cancel
Showing results for 
Search instead for 
Did you mean: 

Auth object to view Master data

Former Member
0 Kudos

Hi,

In our Production enviroment, few master data characteristics were made as reportable. And roles were created to restrict all users except one for performing 'Manage' option on these master data characteristics.

But still, few of the users (and not all) are able to 'right-click' on these characterisitics and select 'Manage' option.

I also do not have authorization to do 'Manage'. So I compared my roles with these users (who still can do) and found that they have only couple of extra roles more than mine. But all these extra roles are just reporting roles.

My doubt is, which authorization object lets users to perform 'Manage' activity on master data objects made as reportable.... is it S_RS_IOMAD ?

Confusion is... their IDs also get same message in SU53 as mine... about authorization check failure !!

Any idea... what is still giving them authorization to view/manage master data.

Regards,

Vikrant.

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi Vikrant,

Try this:

Check S_RS_ADMWB authorization object.

Activity = 03, 16.

Adm workbench object = INFOOBJECT, WORKBENCH.

These setting should prevent from viewing master data.

Or as you suggested, use S_RS_IOMAD.

Best regards,

Eugene

Message was edited by: Eugene Khusainov