Restrict user from deleting issued component in Tcode CN22

Similar Messages

• How to restrict user from deleting record

  Dear All,
  Kindly share your experience...
  Situation: My client have one SOB, used by several branches. Each branch has its own branch code in Chart of Account (accounting flexfield). Currently, to prevent branch accessing other branch's journal in General Ledger Module, we set account security (segment Branch) for each responsibility. In this way, batch header and journal header are still shared. Branch A still can see branch B's batch header and journal header, and even can delete the journals. This is very risky. Client urges to hide 'delete' icon from the toolbars and menu or disable 'delete' journal function for certain responsibility.
  Questions: how to solve that problem without modifying the form?
  Thanks,
  KC

  You may want to consider using the CUSTOM.pll. Basically its an "approved" way to do Form customization. You will need to understand basic Forms programming.
  Metalink Note 73505.1 is fairly good.
  There's also an OAUG white paper (2000) by Brad Goodwin
  Ken

• Restrict Users for  Deletion of Components  in MFBF

  Dear All,
  How to restrict users from deleting components in post with correction screen in MFBF in REM?
  Regards,
  Tejas

  Dear Tejas,
  Check this link
  [Deleting components in MFBF|Deleting BOM components, while backflushing in REM]
  Apart from this you can go for a screen variant,as per to my knowledge i dont think you can restrict
  through an user exit.
  Regards
  Mangalraj.S

• Restrict users from editing and deleting not owned items

  Hello guys.
  I'm trying to restrict users from editing and deleting items created by other users. I know, that it can be achieved by using SPList.WriteSecurity parameter, but if I change its value to 2 or 4 - nothing happens... 
  May be there are some list permissions that can override this security setting? I tried to combine permissions in different ways but users either cannot modify any items or can edit/delete all of them... 
  By the way, setting ReadSecurity=2 works as it should work regardless of user permissions...
  Please help.

  Hi,
  I understand that you want to change the write security for the document library. You can try the PowerShell script below:
  $web = Get-SPWeb http://serverURL
  $list = $web.Lists["Document library"]
  $list.ReadSecurity = 2
  $list.WriteSecurity =2
  $list.Update()
  $web.Dispose()
  This setting will not affect the site collection administrator, he will always be able to edit the documents. You need to sue another account to have a test. If this still doesn't work, I think you need to manually edit the permission for each documents.
  Thanks,
  EnTan Ming
  Entan Ming
  TechNet Community Support

• Restricting the user from deleting a personel number

  Hi All,
  Can anyone help me in restricting the user from deleting a personel number.
  Thanks & regards,
  Venkat

  Hi Venkat,
  The utility menu will ultimately calls to PU00 so it doesnt matter , system wont allow him to delet.
  You can try it out in quality if you want.
  Award points if useful
  Regards,
  Bhupesh Wankar

• How to restrict a user from deleting a PO

  Dear All,
  I have to restrict some users from deleting a line item in PO. They will be authorised to create & change the PO but they must not be able to delete the line item.
  Further it would be more helpful if it is possible to restrict them from deleting one perticular type of  PO(ex-Capex PO). They can change a capex PO but can not delete it.
  Any of the answars will be highly appreaciated.
  Regards
  Rutabhadra Panda

  Hello,
  Speak to your basis guy, put if you have created Capex PO as a particular document type, then maintain authorisation object M_BEST_BSA (Document Type in Purchase Order) and activity 06 delete.
  You may find that delete is still possible through activity 02 change, so you might need to maintain different roles depending on what you need.
  Thanks.

• Need to restrict users from adding or modifying folders or reports

  Requirement: Need to restrict users from adding or modifying folders or reports through Info view and to reflect the modifications only thriough LCM.
  Issue: Customer wants to restrict users from adding or modifying existing reports from Infoview and need to force users to do make the changes through Life cycle manager tool.
  As per my understanding LCM can only be used to to promote folders and objects from one environment to another and to schedule the promotion of these jobs on a daily basis.My query is:
  Can we add or modify existing reports or folders using the LCM tool?
  Could you please help me out in this issue and provide me your suggestions.
  Thanks in advance.
  Prashanthi Rayaprolu.

  You can not restrict that using LCM. Need to modify the rights at the folder level.
  Explicitly remove the following rights for the user group,
  Add objects to the folder
  Edit objects
  Delete objects
  Copy objects to another folder (check this if required)
  Once the above four are denied then users wont be able to Edit/Add/Delete reports in that folder.

• Restricting user from changing price in me22n after goods receipt

  i want to restrict the users from changing the price of the material in me22n after after goods receipt.
  pls tell me the userexit for it with detail.

  Okay, then let me play the role of the bad man.
  Why would you need to restrict users from changing a price after GR ?
  Do you think that users are changing prices just for fun or to mess up the system?
  Have you talked to users why they want change the price after a GR?
  do you have an alternative plan, for the case that the price really needs to be changed to be able to post the invoice?  do you want to cancel always the GR in this case? Is is possible? What if the stock is already issued? do you then want to cancel the entire chain? what if a month end closure was already done?

• Prevent user from deleting someone else data

  I have a table
  create table T(
  infoID number primary key,
  info varchar2(4000),
  user varchar2(1)
  and users a,b,c with object priveleges on table T.
  What is the best way to prevent user from deleting someone else data?
  1. Create a view for each user to interacat with ( where user='a') and revoke privileges from table T.
  2. Use procedures or trigers to catch a bad user.
  3. ?

  Leo is certainly correct that VPD will solve the issue you have described. however another option also exists without the need to create a separate view for each user (as you described) or the use of VPD, the option would be to do something like the following.
  create user ownera identified by ownera;
  create user usera identified by usera;
  create user userb identified by userb;
  create user userc identified by userc;
  grant connect, resource to ownera;
  grant create view to ownera;
  grant connect to usera, userb, userc;
  conn ownera/ownera
  create table mytable ( id number primary key,
  userid varchar2(8) not null, mod_date date not null, text varchar2 (100));
  create sequence mytable_seq;
  create or replace trigger biu_mytable_trg
  before insert or update on mytable
  for each row
  begin
       select mytable_seq.nextval into :new.id from dual;
       :new.userid := user;
       :new.mod_date := sysdate;
  end;
  create or replace view v_mytable as
  select * from mytable where userid=user;
  grant select, insert, update, delete on v_mytable to usera, userb, userc;
  try inserting and selecting as the various userX users.
  Good luck.

• How to restrict users from printing documents and exporting to local file

  Hi SAP gurus,
  I have two questions.
  1. How can I restrict users from printing a document? i.e. billdoc? I would like to know if I could block it though authorization. If yes, what auth obj to use?
  2. How to restrict certain users from exporting to local file? the System> List>Save-->Local File. I have tried restricting it using auth object S_GUI but it seems it is only applicable to older versions of SAP. im on ecc6.
  Thank you in advance.

  Hi,
  Check this:
  Create your own gui status and attach it to the list in the event START-OF-SELECTION.
  In the menu painter extra -> adjust template.
  Make it a list status and you will see all the standard list options appear including list->download
  Deactivate the ones you don't want. 
  If you just want to prevent users from downloading the list you can achieve this with authorization object S_GUI, activity 61. Menu option will still be there though.
  Please note that if you remove authorisation for S_GUI activity 61 then all downloads will not be possible. 
  If you just want to disable downloads only for a particular report, you can try this test program:
  Code:
  REPORT ztest. 
    DATA: PROGNAME LIKE SY-CPROG value 'Z_CHECK_AUTH', 
          FORMNAME LIKE SY-XFORM value 'F_CHECK_AUTH'.
  START-OF-SELECTION. 
      CALL FUNCTION 'SET_DOWNLOAD_AUTHORITY' 
           EXPORTING 
                FORM    = FORMNAME 
                PROG    = PROGNAME 
           EXCEPTIONS 
                OTHERS  = 1.
    WRITE: / 'TEST'.
  You also need this:
  Code:
  PROGRAM z_check_auth.
  FORM f_check_auth USING pe_result TYPE i. 
    pe_result = 5. 
  ENDFORM.
  Also have a look at the exit SGRPDL00.
  Hope this helps you.
  Rgds,
  Raghu

• Restricting User from creating new records using when-validate-record

  Hi,
  I have a requirement for which I have to restrict he user from creating a record in the Supplier Master form if the suppliier type is 'Affiliate Supplier'.
  I have done the following setups
  Seq 10
  Description Restricting user from creating Affiliate records
  Level Function
  Enabled Yes
  Condition:
  Trigger Event WHEN-VALIDATE-RECORD
  Trigger object VNDR
  Condition "${item.VNDR.VENDOR_TYPE_DISP_MIR.value} is NOT NULL
  and
  ${item.VNDR.VENDOR_TYPE_DISP_MIR.value} LIKE 'Affiliate%'
  Processing Mode BOTH
  Context
  Level User
  Value User Name
  Action Sequence 1
  Type Message
  Action Description Saving Affiliate record
  Language ALL
  Message Type Show
  Message Text You Cannot Create Affiliate records Here
  Action Sequence 2
  Type Builtin
  Action Description Stop Proceesing
  Language ALL
  Action Enabled Yes
  Builtin Type RAISE FORM_TRIGGER_FAILURE;
  This is working good on one instance but when I moved it to another instance
  when I query the form and try to navigate to the bank accounts tab of the form which is based on a differnt block i.e VNDR_USES block, the when-validate-record trigger fires there also and stops the processing.
  Any suggestions on this would be higly appriciated.
  Thanks in Advance.

  Hi Srini,
  Yes, it does work...but in a Form Session if i Create more then one Item, in some cases it fires for the first records and not sleeps for the second.
  Sometimes it doesn't give any response.
  Appreciated if you divert to the link to check the Pacthes for 11.5.10 on Form Personalization.
  Please share any ideas/example if yiou have to achieve the below requirement.
  Requirement:
  Once New record is created , a Custom Procedure should be invoked.
  with out closing Form i am able to create n number of Items, so for every Item it should invoke Custom PLSQL Code on Save.
  Let me know if i can achieve the same in Custom.pll .....as i can use either of Options.(Form Personalization/Custom.pll)
  Thanks & regards,
  Edited by: user632004 on Mar 16, 2010 7:50 PM
  Edited by: user632004 on Mar 16, 2010 8:09 PM

• How to secure the users from deleting the work items

  Hi all,
  I have a question like this.........whether we could secure the users from deleting the work items by someone in the Project and also assigning a specific user to allow them to delete the idoc. 
  Please help me on this as this is critical.........
  Thanks in advance
  Chakri

  One of t he possible way is, ask the basis team to create users as Service Users and you can determine whether the login user is whether a service or dialog user  by using the a bapi BAPI_USER_GET_DETAIL under the exporting parameter logondata with field USRTYP where if the logged in user is Service user then this field will be populated as S if the user is a dialog user then it will be populated as A.
  Now in more efficient way of fixing this is get the list of users for whom you donot want to give the authorization of deleting workitems and assign the appropriate role for all the listed users...
  for roles and authorizations i hope the basis team is the right team to consult....

• Restrict users from archiving PST to local computer

  Hi all,
  I would like to restrict users from archiving emails in outlook to the local computer. We have a serious problem that users are archiving emails to the local computer and then they can copy those emails to external devices or that they can attach this local
  pst file to their personal outlook profile which they can forward it to external recipients. We have ran into a serious problem now and I am try to resolve this problem by restricting users to archive the emails to their local computer. Is there any way I
  can do this?
  Only designated users should be able to archive the outlook emails (from the support team) and they can save it to a central file server.
  Please share me your thoughts. Thank you all for taking time to read this and for your suggestions.

  Hi Friend,
  Use Group Policy Feature and enable the “DisablePST” Reg value as it will not allow users to create new  PST file or even remove the Archive function from their Outlook interface.
  Registry path to disable PST File authentication (Group policy):
  HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook
  Take a brief explanation about various restrictions over PST File:
  https://www.simple-talk.com/sysadmin/exchange/using-group-policy-to-restrict-the-use-of-pst-files/
  Note: Improve community discussions by marking the answers helpful otherwise respond back for further help.
  Thanks
  Clark Kent

• Restrict users from using Manual series

  Hi SAP,
  Is there a way to restrict users from using the Manual series?
  Thanks,
  Janice

  Hi Rahul,
  Ok, i have seen already the authorization for document manual numbering and it is available only for 8.8 versions and not on 2007 version of SAP.
  Anyway, when im doing the testing i found out that for banking transactions like incoming, user can still use the manual series even if he has no authorization for manual document numbering.
  Another concern from our client was  the use of manual series only, is it also possible in SAP? I tried to give user authorization in the manual document numbering and no authorization to series group no but user cannot already open the transaction window. Let us know if their inquiry is possible so i could inform them that only manual series can be restricted.
  Thanks for your help.
  Regards,
  Janice

• Restrict users from changing roles

  Is there a way to restrict users from changing roles
  themselves? If a user goes to My Connections and then clicks Edit,
  they could, in theory, change to any group they want--except to the
  administrator group because you have to enter a password. If the
  admin isn't watching the site 24/7, the user can change their roll,
  let's say from a writer to a publisher, and publish something
  before the admin can notice.
  Is there anything that can be done to restrict that?

  You can use connection keys...this will only allow a user to
  change their name and email address (I think...I can check on this
  tomorrow). We use these at my work and it allows for a lot more
  control over who is assigned to the proper groups.