Answer Posted / nakulsn

If you go via Tables, it will pull data for roles that are
expired in user master.

Therefore, the best way is to go to SUIM -> Users by complex
selection criteria: put in the list of users in user ID
field, through multiple selection.

In one of the authorization object fields on that screen,
put in s_tcode, hit enter and execute blank.

This will get the list of all executable transactions for users.

You can pull through tables, all the roles assigned to those
users through multiple selection, then put in the list of
roles in AGR_1251 with Object as s_tcode and field name tcd.

Before pulling this data from AGR_1251, you'll need to
filter out the roles for which the validity is already
expired in user master of these user IDs.

What is use of derived roles?

1249

---

HI FRIENDS..... CAN ANY ONE GIVE BRIEF EXPLAIN ABOUT PAM & QUICK SIZER

2085

---

explain the personalization tab within a role?

1386

---

what is the use of defaults tab in start menu

1895

---

Explain document transfer-level security?

1134

---

How to add custon t-code to a role and how to find the auth obj of custom t-code.if the custom t-code doesnt have auth obj, will you save and generate the role?

1185

---

what is the main difference between the derived role and a single role?

1150

---

What are the upgrades happened in GRC 5.3 from GRC 5.2?

4208

---

Explain network topology in sap systems?

1092

---

Authorization check on s_btch_job failed. What would happen now?

1216

---

Can you explain snc in sap security?

1169

---

Can you explain secure store and forward?

1054

---

what is the process to find that one consultant had removed a table from sap tables

2537

---

the company needs to expand its region to another country which the same authorizations had previously what approach you will take

2369

---

User is not there in User master record. Then how to trace the user?

1474

---