Answer / hasnul_amrie

There's no way you can restrict one report via SA38. Because
for SA38, there's only S_PROGRAM authorization object check.
And under this object only have two fields P_ACTION (submit,
variant, bckground) and P_GROUP (program auth group).

Next, there are several ways depends on the organization
choice.

01. call a report via report tree.
02. use SE93 to create customize tcode:
a) via 'transaction with value' where we use SA38 screen as
inheritance. We have option to hide SA38 screen to avoid
user running other program.
b) via 'transaction with value' where we use START_REPORT to
call program it self.

Answer / ratnadeepika

Hey guys , One more solution is there .

Go to SE93 ...create a new tcode for eg : ZSA38 .

with the option Transaction with parameters option ...

In the main screen Tcode field give SA38 as tcode ...and u
will find 'DEFAULT VALUES" ...Add the entry
Name of the screen field : RS38M-PROGRAMM
Value : RSUSr003 save . If u want u can add some more
values .

Give this Tcode access to the user u want to restrict .

Try it and let me know if u are facing any problems . Mail
me for screenshots .

Answer / naveen kumar

you have to create a new role
with tcode SE38 and in authorization object S_DEVELOP the
activities DEVCLASS '*'
OBTYPE '*'
OBNAME ' RSUSR003'
p_group '*'
activity '03'

and assign it to the userid

Answer / shnmk

We can assign particular reports through role...
Using PFCG transaction > go to menu tab > click on reports and select the particular report then click on ok..
then generate the role and go to user tab and enter the user name in user field click on complete comparison in user tab ....then automatically user can access those reports ...

hou can i assign a same role to 200 users ?

4 Answers   IBM,

---

What transactions can be assigned for all the users ?

6 Answers   Accenture,

---

Can you explain internet-level security?

0 Answers  

---

You wan to transport user groups from transaction sugr? Would this impact the groups tab in su01? What would you do?

0 Answers  

---

What does SAP recommend regarding the RFC naming convention?

3 Answers   TCS,

---

How do i display users with SAP_ALL roles.

2 Answers  

---

What is sap’s grc?

0 Answers  

---

HI FRIENDS... I WANT TO KNOW FEW TICKETS ON SECURITY WITH SOLUTION.

0 Answers  

---

This is in continuataion to the previous question. a user is assigned with tcode SA38.how to restrict him to execute only a few reports,say rsusr003.If you're going to modify the role(having sa38) assigned to the user,that will affect other users also because that role might be assigned to multiple users.I don' want that to happen.so what is the solution?

5 Answers   iGate,

---

what is the difference between copied and derived role?

4 Answers   IBM, Intelligroup,

---

how to lock the client?

3 Answers   IBM,

---

Through CTS how we come to know the Role?

1 Answers   IBM,

---