SAP GUI script authorization cases

通用技能
#1

how to configure that user can not use sap gui script


To configure that a user cannot use SAP GUI Scripting, you can use the following steps:

  1. Go to transaction code SM30 (maintain table views).
  2. Enter the view name V_Users in the table/view field and click on Maintain.
  3. In the next screen, enter the user ID for which you want to restrict SAP GUI Scripting in the User ID field.
  4. In the Setting column, set the value to ‘N’ for the parameter name sapgui/user_scripting.
  5. Save the changes.
  6. If you want to globally disable SAP GUI Scripting, you can go to transaction code RZ11, enter the parameter name sapgui/user_scripting_set, and change its value to ‘FALSE’. This will disable scripting for all system users.

Note that disabling SAP GUI Scripting can help improve system security by preventing unauthorized access and manipulation of data through scripts. However, this may also limit some legitimate use cases where users may need to automate certain tasks. It’s important to carefully assess the impact of disabling SAP GUI Scripting before making these changes.

in sap GUI, how to forbid the function that right click exporting ALV content, what is the authorization objects?

To forbid the function of right-click exporting ALV (ABAP List Viewer) content in SAP GUI, you can use the authorization object S_ALV_LAYO (ALV Layout Authorizations). This authorization object controls various ALV layout functions, including the ability to export ALV content.

To restrict the right-click exporting function, you need to set the relevant authorization fields in the authorization object S_ALV_LAYO. The specific field for restricting the right-click export is ACTVT (Activity). You can set this field to ‘03’ (Display), ‘02’ (Change), or ‘01’ (Create) to control the level of access.

Setting ACTVT to ‘03’ will only allow users to display the ALV layout without export options. Setting it to ‘02’ or ‘01’ will enable the export function, allowing users to export ALV content.

Please note that making changes to authorization objects requires appropriate authorization and system administration privileges. It’s recommended to consult with your SAP administrator or security team to correctly configure authorization objects based on your specific requirements and user roles.