What is the impact of changing the SU24 objects for a t-
code Check ndicator from "No" to "Yes" and "Yes" to "No" ?
Answers were Sorted based on User's Feedback
Answer / vasu.g
Hi Gaurav,
when ever the T-Code is assigned/added to role
it is going to pullout the authorization objects which are
maintained as Yes in SU24.
for your query if you set the value of the object from "No"
to "yes" then the object will be pulledout and you can
maintain the values in PFCG, when you add this T-Code to
any Role.
if you change the value of the object from "Yes" to "No"
the authorization objects will not be pulledout.
Hope This is da Answer you was Expecting!!!!
Is This Answer Correct ? | 4 Yes | 0 No |
Answer / sreedhar
su24 displays the value of usobx_c and usobt_c of the tables. And whenever you change to yes to the particular object that will appear in the authorization maintainence screen and if no you will not be able to see the particular object in the authorization object.
Is This Answer Correct ? | 4 Yes | 1 No |
Answer / asia
Question itself is wrong, proposal can be set to yes or no,
check indicator's value can be X, Y or N.
Is This Answer Correct ? | 3 Yes | 0 No |
Answer / bvdb
When a user starts a transaction code, the AS will start to
process the ABAP code associated with it. If the AS finds
an AUTHORITY-CHECK statement in the source code, it will
check table USOBX_C to see if the function AUTHORITY-CHECK
has to be peformed or not.
If the check indicator is set on "Check", AUTHORITY-CHECK
will be performed.
If the check indicator is set on "Do Not Check", AUTHORITY-
CHECK will not be performed and return code RC = 0 (check
passed) will be logged.
Is This Answer Correct ? | 2 Yes | 0 No |
Please could you read the question once again guys. I need
technical rreason how this change makes impace in
background process. Adding more to ur response, you have
told about proposal column, i want to know about check
indicator column, how it impacts the auth-check when we
change it from yes to no.
Is This Answer Correct ? | 0 Yes | 0 No |
Answer / mj
N = Do not check; X = Always check; Y = Check + USOBT entry
The flag indicates how the system is to deal with the
authorization object (new mode) for an authorization check.
Value 'N' Authorization object is not checked when the
transaction is called.
Value 'Y' Authorization object is checked when the
transaction is called. The values for the fields of the
authorization object must also be maintained in table USOBT
for the profile generator.
Value 'X' Authorization object is checked, but the field
values are not specified in table USOBT for the profile
generator.
Value (SPACE) A valid flag ('N', 'X', or 'Y') has not yet
been assigned to the authorization object.
Is This Answer Correct ? | 0 Yes | 0 No |
Answer / sky fly
No -> yes
changed auth. objects 'are now included in the affected
roles.if any field does not have a value in the role, then
authority check for the user will fail.
Yes -> No
changed auth. objects are now removed from the affected
roles. there will be no failure of authority check.
Is This Answer Correct ? | 0 Yes | 0 No |
Answer / sanjay
Asia,
Everyone understood the question and replied accordingly except you. Words are changed but meaning is not.
Is This Answer Correct ? | 0 Yes | 0 No |
how do we create firefigter Id in VIRSAs VRAT
Some User has made changes to Tables in SAP. How to identify that user?
What is difference between BW and BI Security?
In SU53 screenshot , there are missing authorization. How you come to know that these are the relevant Roles in which we have to add these objects? Decision not SUIM
By which parameter number of entries are controlled in the user buffer?
How many transactions codes can be assigned to a role?
how do you add sap_all and sap_new in a role?
What is difference between two sentences 1: " Using SUGR we allocate user to group ". 2: " In SU01 in Logon data we assign user to group " So, What is assigning and allocating ?
What are major changes happened in GRC 10 compared to that GRC 5.3?
in my production system there are some 20 roles created in the production system itself without following the standard procedure of creating in dev testing it qas and then moving it to prd.so how do you find out all the roles created in prd system?
I create one BRF+ rule and captured in TR while releasing TR , I am getting error , WHy?
what is the main differene between roe and profile?