Skip to Content
0
Former Member
May 05, 2009 at 12:22 PM

S_DATASET to be restricted. Generic role to be modified.

1311 Views

Hello All,

Authorisation object S_DATASET needs to be restricted to view files only under directory /interface/ehs/.

through field FILENAME.

I have to restrict two roles for which S_DATASET is maintained as mentioned below.

1) Role 1

S_DATASET Authorization for file access

ACTVT 06, 33, 34, A6, A7

FILENAME *

PROGRAM *

2) Role 2

S_DATASET Authorization for file access

ACTVT 33, 34

FILENAME *

PROGRAM RSSO, SAPFSSO, SAPLSO, SAPLSW, SAPLSWT1

FILENAME needs to be restricted to something like this

FILENAME /interfaces/ehs/. such that files only under directory the specified directory can be viewed.

Can anyone please let me know the implication of restricting filename as mentioned above.

Note :The two roles mentioned above are the generic roles and are present in many composite jobs(almost every composite job).

hence any changes mentioned as above will affect large number of jobs and hence significant users will be affected.