on 09-05-2008 7:23 AM
Dear Basis Gurus,
Requirement: Authorization needs to be given to end-user to lock a particular user only. This has been done through pfcg and works perfectly for all the su01 options.
User is not allowed to create/copy/delete users. He is able to lock and unlock too.
But the only thing is that he is also able to change the password too. How do I stop this? Is there any authorization?
Thanks
M
Hi
From the tcode Se93 you can check the authorization object of the transaction and corresponding authorization related to that transaction.
From this you can take 05 from the authorization profile object to prevent any change of the passwords.
Kind Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
S_USER_GRP Activity ACTVT ---> If I dont select any value here, then the system does not allow the user to change the passowrd.
Moment I select only the value 05 here (that is LOCK), the user allows the user to both lock the users and also change the passwords. But he is not allowed to create/copy/delete. Strange!!!
Any tips here for allowing only LOCK to be functional ....
Thanks
M
hi there, you have to create or edit role and
give assign/ edit the authorization
02: Edit
03: Display
05: Lock or unlock user
06: Delete a user master record
08: Display user change records
thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Pls remove object value 02 form the user.
Anil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
99 | |
11 | |
10 | |
6 | |
5 | |
5 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.