06-16-2007 12:43 PM
Hi,
I got a requirement from user that they want to execute SE37 in production but they don't have the authorization. i think a resolution is to write a report to do that.
but how would that work? i doubt 'call transaction 'se37'' won't work, right? i also tried to investigate the source code of SE37, but it's too 'deep'. any suggestion on this?
Thanks for help.
Legend.
07-03-2007 9:09 PM
The only reason why someone needs SE37 access in production is when SAP suggests it to correct some issue (like COPA segments not properly generated). But in such exceptional cases, users can always request one time access to execute a function module in SE37 or have it executed by someone who has access. But what I don't understand is why someone would want this access on an ongoing basis. You cannot bypass SE37 as there will authorization checks within the code if you can execute the function module or not.
06-16-2007 12:47 PM
Legend,
I don't see any point why the END USER wants to use SE37.End User shouldn't be allowed to use this transaction.
K.Kiran.
06-16-2007 1:32 PM
Hi legend li,
I'm afraid 'call transaction 'se37' will do the trick - look at function module C160_TRANSACTION_CALL which allows you to use any unathorized tranaction if you are allowed to use SE37...
As you see, this (together) will open a backdoor you will not get under control again.
So it will be better to check the requirement in business terms and find a clean solution.
OK, I know: People responsible for business are frequently unable to explain their real needs
Regards,
Clemens
07-03-2007 9:03 PM
Thanks for all your help.
It's only required to input and output simple data, so I used 'call function' to execute that FM within my report.
07-03-2007 9:09 PM
The only reason why someone needs SE37 access in production is when SAP suggests it to correct some issue (like COPA segments not properly generated). But in such exceptional cases, users can always request one time access to execute a function module in SE37 or have it executed by someone who has access. But what I don't understand is why someone would want this access on an ongoing basis. You cannot bypass SE37 as there will authorization checks within the code if you can execute the function module or not.