Question:
Hi,
I have defined a default PID value for SAU field (authorization field for spool requests) in the user master records. With this in effect, the spool requests created by users will have the authorization field value defaulted from PID "SAU" in their respective master records.
However, I have noticed some generated spool requests where the authorization field is blank. Does anyone has any experience with this issue?
Grace
Answer:
Working as Designed...You are assuning all print requests go throght the same screen where SAU is retreived. They are not. So you will see spool requests without authorization groups.
Answer:
[quote="John A. Jarboe"]Working as Designed...You are assuning all print requests go throght the same screen where SAU is retreived. They are not. So you will see spool requests without authorization groups.[/quote]
Hi John,
Thanks for your comments. Are you aware of any workaround solutions to this issue. I need to auto populate the authorization field in every spool requests by taking the default value from SAU in the user master record.
Thanks.
Grace
Answer:
Hi john, Is there a better solution to this issue. I am trying to do same to restrict access to sensitive data
Answer:
I don't think this is the best solution for your requirements. Using PID means that users can change their defualt values, unless you remove SU3 (and other txns) and ensure that the screen field is set to display only, but this is often not realistic.
Another solution you can look at is coding an authority check statement or other logic into a user exit which would enable you to enforce control, but may cause other process issues for example why protect non sensitive documents?
The user exit is SPOOAUTH, txn SMOD.
Cheers
Peter
Answer:
The thing is i only want to protect sensitive data. Is there any other way round the problem?
Answer:
Sensitive data protection is the responsibility of the Owner and Producer NOT security. It is up to the person creating the output to put the appropriate control on it Just as it is the responsibility of the producer of a hard copy document to mark it Proprietary, Confidential, Private, etc.
There is NO WAY for you to determine what is sensitive data and not sensitive, the user is responsible for this. That is waht TRAINING is for.
Answer:
Thanks for that. now i go kill the auditor for making my life hell