Restrict users from editing and deleting not owned items

Similar Messages

• Permission to upload to KM folder, but edit and delete only usrs own file

  Hi guys!
  I need to allow users to upload document to some KM folder, but they must be able only to edit and delete their own file. How to achieve this?
  If someone has write permission to KM folder, he can edit also other documents. I need to disallow this..
  Thanx for answer!
  Peter

  Hi,
  please have a look at this HowTo: https://service.sap.com/~sapidb/011000358700000560192006E/MultipleAuthors.zip
  Kind ragrds
  Karin

• How to restrict users from printing documents and exporting to local file

  Hi SAP gurus,
  I have two questions.
  1. How can I restrict users from printing a document? i.e. billdoc? I would like to know if I could block it though authorization. If yes, what auth obj to use?
  2. How to restrict certain users from exporting to local file? the System> List>Save-->Local File. I have tried restricting it using auth object S_GUI but it seems it is only applicable to older versions of SAP. im on ecc6.
  Thank you in advance.

  Hi,
  Check this:
  Create your own gui status and attach it to the list in the event START-OF-SELECTION.
  In the menu painter extra -> adjust template.
  Make it a list status and you will see all the standard list options appear including list->download
  Deactivate the ones you don't want. 
  If you just want to prevent users from downloading the list you can achieve this with authorization object S_GUI, activity 61. Menu option will still be there though.
  Please note that if you remove authorisation for S_GUI activity 61 then all downloads will not be possible. 
  If you just want to disable downloads only for a particular report, you can try this test program:
  Code:
  REPORT ztest. 
    DATA: PROGNAME LIKE SY-CPROG value 'Z_CHECK_AUTH', 
          FORMNAME LIKE SY-XFORM value 'F_CHECK_AUTH'.
  START-OF-SELECTION. 
      CALL FUNCTION 'SET_DOWNLOAD_AUTHORITY' 
           EXPORTING 
                FORM    = FORMNAME 
                PROG    = PROGNAME 
           EXCEPTIONS 
                OTHERS  = 1.
    WRITE: / 'TEST'.
  You also need this:
  Code:
  PROGRAM z_check_auth.
  FORM f_check_auth USING pe_result TYPE i. 
    pe_result = 5. 
  ENDFORM.
  Also have a look at the exit SGRPDL00.
  Hope this helps you.
  Rgds,
  Raghu

• After upgrading to OS 8.1.3 on iphone 5, suddenly all contacts have facetime and ring on both my ipad and iphone.  Went to Contacts and Facetime to Edit and delete, but no field to do so. How can I delete Facetime from all these contacts?

  After upgrading to OS 8 on my iphone 5, suddenly all my contacts had Facetime capabilities. I only want to FT with a few people Unwanted FT calls now ring on both my iphone and ipad. I tried to edit and delete FT capabilities in both Contacts and Facetime icon, but there is no field to delete for this. How do I delete Factime from my contacts list? thanks for any help with this.

  Hi Ingo 2711,
  Thank you for your suggestion.  I backup on itunes. I went to itunes, deleted syncing my contacts, then re-synced them. But the Facetime capability option continues to be there on most (not all, for some curious reason) of my contacts. I am not sure I posed my question correctly.  I want to be able to FT with my family, so don't want to delete the FT capability totally from my iphone and ipad. But I don't want all these other iphone calls from various contacts to ring on my ipad as FT calls.  I want a way to select with whom I have FT capabilities. Any further suggestions? Thanks much, trekpal

• How to delete users from Dev and Testing once it is deleted in Production

  Sap Gurus,
  Is there any automated way to delete the users from development and testing once it is has been deleted from production. i.e. when the administrator deletes the user from production after logging in then it should automatically delete the users from testing and development without logging on in these 2 systems (development and testing). Can anyone help me in resolving this issue.
  I am very much thankful in advance..
  Regards,
  Kali

  Rob,
  Ok, you are right in that way I can allow only that person but I have to allow 2 persons at this time. i.e. If at all I have to allow one more person also how should I do it, and also what if the person uses different passwords in development and testing?
  Thanks for your response Rob.
  Kali.

• I have had nothing but problems after downloading Lion and turning on ICloud. Can anyone tell if I can delete photos from Photostream and if not why not! it is infuriating

  I have had nothing but problems after downloading Lion and turning on ICloud. Can anyone tell if I can delete photos from Photostream and if not why not! it is infuriating

  PhotoStream is purely a conduit for transferring pictures added to or taken on one device onto all the others seamlessly. Photos are held there only for 30 days. There is no way of accessing, viewing or deleting individual photos; you can reset the entire Photostream, erasing everything.
  http://support.apple.com/kb/HT4890

• Someone sent me a recurring calendar appointment to my IPhone 4.  I accepted it but now I would like to delete it since I am no longer attending.  The planner was sent from Outlook.  I cannot hit "edit" and "delete" on the IPhone.  How can I delete this?

  Someone sent me a recurring calendar appointment to my IPhone 4.  I accepted it but now I would like to delete it since I am no longer attending.  The planner was sent from Outlook.  I cannot hit "edit" and "delete" on the IPhone.  How can I delete this?

  Try reading this forum post for suggested solutions as a start.
  http://discussions.apple.com/message/7606191#7606191

• Need to restrict users from adding or modifying folders or reports

  Requirement: Need to restrict users from adding or modifying folders or reports through Info view and to reflect the modifications only thriough LCM.
  Issue: Customer wants to restrict users from adding or modifying existing reports from Infoview and need to force users to do make the changes through Life cycle manager tool.
  As per my understanding LCM can only be used to to promote folders and objects from one environment to another and to schedule the promotion of these jobs on a daily basis.My query is:
  Can we add or modify existing reports or folders using the LCM tool?
  Could you please help me out in this issue and provide me your suggestions.
  Thanks in advance.
  Prashanthi Rayaprolu.

  You can not restrict that using LCM. Need to modify the rights at the folder level.
  Explicitly remove the following rights for the user group,
  Add objects to the folder
  Edit objects
  Delete objects
  Copy objects to another folder (check this if required)
  Once the above four are denied then users wont be able to Edit/Add/Delete reports in that folder.

• Restricting User from creating new records using when-validate-record

  Hi,
  I have a requirement for which I have to restrict he user from creating a record in the Supplier Master form if the suppliier type is 'Affiliate Supplier'.
  I have done the following setups
  Seq 10
  Description Restricting user from creating Affiliate records
  Level Function
  Enabled Yes
  Condition:
  Trigger Event WHEN-VALIDATE-RECORD
  Trigger object VNDR
  Condition "${item.VNDR.VENDOR_TYPE_DISP_MIR.value} is NOT NULL
  and
  ${item.VNDR.VENDOR_TYPE_DISP_MIR.value} LIKE 'Affiliate%'
  Processing Mode BOTH
  Context
  Level User
  Value User Name
  Action Sequence 1
  Type Message
  Action Description Saving Affiliate record
  Language ALL
  Message Type Show
  Message Text You Cannot Create Affiliate records Here
  Action Sequence 2
  Type Builtin
  Action Description Stop Proceesing
  Language ALL
  Action Enabled Yes
  Builtin Type RAISE FORM_TRIGGER_FAILURE;
  This is working good on one instance but when I moved it to another instance
  when I query the form and try to navigate to the bank accounts tab of the form which is based on a differnt block i.e VNDR_USES block, the when-validate-record trigger fires there also and stops the processing.
  Any suggestions on this would be higly appriciated.
  Thanks in Advance.

  Hi Srini,
  Yes, it does work...but in a Form Session if i Create more then one Item, in some cases it fires for the first records and not sleeps for the second.
  Sometimes it doesn't give any response.
  Appreciated if you divert to the link to check the Pacthes for 11.5.10 on Form Personalization.
  Please share any ideas/example if yiou have to achieve the below requirement.
  Requirement:
  Once New record is created , a Custom Procedure should be invoked.
  with out closing Form i am able to create n number of Items, so for every Item it should invoke Custom PLSQL Code on Save.
  Let me know if i can achieve the same in Custom.pll .....as i can use either of Options.(Form Personalization/Custom.pll)
  Thanks & regards,
  Edited by: user632004 on Mar 16, 2010 7:50 PM
  Edited by: user632004 on Mar 16, 2010 8:09 PM

• Exchange 2010 disconnect AD user from mailbox and reconnect the mailbox to a new copy of the same user with a different username

  How can i get the following done:
  Exchange 2010 disconnect AD user from mailbox and reconnect the mailbox to a new copy of the same user with a different username?
  i nmust do this for 16 users TODAY, SO PLEASE HELP ME OUT HERE.
  Thanks in advance!!
  kind regards,
  Rene Veldman
  System Administrator Teidem bv, The Netherlands.

  Rene,
  Why are you not changing the username of the existing account, instead of deleting the existing one and creating a new one?
  If you truly need to delete and create new, you can save the GUID for the mailbox (Get-MailboxStatistics <mailbox alias> | Fl MailboxGuid), mail disable the existing account (Disable-Mailbox <mailbox alias>
  will work), clean the mailbox database it was hosted on (Clean-MailboxDatabase
  <database name>), then create your new account and recover the existing mailbox to that new account (Connect-Mailbox -Identity <Guid from before> -Database <Database name> -User <SAM account name of new account> -Alias
  <what you wish to set the alias to>).  In PowerShell, for all steps, you would do the following:
  $MbxAlias = <mailbox alias>
  $NewMbxAcct = <SAM Account Name for new account>
  $NewMbxAlias = <new alias for mailbox>
  $DomCtrl = (dir env:\LOGONSERVER).Value.Substring(2)
  $MbxGuid = (Get-MailboxStatistics $MbxAlias -DomainController $DomCtrl).MailboxGuid
  $MbxDb = (Get-Mailbox $MbxAlias -DomainController $DomCtrl).Database
  Disable-Mailbox $MbxAlias
  Clean-MailboxDatabase $MbxDb
  Connect-Mailbox -Identity $MbxGuid -Database $MbxDb -User $NewMbxAcct -Alias $NewMbxAlias -DomainController $DomCtrl
  You will need to supply the information in bold in the above commands, and you will need to create the new account before you run the above commands.  I include direct use of a specific domain controller so you won't need to worry about replication. 
  If you are changing the account from one domain to another, this will not help, and you will need to wait for replication throughout the process, running the commands individually.

• How do i disable a user from editing history

  i want to be able to (as administrator on workstations in my small business) disable users from editing history in firefox. this is vital in a business environment. if there is a solution for this please advise. i have windows xp and 7 machines that run firefox as default browser. any help is appreciated.

  Hmm.  I am going to speculate looking into pwpolicy (man pwpolicy).  You can get a users policy by using:
  sudo pwpolicy -u username -getpolicy
  (replace username with an actual user's shortname)  However, I will admit that I've not attempted to set policy on an individual in a long time.  I do know that in 10.9 any attempts to mess with individual policy bricks the account until you remove the settings.  In 10.8 I have not tried.  10.6 is probably the last time I've explored this (but back then there was a UI for it).
  I would suggest a test account or even an entire test server.  You are clearly going off the reservation with this attempt.
  R-
  Apple Consultants Network
  Apple Professional Services
  Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store

• Restrict users from archiving PST to local computer

  Hi all,
  I would like to restrict users from archiving emails in outlook to the local computer. We have a serious problem that users are archiving emails to the local computer and then they can copy those emails to external devices or that they can attach this local
  pst file to their personal outlook profile which they can forward it to external recipients. We have ran into a serious problem now and I am try to resolve this problem by restricting users to archive the emails to their local computer. Is there any way I
  can do this?
  Only designated users should be able to archive the outlook emails (from the support team) and they can save it to a central file server.
  Please share me your thoughts. Thank you all for taking time to read this and for your suggestions.

  Hi Friend,
  Use Group Policy Feature and enable the “DisablePST” Reg value as it will not allow users to create new  PST file or even remove the Archive function from their Outlook interface.
  Registry path to disable PST File authentication (Group policy):
  HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook
  Take a brief explanation about various restrictions over PST File:
  https://www.simple-talk.com/sysadmin/exchange/using-group-policy-to-restrict-the-use-of-pst-files/
  Note: Improve community discussions by marking the answers helpful otherwise respond back for further help.
  Thanks
  Clark Kent

• Restrict users from using Manual series

  Hi SAP,
  Is there a way to restrict users from using the Manual series?
  Thanks,
  Janice

  Hi Rahul,
  Ok, i have seen already the authorization for document manual numbering and it is available only for 8.8 versions and not on 2007 version of SAP.
  Anyway, when im doing the testing i found out that for banking transactions like incoming, user can still use the manual series even if he has no authorization for manual document numbering.
  Another concern from our client was  the use of manual series only, is it also possible in SAP? I tried to give user authorization in the manual document numbering and no authorization to series group no but user cannot already open the transaction window. Let us know if their inquiry is possible so i could inform them that only manual series can be restricted.
  Thanks for your help.
  Regards,
  Janice

• Restrict users from changing roles

  Is there a way to restrict users from changing roles
  themselves? If a user goes to My Connections and then clicks Edit,
  they could, in theory, change to any group they want--except to the
  administrator group because you have to enter a password. If the
  admin isn't watching the site 24/7, the user can change their roll,
  let's say from a writer to a publisher, and publish something
  before the admin can notice.
  Is there anything that can be done to restrict that?

  You can use connection keys...this will only allow a user to
  change their name and email address (I think...I can check on this
  tomorrow). We use these at my work and it allows for a lot more
  control over who is assigned to the proper groups.

• Is their any way to restrict user from overriding  the graphs in SAP APO?

  Dear All,
  As we know, we can copy the graphs to other users using /n/sapapo/sdp_graph. But is their any way to restrict user from overriding the graph to particular user.
  Scenarios:
  In a project we have super user and semi-super user, whenever super user uses above t-code to copy graph to all users (he has included semi-super user id to target user list) but semi-super user does not want to override his graph by super user.
  Do we have such function in APO to restrict?
  Hope it is clear to understand.
  Regards,
  Pravin Tikar

  Hi Amol,
  thanks,
  I have checked SP Note 400434 - Authorizations in APO demand planning Also.
  Will check the authorization and will update the same.
  regards,
  Pravin Tikar