This website is not affiliated with, sponsored by, or approved by SAP AG.

Restricting access to transaction in composite role

SAP Security

Moderators: Snowy, thx4allthefish, jurjen

Restricting access to transaction in composite role

Postby kothapallymahesh » Wed Jul 11, 2012 10:30 pm

Can we restrict transaction access which comes from single role ( ZC ( C omposite role ) = ZS1 ( Single role 1)+ ZS2 + ZS3 ) included in composite role ZC, BY restricting transaction access with some Auth Object please advise? Is there a way we can restrict user access with some ABAP code or table maintained. Customer don't want to create or modify existing roles.

Mahesh
kothapallymahesh
 
Posts: 1
Joined: Wed Jul 11, 2012 10:01 pm

Re: Restricting access to transaction in composite role

Postby jurjen » Thu Jul 12, 2012 8:05 am

The answer is no.
Look at roles/profiles as if they are a keyring the user has to move around in the building. You cannot revoke any kind of access by adding keys...
jurjen
 
Posts: 298
Joined: Wed May 17, 2006 8:17 am
Location: The Netherlands

Re: Restricting access to transaction in composite role

Postby Gary Morris » Thu Aug 02, 2012 11:42 am

You can lock the tcode in SM01 but it will be locked for everyone.
Gary Morris
SAP Security Consultant
garydavidmorris@gmail.com
Gary Morris
 
Posts: 399
Joined: Sun Oct 20, 2002 10:42 pm
Location: San Antonio, Texas


Return to SAP Security

Who is online

Users browsing this forum: No registered users and 4 guests





loading...


This website is not affiliated with, sponsored by, or approved by SAP AG.