topic Re: SU22 documentation in Application Development and Automation Discussions

SU22 documentation

Former Member — Fri, 22 Aug 2008 15:34:40 GMT

Hello,

Does anyone have a link to a detailed documentation on SU22? I would like to find out how to read the following outputs. I have the following questions and I was hoping that reading the documentation will help:

Do all of the objects listed below need to be granted in order to change posting periods?

Table TSTCA shows that OB52 requires auth objects S_TABU_DIS with fields ACTVT=02 and DICBERCLS=FC31? Should not this be sufficient and why SU22 shows all these additional objects?

If all the objects below are required by transaction OB52, why fields and required values are not displayed by SU22 (with the exception of S_TABU_DIS)?

|U N C CM Check ID |Object |ObjectDescription

|. . . Check |S_CTS_ADMI |Administration Functions in Change and Transport System

|. . . Check |S_DEVELOP |ABAP Workbench

|. . . Check |S_DOKU_AUT |SE61 Documentation Maintenance Authorization

|. . . Check |S_PROJECT |Project Management: Project authorization

|. . . Check/maintain |S_TABU_DIS |Table Maintenance (via standard tools such as SM30)

|. . . Check |S_TCODE |Transaction Code Check at Transaction Start

. . . Check

S_TRANSLAT

Translation environment authorization object

Transaction OB52 C FI Maintain Table T001B

Check indicator Object ObjectDescription

Check S_CTS_ADMI Administration Functions in Change and Transport System

Check S_DEVELOP ABAP Workbench

Check S_DOKU_AUT SE61 Documentation Maintenance Authorization

Check S_PROJECT Project Management: Project authorization

Check/maintain S_TABU_DIS Table Maintenance (via standard tools such as SM30)

Fld

Val.from

Val. to

ACTVT

DICBERCLS

FC31

Check S_TCODE Transaction Code Check at Transaction Start

Check S_TRANSLAT Translation environment authorization object

Many thanks!

Martin

Re: SU22 documentation

Former Member — Sun, 24 Aug 2008 02:33:14 GMT

SU22 contains values present in tables USOBT and USOBX tables.

When a t-code is executed, the t-code checks for many authorization objects with their respective values depending upon the event.

Just imagine the state of security if all the objects that were checked were present in USOBT and USOBX tables and subsequently transferred to USOBT_C and USOBX_C through SU25.There would be no security at all as everyone who would have access to such t-codes could do everything associated with that t-code. Thats why some very critical objects are only checked and not check-maintained. They can be manually added to certain roles depending upon the position. May be that is the reason why S_CTS_ADMI and S_DEVELOP are not maintained for OB52.

I am not infront of the system, but if I am not wrong for pfcg, S_AGR_USER auth object doesnot have * value check-maintained.

Re: SU22 documentation

Former Member — Sun, 24 Aug 2008 07:08:16 GMT

>Table TSTCA shows that OB52 requires auth objects S_TABU_DIS with fields ACTVT=02 and DICBERCLS=FC31? Should not this be sufficient and why SU22 shows all these additional objects?

This is to tell you that OB52 does need S_TABU_DIS... (so Check/Maintain indicator) but also has the ability if used in a certain way (see the menus) to do more than just change the posting periods (so the Check indicator is set as information) - however to be able to use the menu in a certain way, the authority for it should come from a different transaction (so, one which has S_DEVELOP as a Check/Maintain indicator).

In higher releases, Chech/Maintain is now called "Proposal"...

The most important documentation on SU22 in my opinion, is that you should never change anything there. The correct approach is for SAP to change it and import the new settings via Support Packages. SU24 is the "customer equivalent" of Su22 and you can make changes there.

Cheers,

Julius

Re: SU22 documentation

Bernhard_SAP — Mon, 25 Aug 2008 07:07:25 GMT

Hi,

if you think, that some proposals are missing for OB52, please open a message at SAP at the component of OB52.....

b.rgds, Bernhard