cancel
Showing results for 
Search instead for 
Did you mean: 

Transport request owner should not allow to import on production

Former Member
0 Kudos

Hi All,

I am from Basis, and i have authorization to import the TRs on dev,qas and prod. My requirement is, if i create any TR on dev with my user, production system should not allow to import the same TR with my user id, because as per our audit team TR owner and user who imported on PRD should not be the same.

Could some one please suggest to configure this.

Thanks in advance,

Regards,

Suresh Babu

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi All,

can someone please help me..i am clue less on this.

Regards,

Suresh Babu

Former Member
0 Kudos

Hi All,

Thank you for all your replies/suggestions so far,.

My requirement got resolved by adding the below code to the function module TMS_TP_IMPORT_CHECK_AUTHORITY at the end.

   if sy-subrc <> 0.

        message e211 raising permission_denied.

    endif.

  endif.

   if sy-subrc <> 0.

        message e211 raising permission_denied.

    endif.

  endif.

*{   INSERT         DSAK900148                                        1

* Forbid import in own requests in production system (SOx)

  if iv_own_request = 'X' and iv_command = gc_tp_import and sy-sysid = 'PSA'.

     message e211 raising permission_denied.

  endif.

*}   INSERT


endfunction.

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi

you have to tweak with Authorizations only

do the following if it suits your requirement


1. Make one common ID which for BASIS team only. and you use that ID to do the transport in production . and make sure no other User id has STMS authorisation .


in our landscape we also do have this Audit requirement . and we came up with this solution.


we are closely monitoring activity done by that ID.and also generating report every week about acitivity done by that ID.


Regards

Dishant pathak

former_member183424
Active Contributor
0 Kudos

As of my knowledge, there are no standard workaround for that.

You can use the authorization matrix, but with authorization matrix either you will allow to transport TR or not.

if you have authorization for TR transport (T-code STMS), then you can transport any TR.

Former Member
0 Kudos

Dear All,

Any suggestions on this please...

Regards,

Suresh Babu

ACE-SAP
Active Contributor
0 Kudos

Hi

Check if the solution proposed by

Former Member
0 Kudos

Thank you Yves for your reply, but its not relevant to my requirement.

Regards,

Suresh Babu