Question: hi everyone,
i am looking to secure IT0002 in such a way that would prevent non-HR users with access to the HR data for financial purposes to view parts of the information in IT0002. Unfortunately I cannot just give them access to IT0002 as this contains a few private information such as (SSN, DOB).
Is there a way to secure this infotype, without using customization, so that these users can get access to the information in IT0002 but not the SSN or DOB? Can we mask certain fields within the infotype and do this within a security role?
Thanks in advance for your help!
Answer:
I'm not usre if this is much help, but we use IT0002 only for name information. We keep DOB under Infotype 0041, we don't have SSN in NZ.
IT0002 has no subtypes so we decided that restriction was unlikely and that's why we stored more personal information under other infotypes.
_________________
Sandi
~~~~
Apparently Father Christmas, the Easter Bunny, the Tooth Fairy and Star Wars aren't real
Tuly kiwi.
Answer:
You should be able to acomodate this through HR configuration in the screen modifications using the feature to determine screen controll. If you cannot make the determination based on the fields available in the feature, a ABAP program can be called from the feature to return the variable key which is used to determine the screen and attributes the user sees.
Answer:
would the HR configuration in the screen modifications allow certain groups of users to view the SSN and DOB information and restrict the view of data to non-HR users that require access to the other data in IT0002? As I'm not sure how I would go about using the ABAP code to secure access to view the SSN and DOB data to only HR users, could you elaborate on that idea a little further. Thanks!
swright, thanks for the reply. unfortunatley, that would only solve one part of my problem as they would still be able to see SSN (social security numbers) via IT0002.
Answer:
HI
I suggest you use transaction varient (SHD1) to keep the fields
you want the users to see and hide the one you do not
want the users to see in IT0002.
regards
massoud
Answer:
If you cannot determine which screen to assign to the user based on some personnel data of the user (subarea, subgroup, organization, etc.), you could create a authorization object and give it to the HR users, then the abap could check the the user for this object to determine which screen controll is assigned.
Answer:
hi,
The way we have secure IT0002 for SSN and birthday(Also begda) is that with transaction PA20 we have made hidden theese fields. Also in the P_ORGIN for accesing in display, no one has M (matchcode) for authorization level.
Og course, for people that have access to PA30(Maintain), theese fields are not hidden.
How to Earn Rs.25000 every month in internet without Investment?
HR Secuirty - Securing IT0002
Labels:
Sap HR - Faqs
Subscribe to:
Post Comments (Atom)
topics
-
▼
2007
(1406)
-
▼
November
(1359)
- Free Download SAP FI Certification study pdf books
- Implementing SAP R/3 on OS/400
- Update SAP Kernel in UNIX based
- Security Audit Log (BC-SEC).pdf
- Security Audit Log.pdf
- Securities,pdf
- Secure Store & Forward / Digital Signatures (BC-SE...
- Secure Network Communications (BC-SEC-SNC)
- Free download use ful T-codes
- I did not find any OSS notes appropriate for my pr...
- How to apply OSS notes number?
- What is OSS Notes number?
- Where can i access SAP OSS?
- WHAT IS OSS
- Disaster Recovery Plan to Restore Production System
- Steps to Install SAP Note in sap
- Difference Between SAP Notes and Support Package
- Question : Subject : Support packages testing
- Five Different "User Type"
- How to solve the Time Zone Definition Problems?
- Setting the User Decimals Format
- Schedule Manager
- Various Important SAP Basis T-Code
- Trace Functions in sap
- System Trace: Error Analysis in sap
- System Trace(ST01) in sap
- Roles and Authorizations Used in Background Proces...
- Deleting Multiple Spool Requests Simultaneously in...
- Logging and Tracing in spool
- Print and Output Management in spool
- Background Job Monitoring Monitor in CCMS
- Monitoring the Database Using the Alert Monitor
- Monitoring the Operating System Using the Alert Mo...
- Monitoring Memory Management Using the Alert Monitor
- Method Dispatching Monitor in CCMS
- Remote Application Server Status Monitor in CCMS
- GRMG Self-Monitoring Monitor in CCMS
- CCMS Selfmonitoring Monitor for System-Wide Data i...
- Logfile Monitoring Monitor in CCMS
- Logon Load Balancing Monitor in CCMS
- Transaction-Specific Dialog Monitor in CCMS
- Workload Collector Monitor in CCMS
- System Errors Monitor in CCMS
- System Configuration Monitor in CCMS
- Syslog Monitor in CCMS
- Spool System Monitor in CCMS
- Security Monitor in CCMS
- Performance Overview Monitor in CCMS
- Operating System Monitor in CCMS
- Filesystems Monitor in CCMS
- Entire System Monitor in CCMS
- Monitoring the Enqueue Service in CCMS
- Dialog per Application Server Monitor in CCMS
- Dialog Overview Monitor in CCMS
- Database Monitor in CCMS
- Transactional RFC and Queued RFC Monitor in CCMS
- Communications Monitor in CCMS
- Buffers Monitor in CCMS
- Background Job Monitoring Monitor(CCMS)
- Background Processing Monitor(CCMS)
- Availability and Performance Overview Monitor (CCMS)
- SAP CCMS Monitor Templates Monitor Set
- Creating and Changing a Monitoring Pause(CCMS)
- Creating and Changing Monitoring Rules(CCMS)
- Configuring Availability Monitoring(CCMS)
- Update Repositories(CCMS)
- Displaying Central Performance History Reports(CCMS)
- Displaying Report Properties
- Scheduling and Executing a Report
- Variables in Group Names
- Creating a Report Definition(CCMS)
- Maintaining Collection and Reorganization Schemata...
- Maintaining Collection and Reorganization Schemata...
- Creating and Editing a Calendar Schema(CCMS)
- Creating and Editing a Day Schema
- Customizing the Alert Monitor(CCMS)
- Resetting MTEs and Alerts(CCMS)
- Reorganizing Completed Alerts(CCMS)
- Display Completed Alerts(CCMS)
- Automatically Complete Alerts(CCMS)
- Completing Alerts(CCMS)
- Starting Methods (CCMS)
- Processing Alerts(CCMS_
- Displaying the Technical View: Central Performance...
- Displaying the Technical View: Threshold Values(CCMS)
- Displaying the Technical View: Status Autoreaction...
- Displaying the Technical View: Status Data Collector
- Displaying the Technical View: Method Allocation
- Displaying the Technical View: Info on MTE
- Display Types and Views of the Alert Monitor(CCMS)
- Properties of Status Attributes (CCMS)
- Properties of Performance Attributes(CCMS)
- Properties of Log Attributes (CCMS)
- General Properties of Monitoring Tree Elements(CCMS)
- Properties of Monitoring Objects and Attributes
- Elements of the Alert Monitoring Tree
- Alert Monitoring Tree(CCMS)
- Monitors(CCMS)
- Monitor Sets (CCMS)
- Elements of the Alert Monitor (CCMS)
-
▼
November
(1359)
No comments:
Post a Comment