Question:
Hello,
I want to avoid to the customizing users, to modify data on master and transactional tables.
I'm thinking in restirct with it with the object S_TABU_DIS, and in the field DICBERCLS(Authorization group), put
only the values of the Authorization group of the customizing tables(table TDDAT have those authorization values
for the tables). The problem is that certain customizing tables has the same authorization value, that
master/transactional tables. For example table KEKO(that cotains application data) has the same uthorization
value(CA) that TCA41(that cotains customizing data).
Does anyone know how to allow custumizing but not modify master/transactional data ??
Regards
Answer:
If SAP has not set the table mainteance feature for a table you are waisting your time trying to control access to a master data and application tables. THey are not modifiable with SM30 ( or its equivalent) and even if the user have S_TABU_DIS and the auth group you assign to the table with SUCU or SE54, they could not maintian it.
Application data and Master data is access via transaction codes and there are many tables that house the data not just one.
_________________
John A. Jarboe
Answer:
Regards if a table has not set the table mainteance turned on, you can update that tables with a maintance view.
Answer:
Yes, but to SAP you are not maintaining the base table you are maintiing the Maintenance view. If it is an SAP maintenance view then you add/change the auth group on the maintenance view table nad or the underlying tables using SUCU or SE54. Also look for the tcode SAP uses to access the tables ( table TSTCP is a start)
If they are customer maintenance views, You should not be creating maintenacne views to application tables. If you do then you need to add all the logic in the transactions designed to maintian the table to ensure the integrity of the data. If not SAP will not support your system.
_________________
John A. Jarboe