topic Re: All Possible Values Field Authorization in Application Development and Automation Discussions

All Possible Values Field Authorization

Former Member — Tue, 10 Mar 2015 18:09:00 GMT

Hi everybody!

I need a view or SAP table where that view should has the following header:

MANDANT,

AUTHORIZATION OBJECT ,

FIELD,

VALUE

The data i want to see is about of all possible values of fields.

Y found a few tables:

TDDAT

DD04T

UST12

Thanks.

Re: All Possible Values Field Authorization

Colleen — Wed, 11 Mar 2015 08:39:48 GMT

What are you trying to achieve here? What do you intend to do with the table(s)? Are you trying to build a particular report?

Are you trying to look at role build (PFCG) or just authorisation definitions (what you see in SU20/SU21)?

Re: All Possible Values Field Authorization

former_member144617 — Thu, 19 Mar 2015 12:29:05 GMT

Hi,

Kindly use table UST12 and give your object ,then download the file in spreadsheet and remove the Auth,AKTS Column from your spreadsheet and then remove duplicates ,hope this will work for you.

Re: All Possible Values Field Authorization

Colleen — Thu, 19 Mar 2015 12:34:42 GMT

Hi Pranjal

As soon as you remove AUTH (and then remove duplicates) you corrupt your data and will get erroneous results.

For example, if you have a role with two authorisations with different combinations as below:

Auth 1 OBJECT_A ACTVT 01

ITEM A, B

Auth 2 OBJECT_A ACTVT 03,

ITEM C

You will end up with

OBJECT_A ACTVT 01, 03

ITEM A, B, C

Your data then implies that the roles has access to ACTVT 01 for ITEM C as well as ACTVT 03 for ITEM A, B. This is incorrect

Regards

Colleen

Re: All Possible Values Field Authorization

former_member185054 — Thu, 19 Mar 2015 12:53:48 GMT

USR02

Logon data

USR04

User master authorization (one row per user)

UST04

User profiles (multiple rows per user)

USR10

Authorisation profiles (i.e. &_SAP_ALL)

UST10C

Composit profiles (i.e. profile has sub profile)

USR11

Text for authorisation profiles

USR12

Authorisation values

USR13

Short text for authorisation

USR40

Table for illegal passwords

OBJT

Authorisation objetc table

Re: All Possible Values Field Authorization

OttoGold — Wed, 25 Mar 2015 13:27:22 GMT

Hi there,

why do you need this? Do you need this for roles? Or to see what the user has assigned? Why don't you go for one of the SUIM reports maybe? User's by selection criteria? It all depends on what you want to do. Your questions hints that you don't really know what you want or you know what you want but you are new to security so you don't structure your question in a way it is clear for us.

Maybe you could add a couple more details?

cheers Otto