting a personel number.
  Thanks & regards,
  Venkat

  Hi Venkat,
  The utility menu will ultimately calls to PU00 so it doesnt matter , system wont allow him to delet.
  You can try it out in quality if you want.
  Award points if useful
  Regards,
  Bhupesh Wankar

• How to restrict the user from accessing other screens before submittingdata

  Hi All,
    I have some screens developed in Webdynpro ABAP and all these have been linked to Portal as pages. In Portal If i click on the link in detailed navigation i can see the corresponding screen on the right side. Now in one screen i have to input some data and submit the data, Now my problem is if i enter some data and before submitting the data if i click on any other link in the detailed navigation, that corresponding screen is opening and all the data of the previous screen is lost.
  Can any one suggest me, how can i restrict the user from accessing other screens before submitting the data of that screen from portal perspective.

  Hi Prasanna,
  The pages can be restricted from the user access by using the ACL permission or you can restrict the page by making invisible in navigation area which you do not want to show to the user . Open the page properties and select navigation category in the drop down and select the Invisible in navigation area property to yes.By default this property is No.Change the property for all pcd pages which want to hide from user access.
  Hope this helps you...
  Regards,
  Rudradev Devulapalli
  Reward the points if helpful....

• How to Restrict the users from changing the Default variant of report.

  Hello everybody,
  The requirement is to restrict the users to save and overwrite  the default layout variant (Layout for higher managenet)set for the report, but at the same time they should be able to change and save the other layouts for which they are having access.
  I have written the logic in the program which is working fine for all the scenario when we execute the report. But the logic doesnt work if the user is selecting the layout on the output screen of the report.
  for e.g if the user runs the report using the layout varaint for which he is having the authorization then he gets the all 4 options so he then he can select the layout for which he is not authorized and he can overwrite.
  i have debugged and check as i have found that after the report output is shown all the layout paramater is controllled by the statndard SAP objects.
  Can anyone help me out in this issue.
  Thankyou in advance.
  *to get the default layout variant.
    w_save = 'A'.
    if p_vari is initial.
      clear disvariant.
      disvariant-report = sy-repid.
      w_variant = disvariant.
      call function 'REUSE_ALV_VARIANT_DEFAULT_GET'
        exporting
          i_save     = w_save
        changing
          cs_variant = w_variant
        exceptions
          not_found  = 2.
      if sy-subrc = 0.
        p_vari = w_variant-variant.
      endif.
    endif.
  *logic to check user authorization to change the layout setting.
    if p_vari = c_layout.
      if not sy-uname is initial.
        select single * from agr_users
                where agr_name = c_role
                and   uname    = sy-uname.
        if sy-subrc = 0.
          w_save = 'A'.
        else.
          w_save = ' '.
        endif.
      endif.
    endif.
  Regards,
  Satish.

  Hi Maine,
  Thanks for your reply.
  As you mentioned for your own program, you can control the parameter "I_SAVE", when calling "REUSE_ALV_GRID_DISPLAY".
  so already i have use the same logic and control the parameter through I_SAVE and here i am calling method ALV_GRID->SET_TABLE_FOR_FIRST_DISPLAY instead of "REUSE_ALV_GRID_DISPLAY".
  and it works fine when we execute the report but the logic doesnt work when the user tries to change and save the layout variant on the output screen of the report.
  Regards,
  Satish

• Restrict the user from seeing public objects

  HI
  How to avoid the user from see the other schema public objects
  if i use odbc drive for crystal report and i am able to see other schema owner
  objects
  like ctxsys,dmsys,mdsys
  even though it is coming from Public schema i try
  revoke select on all_users from public;
  it did not help
  pls give me some solution how to avoid this

  I'm not following you. What I suggested was (let's say it uses all_tables):
  - create a local view called all_tables
  - filter in that view anything you don't want to see
  ops$oskar@test9i$ grant create session to u1 identified by u1;
  Grant succeeded.
  ops$oskar@test9i$ grant create view to u1;
  Grant succeeded.
  ops$oskar@test9i$ conn u1/u1
  Connected.
  u1@test9i$ select distinct owner from all_tables;
  OWNER
  CTXSYS
  MDSYS
  OPS$OSKAR
  SYS
  SYSTEM
  WKSYS
  WMSYS
  7 rows selected.
  u1@test9i$ create or replace view all_tables as select * from sys.all_tables where owner not like '%SYS%';
  View created.
  u1@test9i$ select distinct owner from all_tables;
  OWNER
  OPS$OSKAR

• How to restrict the user from Closing the PO when it is not matched yet

  Hi,
  Actually PO is finally closed in lines level without matching. Now the problem is how to restrict this in future so that the user can not finally close it when it is not matched.
  Thanks
  Kavya

  Kavya,
  Check the setup of Line Type . Check for Receipt Tolerance on the Line Type . It should not be 100%
  Please let me know if you have any questions
  Thanks
  Navin

• Is it possible to restrict the user from opening the WSDL page in a browser

  Hello All,
  The user should be able to send requests to the webservice, but not be able to view the wsdl file in the browser. How can we do this in Weblogic 10 ? is this configurable ?
  We need to do this because, the webservice is going to be exposed to the outside world and we don't want everyone to be able to see the WSDL.
  Thanks
  Chandra

  I don't know how to do that, but I would advise against relying on an architecture where you have to hide the WSDL to provide security. That's an illusion. If you fully expose the WSDL and then implement proper security mechanisms, even BASIC Auth under HTTPS, your service will be more secure than with a hidden WSDL.

• File Open/Save dialog Restrict the user path selection Is there any way?

  Hello,
  Is there any way by which we can restrict the user from selecting the path from the Folder Browser/ File Open/ File Save dialog boxes?
  For example, I have a list of paths & want to allow the users to select from those paths or their sub folders. Is there any way to achieve this?
  Thanks!
  -Vinay Pugalia
  If a post answers your question, please click "Mark As Answer" on that post or
  "Vote as Helpful".
  Web : Inkey Solutions
  Blog : My Blog
  Email : Vinay Pugalia

  Hello Vinay Pugalia,
  >>For example, I have a list of paths & want to allow the users to select from those paths or their sub folders. Is there any way to achieve this?
  As far as I know, starting with Windows Vista, the Open and Save As common dialog boxes have been superseded by the
  Common Item Dialog:
  https://msdn.microsoft.com/en-us/library/windows/desktop/ms646960%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
  You could have a try to restrict the value of “look in”(shown in the opne dialog) and “Save in”(shpwn in the save dialog). If you want an example about the usage of this API, you could post a code sample request to:
  https://code.msdn.microsoft.com/site/requests
  Regards.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Restrict the user   based on document type on migo transaction-prepare GRN

  Hi,
  We are running ECC6.0 R/3 system.We had a requirement as follows
  In MIGO transaction , we want to restrict the user on document type i.e. we want that a particular user can  prepare GRN for document type  STO only. He cannot prepare GRN for other document type.
  We checked  SU24->maintain check indicators for transaction codes->enter migo->execute->check indicator.This returned us the authorisation objects present in Migo transaction.We checked the help of all these objects,but none of them we found suitable for above mentioned requirement.We were planning to find out the proper authorisation object to add to Profile generater.
  The following is the objects which we have checked for.
  A_B_ANLKL-->     Asset Postings: Company Code/Asset Class
  A_B_BWART-->     Asset Postings: Asset Class/Transaction Type
  B_USERSTAT-->     Status Management: Set/Delete User Status
  B_USERST_T-->     Status Management: Set/Delete User Status using Process
  C_AFKO_AWK-->     CIM: Plant for order type of order
  C_CACL_DSG-->     Interface Design
  C_DRAW_BGR-->     Authorization for authorization groups
  C_DRAW_DOK-->     Authorization for document access
  C_DRAW_TCD-->     Authorization for document activities
  C_DRAW_TCS-->     Status-Dependent Authorizations for Documents
  C_KLAH_BKP-->     Authorization for Class Maintenance
  C_STUE_BER-->     CS BOM Authorizations
  C_STUE_WRK-->     CS BOM Plant (Plant Assignments)
  C_TCLA_BKA-->     Authorization for Class Types
  C_TCLS_BER-->     Authorization for Org. Areas in Classification System
  C_TCLS_MNT-->     Authorization for Characteristics of Org. Area
  F_BKPF_BUK-->     Accounting Document: Authorization for Company Codes
  F_BKPF_BUP-->     Accounting Document: Authorization for Posting Periods
  F_BKPF_KOA-->     Accounting Document: Authorization for Account Types
  F_FICA_FOG-->     Funds Management: authorization group of fund
  F_FICA_FSG-->     Funds Management: authorization group for the funds center
  F_FICB_FKR-->     Cash Budget Management/Funds Management FM Area
  F_KNA1_APP-->     Customer: Application Authorization
  F_LFA1_APP-->     Vendor: Application Authorization
  F_SKA1_BUK-->     G/L Account: Authorization for Company Codes
  G_GLTP  -->       Spec. Purpose Ledger Database (Ledger, Record Type, 
                                 Version)
  J_1IDEP_SL-->     Authorization object for depot sale transaction
  J_1IEXC_OT-->     Authorization object for Other Excise Invoice Create
  J_1IEX_PST-->     Autorization object for posting Other Excise invoice
  J_1IGRPT1-->     Auth. for PART1 at GR
  J_1IINEX  -->            Incoming Excise Invoice
  J_1IRG23D-->     Authorisation object for Depo Transactions
  K_CCA-->                     CO-CCA:  Gen. Authorization Object for Cost Center 
                                  Accounting
  K_CSKS     -->                CO-CCA:  Cost Center Master
  K_CSKS_SET-->     CO-CCA: Cost Center Groups
  K_PCA-->                    EC-PCA: Responsibility Area, Profit Center
  L_TCODE-->                    Transaction Codes in the Warehouse Management System
  M_ANFR_BSA-->     Document Type in RFQ
  M_ANFR_EKG-->     Purchasing Group in RFQ
  M_ANFR_EKO-->     Purchasing Organization in RFQ
  M_ANFR_WRK-->     Plant in RFQ
  M_BEST_BSA-->     Document Type in Purchase Order
  M_BEST_EKG-->     Purchasing Group in Purchase Order
  M_BEST_EKO-->     Purchasing Organization in Purchase Order
  M_BEST_WRK-->     Plant in Purchase Order
  M_MATE_CHG-->     Material Master: Batches/Trading Units
  M_MATE_STA-->     Material Master: Maintenance Statuses
  M_MATE_WRK-->     Material Master: Plants
  M_MRES_BWA-->     Reservations: Movement Type
  M_MRES_WWA-->     Reservations: Plant
  M_MSEG_BMB     -->Material Documents: Movement Type
  M_MSEG_BWA-->     Goods Movements: Movement Type
  M_MSEG_BWE-->     Goods Receipt for Purchase Order: Movement Type
  M_MSEG_BWF-->     Goods Receipt for Production Order: Movement Type
  M_MSEG_LGO-->     Goods Movements: Storage Location
  M_MSEG_WMB-->     Material Documents: Plant
  M_MSEG_WWA-->     Goods Movements: Plant
  M_MSEG_WWE-->     Goods Receipt for Purchase Order: Plant
  M_MSEG_WWF-->     Goods Receipt for Production Order: Plant
  M_RAHM_BSA-->     Document Type in Outline Agreement
  M_RAHM_EKG-->     Purchasing Group in Outline Agreement
  M_RAHM_EKO-->     Purchasing Organization in Outline Agreement
  M_RAHM_WRK-->     Plant in Outline Agreement
  Q_TCODE     QM -->         Transaction Authorization
  S_ADMI_FCD-->     System Authorizations
  S_ALV_LAYO-->     ALV Standard Layout
  S_BDS_DS-->     BC-SRV-KPR-BDS: Authorizations for Document Set
  S_BTCH_ADM-->     Background Processing: Background Administrator
  S_BTCH_JOB-->     Background Processing: Operations on Background Jobs
  S_CTS_ADMI-->     Administration Functions in Change and Transport System
  S_DATASET-->     Authorization for file access
  S_DEVELOP-->     ABAP Workbench
  S_DOKU_AUT-->     SE61 Documentation Maintenance Authorization
  S_GUI-->                     Authorization for GUI activities
  S_OC_DOC-->     SAPoffice: Authorization for an Activity with Documents
  S_OC_ROLE-->     SAPoffice: Office User Attribute
  S_OC_SEND-->     Authorization Object for Sending
  S_PACKSTRU-->     Internal SAP Use: Package Structure
  S_PRO_AUTH-->     IMG: New authorizations for projects
  S_RFC-->                     Authorization Check for RFC Access
  S_SCD0     -->                Change documents
  S_SPO_DEV-->     Spool: Device authorizations
  S_TABU_DIS-->     Table Maintenance (via standard tools such as SM30)
  S_TCODE     -->                Transaction Code Check at Transaction Start
  S_TRANSLAT-->     Translation environment authorization object
  S_TRANSPRT-->     Transport Organizer
  S_WFAR_OBJ-->     ArchiveLink: Authorizations for access to documents
  V_LIKP_VST-->Delivery: Authorization for Shipping Points
  V_VBAK_AAT-->Sales Document: Authorization for Sales Document Types
  V_VBAK_VKO-->Sales Document: Authorization for Sales Areas

  Have you executed a trace while a functional user executes the transaction code for the specific parameters? (i.e. document type). The trace will then show which objects are being checked; then look at the object documentation in txn Su21 to determine if there are any ways to restrict on the particular value; in some cases, if the authorization group field is being checked, additional configuration is needed in order to implement the security (Su21 will explain in detail for the particular object).

• Restricting the user to operate DML's from SQL PLUS Environment

  how to Restrict the user to operate DML statements from SQL PLUS Environment.

  Once you restrict SCOTT user to not be able to do an INSERT command, the SQL*Plus returns an error for user SCOTT when he tries to execute an INSERT statement.
  Note however, that this is enforced by SQL*Plus, not the database!
  Look into the use of product_user_profile from Oracle documentation for more information.
  SQL> insert into product_user_profile values('SQL*Plus', 'SCOTT', 'INSERT', NULL, NULL, 'DISABLED', NULL, NULL) ;
  1 row created.
  SQL> commit ;
  Commit complete.
  SQL> disconnect
  Disconnected from Oracle9i Enterprise Edition Release 9.2.0.3.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.3.0 - Production
  SQL>
  SQL> connect scott
  Enter password:
  Connected.
  SQL>
  SQL> insert into emp select * from emp ;
  SP2-0544: invalid command: insert
  SQL>
  SQL>

• Restrict Standard User from not removing the COM-Addins registered under HKLM with Admin rights.

  Hello,
  I have developed a COM-Addin for word 2013 by VS 2013 and installed it under the HKLM with Admin rights. Now from an non-admin account, ie Standard User I'm able to uncheck that addin from the COM-Addins dialog and remove it also. Previously I have done the
  same thing for word 2007 addins and if a non-admin user tries to uncheck it the warning "The
  connected state of Office Add-ins registered in HKEY_LOCAL_MACHINE cannot be changed" pops
  up. But this is not happening for office 2013 apps(basically word, excel and powerpoint). 
  This is happening for all Add-Ins installed under HKLM.
  How can a Standard User be restricted from unchecking and removing the Office Addins registered under HKEY_LOCAL_MACHINE with same warning "The
  connected state of Office Add-ins registered in HKEY_LOCAL_MACHINE cannot be changed" in
  a pop-up box?
  Regards, Sayan

  Hi,
  The behavior is changed since Office 2010. Office 2010 and Office 2013 allows a standard user to turn a per-machine add-in off by unchecking the add-in in the COM Add-ins dialog.
  To restrict Standard User from not removing the COM Add-ins, we can try to add the add-in to
  the Group Policy option: List of managed add-ins in the Office Group Policy template.
  Word for example, the policy is under:
  User Configuration\Administrative Templates\Microsoft Word 2013\Miscellaneous
  To enable this policy setting, provide the following information for each add-in:
  In "Value name", specify the programmatic identifier (ProgID) for COM add-ins, or specify the file name of Word add-ins.
  To obtain the ProgID for an add-in, use Registry Editor on the client computer where the add-in is installed to locate key names under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins.
  To obtain the file name of an add-in, click the File menu in the application where the add-in is installed. Click Options, click Add-ins, and then use the Location column to determine the file name of the add-in.
  In "Value," specify the value as follows:
  To specify that an add-in is always enabled, type 1.
  Hope this helps.
  Regards,
  Steve Fan
  TechNet Community Support

• How to set the item property to restrict the user to not to copy from above

  Hi Guru's,
  I have a requirement like, There were two items on the form name email Id, Confirm email Id.
  I have to ristrict the user to not to copy from email Id item.. make him/her to enter the value into confirm email id item field manually.
  How to set the item property to restrict the user to not to copy from above item and paste it in this item.
  Please help.
  Thanks!!

  Just an opinion here, but that is about the dumbest requirement I have ever seen.
  I am always annoyed by web sites that ask me to enter my email twice. I ALWAYS copy the email address from the original entry and paste it into the second one.
  People enter their email addresses so often, it takes a real klutz to not get it right. And what makes you think that if they enter it twice, that they won't enter it wrong both times anyway???

• Restrict A User From Changing A Payment Term While Adding A/R Invoice

  Dear Experts,
  We want to restrict our users from changing payment terms while adding A/R Invoice.
  We use SAP B1 2007 b.
  Thanking  you
  Pradnya

  Hi,
  try below code in transaction notification procedure:
  if (@object_type = '13') and (@transaction_type IN ('A', 'U'))
  BEGIN
  IF exists (select T0.DocEntry FROM OINV T0 Inner Join OCRD T1 on T0.CardCode=T1.CardCode Where T0.GroupNum  !=T1.GroupNum and T0.DocEntry =@list_of_cols_val_tab_del)
            Begin
                 SET @error = 30
                 SET @error_message =N'You are not authorized to change payment terms'     
            end
  END
  for how the transaction notification works or how to use :
  check How to use Transaction Notification
  Thanks,
  Neetu