Skip to Content

authorisation to execute report from SE38

hi,

we want user to only execute report 'ZABC" only in the system. i know we can restrict this by giving S_DEVELOP with PROG and actvt 03 and 16 and program name as object name. But my security team is not comfortable with giving S_DEVELOP. is there any authorisation object that we can use to restritct user run only specific report.

thanks,

sankar.

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

3 Answers

  • Best Answer
    Nov 05, 2015 at 11:34 AM

    Create a new transaction code for this report, and don't give them SE38 or S_DEVELOP at all.

    Steve.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 05, 2015 at 11:33 AM

    S_program

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 05, 2015 at 01:50 PM

    Sankar,

    I completely agree with Steve's recommendation, and to add on to that, going forward I strongly suggest security code reviews, or at a minimum, getting input from someone in the organization who has a solid grasp of the authorization concept and controls in SAP, before the security model and controls environment is compromised by developers who understand neither. If there is no such person on the project/ on staff, training and/or hiring is in order.

    Gretchen

    Add comment
    10|10000 characters needed characters exceeded