1. Categories >> Software >> ERP CRM >> SAP >> SAP Security
  2. Suggest New Category

In an environment of derived roles ; a user is asking for a
t-code ; which is not found in suim in search of roles ?
what will u do ?

Question Posted / gaurav

Answer Posted / gaurav

1> You'll need to check if the transaction that is being
requested is available in the system i.e if it exists or
not. You'll have to check this thru transaction SE93.
[If not then the ABAP team needs to get this transaction
coded into the system]

2> If transaction does exists and if you are not able to
find this in any production/ end user roles, then you'll
have to see if you can find any ViewName/ Table Name linked
to this transaction [this would be on the same screen i.e.
SE93 at the bottom]

3> If a ViewName is available then this means that this new
transaction will be interacting with the table you found
and hence the object S_TABU_DIS and SU24 change will come
into picture.

4> You then need to take a trace yourself in Development
system by executing this transaction and check the trace
report for the activities that show up.
[Note: Remember to undo whatever you have saved]

5> Take appropriate approval for role modification as per
process you follow in your organization.

6> Make SU24/ role changes in development system and have
these changes moved till Quality or Fix system for testing
purpose. Create test ID's accordingly.

7> If testing fails, get SU53 report and redo analysis. If
testing is successful create production/ end user roles,
make a TP request and get your changes moved till
production system.

Is This Answer Correct ?    7 Yes 3 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

Which transaction should not be given to BASIS and DEV team in Production?

2026

Explain sap system transactions?

787

Explain secure store and forward?

714

What does the pfcg_time_dependency clean up?

904

What does user compare do?

822




how do i go on about Developing,maintaining,and implementing a mitigating control strategy and provide SAP authorisations support to users? Please help

2109

What is the difference between role and a profile?

845

what is use of copy data in derived role and when we use this one ???

1422

what is analysis authorization in sap bi and how to create analysis authorization in sap bi?

1139

how we Designed security solution for FI, FM, MM, QM, PM, PS, HR (Time Entry, Travel) modules

2106

Can you explain sap system transactions?

764

what is authorization object and authorization object class?

861

What authorization are required to create and maintain user master records?

767

What is the Functionality difference between ECC 5 and ECC6? i.e. new functionality in ECC6 which is not in ECC 5.

4100

authorization issue. We had asssigned company codes 'BUKRS' in range for example 4000-4220 some come company code is working some are not working means in between ranges . could you please post the answer as early as possible.

2852