Skip to Content
avatar image
Former Member

How to create user group for Security Admin in BODS

Hello

Is there any way we can create a group for Security administrator just to have access for user admininstration and group administration in BODS ? If yes, can I know how ?

Regards,

Preethi

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • avatar image
    Former Member
    Mar 03, 2017 at 12:31 AM

    I assume you mean users accessing the backend system from /BODS/.

    You will have to assign them to an SU01 group called BODS in the backend and give the admin access to that group only. All other users must be restricted to at least a DUMMY group if they are not in any other group.

    But this has limitations because you can only have 1 group per user which is auth relevant... so you have two tweak options:

    1) Use a naming convention in the 1 user group assigned but it is checked from left to right in the field. So BODS* might not be able to depict what you want and is anyway too complicated to survive.

    2) Use the groups tab instead of the group field (logon data tab). Then create an own application which uses BAPI_USER_GET_DETAIL (or LIST) for the groups tab assigned to BODS (multiple entries possible) and then restrict the fields / roles / etc which the BODS admin can make changes to in your own application logic -> updates via BAPI_USER_CHANGE.

    (in the case of 2, the BODS admin must not have direct access to SU01, or SU10 or SU01_NAV etc nor the BAPIs via RFC -> only locally from your application as an entry point).

    Cheers,

    Julius

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Mar 08, 2017 at 10:59 AM

    Hi Julius,

    Thank you for the reply. No, my question was , how in the BODS portal we create groups and restrict access.We wanted to create a bods-security.pnggroup(role) for Security admins.

    Attached reply from Dirk in one of his BODS blog post posted in SDN helped:

    Regards,

    Preethi

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 26, 2017 at 11:04 AM

    via CMC? create a group and go through each application area to set permissions required

    Add comment
    10|10000 characters needed characters exceeded