Restricting the Visibility of FireFighter Roles to selcted users

Similar Messages

• Restrict the visibility of a field  in the table

  There is a field in master database (pa0002) ,  i dont know from how many ways the  field value can be seen  like transaction, table view or abap query, but the requirement is the restrict the visibility of the value of the field to specific user , so please suggest me any peoper solution.
  Screen field: Q0002-BSNCD / Table field: PA0002-PERID
  Only authorized users are be able to see the BSN number.
  Other users should not have access to the BSN number in any way. I.e., access to the BSN number via the IT0002 screen, queries, table view or other ways should be prohibited when not authorized.

  Hi,
     Can you try creating an authorisation object and including an authority check in the PBO.
  Regards,
  Sonal

• Restricting the visibility of Dataview

  Hi All,
  Could anyone assist me in restricting the visibility of dataview  for a specific planner in the SDP94 screen.
  The problem is when a planner opens his planning book he is able to see all the data views whereas he has authorization for only one data view.
  How do i ensure that he is able to view only his dataview.
  I have tried the assign planners to planing book option but i cannot assign more than one.
  Thanks in advance.
  Regards,
  Raj

  Using the authorization object C_APO_PB, i'm able to restrict the view only for planning books but not the dataviews. i have used the following auth objects:
  C_APO_PB : SDP planning books
  ACTVT Activity (01, 02, 03, 06, 16)
  APO_PLBK2 Planning book
  APO_DVIEW Data view
  In our scenario, we have 3 planning books and each planning book has 20 datviews and i have assigned a single dataview from each planning book for a specific user using the above authorization objects. Even after maintaining the authorization for only one dataview for a particular user, i'm able to see all the dataviews in the SDP94 screen. How can I restrict the visibility of dataviews.
  Regards,
  Raj

• We have to restrict the visibility of Questions based upon technical and co

  We have to restrict the visibility of Questions based upon technical and commercial. For example if there are two section commercial and technical, technical team should not be able to see commercial questions and vice-versa

  Hi
  I could suggest an alternative approach. You  take a call whether it suits your business process
  Create a project for the event. Within project you can create two seperate Rfx one with technical team as collaborator and the other with Commercial team. Two Rfx would be evaluated and awarded seperately by respective team. You can take help of your technical expert to create custom report for overall evaluation
  Regards
  Mudit Saini

• How to restrict the Usage of Rejection Store for an User?

  Hi!
  I am a QM User. without QAD Knowledge store & Production persons moves the Components to Rejection stores thro' Mvt 311. The rejection Components are getting accumulated and we are questionable for the same.
  So Can anybody resolve the problem to restrict the Rejection storage location for an user or any other solution is highly appreciated.
  Pls. help me.
  Thanks & Regards,
  Surya

  Hi
  Avoid particular storage location from QC 
  this is possible through autherization object M_MSEG_LGO
  Go to SPRO->mat mgt->Inventory mgt& physical inventory->Autherisation Manegement>Autherizarion check for storage location-->for you plant & Storage loaction click on Autherization.
  When the indicator is set you must have authorization for the authorization object Goods movements: storage location ( M_MSEG_LGO) in order to enter a goods movement in the storage location using a particular movement type.
  In M_MSEG_LGO
  The authorization object contains four fields:
  1.Activity: defines whether the user:
  may enter goods movements (Activity=1)
  may change goods movements (Activity=2)
  may display goods movements (Activity=3)
  2.Movement type: defines the movement types you can use to to maintain goods movements.
  3.Storage location: defines which storage locations in which plant you may maintain.
  4.Plant: defines which plants the user may maintain.
  here you can Quarentive Quality people from these storage loactioon.
  Regards
  Sujit

• Know the tcodes of a role assigned to user

  Hi
  I assigned buyer role to myself and now i want to know the tcodes of the transactional iviews running in those particular tasks.
  like in Purchasing--overview    worklist and Purchasing groupanalysis iviews displayed.
  How do i get to know about there tcodes

  Hi Neel,
  When transactional iviews get execute from that window bottom right you can get the program name details .
  Or go to the iview properties added to the buyer role here also you will get all details like t.code , system used in portal,
  System client  and all.
  Regards,
  Piyush

• Restricting the creation of table in a particular user

  Hi All,
  WE have Oralce Enterprise 7.3.4 running on Sun Solaris. We have a number of
  users owning specific schemas and running differnet applications.
  We don't want all users to be able to create or alter tables in their own
  schemas either but want them to allow insert/update/delete.
  We have removed standard roles and assinged custom roles without creae table system privlege. But users are still able to create tables in their schemas.
  How can I allow all update/insert/delete but deny create table privelegs.
  All help is welcome.
  Balwinder
  [email protected]

  IMHO, everyone's responses are sidestepping the primary problem. It is a fundamentally sound practice that for a given application, that there be made a seperate and physical distinction between the application schema that "owns" the objects and another schema that "connects" to use those objects.
  So here's my basic recipe for resolution,
  1. Call the current application user the "owning" schema.
  2. Create a new application "connect" user that has connect privileges only and no tablespace quota whatsoever.
  3. Make grants on the owning schema objects to the "connect" user or roles granted to the "connect" user (preferred) as you require.
  4. Create private synonyms for the "owning" schema objects of the same name in the "connect" user schema.
  No application code requires alteration, and you now have infinite data structure integrity of the application objects.
  The really scarry thing that you didn't even mention is that you can't even stop the application from dropping its own tables. Quite scarry.
  Michael

• Enable the visibility of parameter to particular end user

  Hi all,
  I have created one report, in that i am using parameter selection.
  Now my requirement is parameter selection should not be enabled for me and other users, but it should be enabled for a  particular end user.
  Thanks,
  Ranjith C.

  PARAMETERS : p1 type char10, p2 type char5.
  at SELECTION-SCREEN OUTPUT.
    LOOP AT SCREEN.
      if screen-name CP '*P1*' and sy-uname = 'USER_NAME'. "required username
       screen-active = 1. 
      elseif screen-name CP '*P1*' and sy-uname NE 'USER_NAME'.
       screen-active = 0. " this will make the entire field disapper .. screen-INPUT =0 only makes it not editable..
      endif.
      MODIFY SCREEN.
     endloop.
  posting a better code...
  Edited by: Soumyaprakash Mishra on Nov 10, 2009 4:56 PM

• How to programmatically set the Visibility of an Iview INVISIBLE ?

  Hi ..... I need to programmatically set the visibility of an IView for a user Invisible - In order to achieve that , I am trying the below code....But getting errors-
  Code -
  Hashtable env = new Hashtable();
  env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sapportals.portal.pcd.gl.PcdInitialContextFactory");
               env.put("com.sap.portal.jndi.requested_aspect","com.sap.portal.pcd.gl.PersistencyAspect");
  env.put("java.naming.factory.object", "__IPcdContext__");
  InitialContext iCtx = null;
  String iViewID = "pcd:portal_content/ABC/1Portal/mywork/iviews/XYA_iViews/adf.ivw_ess_jspdynpage";
               iCtx = new InitialContext(env);
               IiView result =(IiView)iCtx.lookup(iViewID);     
               IiViews iViewSrv = (IiViews)PortalRuntime.getRuntimeResources().getService(IiViews.KEY);
  INewObjectDescriptor IVtoCreate =(INewObjectDescriptor) iViewSrv.instantiateDescriptor(CreateMethod.NEW,"par:/applications/com.sap.km.cm/components/navigation",request.getUser());
  IVtoCreate.putAttribute("com.sap.portal.navigation.invisible", true);
  the above method putAttribute is not apllicablt for (String,Boolean)\
  Please suggest as to how can I programmatically set an Iview Visible/Invisible .

  I think the property is com.sap.portal.navigation.Invisible with a capital I for invisible...
  This blog has an example: Hiding portal role content with a simple iView

• Restricting the IT0002 for user

  Hello,
  I am trying to restrict the infotype 0002 for certain group of users
  with same role.
  I took out Infotype 0002 from PORIGINCON Auth obj for Infotype field.
  When I login with test user and went back to PA20.
  I still can see the personal data information including Dob and SSCno.
  I also see message  "Data hidden by screen modifications
  Message no. RP014"
  Diagnosis
  This infotype contains data which is not displayed.
  In table T588M (Infotype Screen Control), you can enter screen fields which are to be suppressed. If one of these fields contains an entry, the system issues a warning.This has no effect on evaluations.
  How can restrict the Infotypes 0002 and 0000 ?
  Please advise.
  From,
  PT.

  in order to restrict access to IT0000 & IT0002 you have a look at the P_ORGINCON objects as Auke has mentioned above. 
  the message you see has to do with usergroup specific settings. for example the information you see in IT0002 may differ per country and therefore you can set the different fields to be seen in the infotype in T588M per usergroup (UGR parameter).

• How to restrict the FBL5N (user wise restriction)

  Hi experts
  I want to restrict the FBL5N TCODE user wise.
  In FBL5N one parameter is there Serch Help ID In serch help id when we select Customers per sales group
  we see Sales office and Sales group .If we select sales grop and execute it report gives op under sales group.
  My requirment is restrict the sales group or sales office for user wise.(if 5 sales office and 3 user id is there then,i want to give one user id for 2 sales office  and if enter another sales office then he cant show the data)
  THANKS
  AJAY.

  Hi Ajay,
  I am not quite sure if it is recommended to tweak standard elementary search help. However, I would suggest you to create your own search help and attach it to the standard collective search help as an append search help.
  You can write what so ever logic the business demands in that custom search help exit there by restricting the entries that gets displayed as a result of value help.
  Hope this gives you a brief idea on how to proceed.
  Regards,
  Hemanth

• Restricting the user

  Hi Experts ,
  We have restricted the direct login through ssh for some users in solaris server. There is one user called "admin". This user password should know only our team members. But some body other than our team able to know the password and accessing the admin user.
  My question is, the user "admin" should only access by our team members only. How it is possible.
  My advance thanks to your valauble suggestion.
  Regards,
  R. Rajesh Kannan

  Assuming Ive understood the question.
  Set up a separate account for each person and an admin account
  If you a DenyUsers admin line to /etc/sshd_config then you will not be able to ssh in directly as admin.
  You will need to ssh in as your user account then su to admin.
  So even if you know the admin password it doesnt do you any good unless you know a normal user password as well.
  And if someone does use admin inappropriately the logs should show what normal account they came from.

• Restrict the no. of rows entered in select-options

  Dear ABAPers,
  I have used CALL FUNCTION 'SELECT_OPTIONS_RESTRICT' to only allow user key in single value. The field is BUKRS(Company Code). Can I restrict the number of company code entered by user in this select-option? Please advise.
  Thanks in advance.
  Best Regards,
  Hikaruno

  Sure, just do a check in the AT SELECTION-SCREEN event.
  at selection-screen.
  data: lines type i.
  describe table s_bukrs lines lines.
  if lines > 10.
    message e001(00) with 'More than 10 entries'.
  endif.
  Regards,
  RIch Heilman

• Unable to assign all security roles to a user with a new custom security role

  Dear All,
  Happy New Year.!
  I have a query regarding the assignment of Security Roles to new users in CRM. Normally we assign the security roles to new users via an Admin user who has 'System Administrator' security role assigned to him/her. This works perfectly fine, and we can assign
  any desired security role to the new user.
  However, in our case, we need to delegate the user creation rights to some of the client partners. We do not want to give them access to all the Administration functions; hence we created a new Security Role, lets say 'Support User Role'. We have provided
  'Create', 'Append', 'Append To', and 'Assign' rights on 'User' entity for this new security role. With this security role, we are able to create new users now, but we are only able to assign 'Agent' security role, not any other security roles.
  For example, if user 'x' has Security Role defined as 'Support User Role'. If 'x' tries to add a new user 'y', then 'x' is only able to assign 'Agent' security role to 'y', but not any other security role. As per business requirement, 'x' should be able
  to assign some other security roles, including 'Support User Role', to new user 'y'.
  I believe that there is something missing in Security Role configuration, which is causing the above problem. We compared both 'Support User Role' and 'System Administrator' security roles, but not able to figure out which minimum rights we can provide to
  'Support User Role' so that users with this security role can only add new users (with any security role), and that they are not having access on any other Administration features as well.
  Appreciate any help that you can provide on the above issue.
  Thanks in anticipation.

  Hi,
  Can you check if you have organization level Read access for Securitity Role and Organization level Assign access for Security role.
  Refer:-
  http://www.magnetismsolutions.com/blog/paulnieuwelaar/2013/04/22/permissions-required-to-manage-roles-in-dynamics-crm-2011
  Hope this helps!!!
  Thanks,
  Prasad
  Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question

• Restrict number of concurrent programs running by one user.

  Hello,
  How can I restrict whole number of concurrent programs running by one user?

  Hi
  I am not sure if I understand the question correctly, but if you are asking what I think you are asking, then you can restrict the number of simultaneous concurrent jobs that a user is allowed to run with this profile option;
  "Concurrent:Active Request Limit"
  I recommend that you set this at the User level and not the Site level since this parameter has caused problems for me in the past (certain types of transactions submit a batch of concurrent jobs, and if all the jobs are not able to start at the same time then the concurrent jobs go into a pending state and never complete. I have not worked out why this happens, so I just stopped restricting the number of concurrent jobs that a user could run).
  Frank