topic Re: Table Access /protection ! in Application Development and Automation Discussions

Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:20:18 GMT

Hi,

I am in the process ofcleaning up the TABLE access roles.

1. The roles have the DICBERCLS as &N&,&NC&,0-O,KC,Q-Z

Question :

1.What does &N&,&NC&, mean ?

These are manually added.

How could I trim the Authorization here ?

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:26:33 GMT

hi,

&NC& provides access for the tables which are not defined under any Authorization Groups.

Rgds,

Ankur

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:30:11 GMT

George,

&NC& means tables without w/o auth. group.

Not sure what is &N& - from my understanding its a value which doesnt mean anything for the field DICBERCLS. May be a wrong entry.

Regards,

Muthu Kumaran KG

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:33:36 GMT

Thats tosay &NC& is like a * !

Well how do I interpret & ...& ?

Thanks

Re: Table Access /protection !

jurjen_heeck — Tue, 26 Feb 2008 21:37:18 GMT

> Thats tosay &NC& is like a * !

Not really because all tables that do belong to an authorization group are still excluded here.

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:38:30 GMT

Have a look @ SE54 for auth groups.

&NC& its been predefined in SAP and all the tables without any Auth Group fall under this category.

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:41:34 GMT

Have a look @ SE54 for auth groups.

&NC& its been predefined in SAP and all the tables without any Auth Group fall under this category.

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:47:36 GMT

Yes Iwent into SE54, yes ..&NC& Falls unders" tables that donto fallin any group"

Now,

How do I 1.

1. determine which table fall into which category

2.Which tables dont fallinto any category

3. How to put tables in a category ?

Thanks

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 21:59:30 GMT

SE55 will help you find which table belongs to which group. You can also change the assignment of Auth Groups here.

Which tables dont fall into category ?

Z tables for sure

I havent seen any SAP tables without Auth Group.

Regards,

Muthu Kumaran KG

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 22:05:21 GMT

SE54 and SE55 look alike !

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 22:14:56 GMT

Difference being SE55 picks the table name from SE54 table name field if there is value already and open the maintenance screen for that table.

Otherwise it opens up the SE54 screen, Enter table name and click on display or change.

Changing of some table Auth group relation will ask you for access key Ex : USORG

Thanks.

Note : This can be done @ the table also, TDDAT

Regards,

Muthu Kumaran KG

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 22:20:38 GMT

Ok..Agreed !

Now, I need to change the DICBERCLS of S_TABU_DIS....How do I determine which tables need to be assigned there ? i can say its the job of the functional guy..but I do want to knwo if he is doing the right thing ..one way would be to ST01 in QAS system on the Table access ....what else can you think of ?

Re: Table Access /protection !

Former Member — Tue, 26 Feb 2008 22:31:47 GMT

You cannot change the DICBERCLS of S_TABU_DIS rather of a table which then can be controlled by S_TABU_DIS which will be checked for all the table related transactions.

Assignment of Auth Groups to the field DICBERCLS while creating roles depends on the functional requirement of the roles.

Dont bother about changing the default auth groups given to the standard tables.

Make sure you assign the Z tables which is been created is assigned to any of the already existing Auth Group or Custom Created Auth Group.

Thanks.

Regards,

Muthu Kumaran KG

Re: Table Access /protection !

Former Member — Wed, 27 Feb 2008 02:39:07 GMT

Muthu,

I did not mean to change the DICBERCLS -No But if you recall the opening of the Post -- the DICBERCLS has values &NC& 0* -O* ( Whatever that means!) My Scope is to change or redo these values ? Do u say thats not a good idea ?

IF I understand you right - forget about the standard tables -- but assign the ZTABLES specificaly to the DICBERCLS ?

I didnot see any 0* OR O* tables ....

Re: Table Access /protection !

Former Member — Wed, 27 Feb 2008 06:07:54 GMT

Hi George,

Take a look at Tr - SM31 and enter the table : V_DDAT / V_DDAT_54 in desplay mode.There u can find which tables are not assigned under any authorization groups(&NC&).Also i have never seen the ranges starting from 0*.

Ranges(* to *) not always recommended , which u may found out in your EWA from SAP.we also trimmed all the * access in S_TABU_DIS,which you may also have to do as per ur requirements.

Rgds,

Gadde.

Re: Table Access /protection !

Former Member — Wed, 27 Feb 2008 14:46:54 GMT

Yes I am in the process of trimming the auths in response to the EWA.

But my question still remains ~~> How do I determine which table the application is needed to access~~ I know thats the input from the functional folks but again I too need to know how they determine that ? ST01 is a tool any other way ?

Thanks