Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorization roles

Go to solution
Former Member

‎2006 Sep 17 11:02 AM

0 Likes
899

Hello folks,

Kindly let me know the table which stores the authorization roles and transactions allowed for that role.

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2006 Sep 17 12:03 PM

0 Likes
818

HI,

look at the table <b>TSTCA</b>(Values for transaction code authorizations)

Mark all the helpful answers

6 REPLIES 6
Read only

Go to solution
Former Member

‎2006 Sep 17 11:18 AM

0 Likes
818

Hi,

This all depends. In some cases authorization groups must exist in a custom table before they can be used. This is true for table authorization groups (authorization group in table <b>TBRG</b> assigned to tables in table <b>TDDAT</b> via transaction SE54) and user groups (created in transaction <b>SUGR</b>). In some cases authorization groups are merely created when they are assigned to the object in a standard maintenance transaction (e.g. vendor master data, customer master data, material master data etc.) In other cases the authorization group has an optional validation table that is used in search helps but no where else (ABAP programs in table <b>TPGP</b> and <b>TPGPT</b>, report writer authorization groups (via table <b>TBRG</b>) etc. Authorization groups are essentially labels that you assign to objects (tables, programs, master data etc.) that allow authorization checks for access to the objects with the label

1) SAP Notes 7642, 20534, 23342, 33154, and 67766

2) Documentation for RSCSAUTH report

See the below SAP link for more info

http://help.sap.com/saphelp_nw04s/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm

Regards

Sudheer

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Sep 17 11:22 AM

0 Likes
818

In simple words ,

Suppose I have a jobrole assigned to my user id. Lets say "z:x". Now i need to find out through tables whether z:x has transaction ME22N or not. How do i do that?

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Sep 17 12:20 PM

0 Likes
818

Hi

See the tables:

AGR_USERS, AGR_PROF, UST04, uST12, TSTCA

Max

Read only

Go to solution
Former Member
In response to Former Member

‎2006 Sep 17 5:55 PM

0 Likes
818

User/Security tables

DEVACCESS

Table of development users including dev access key

USR02

Logon data

USR04

User master authorization (one row per user)

UST04

User profiles (multiple rows per user)

USR10

Authorisation profiles (i.e. &_SAP_ALL)

UST10C

Composit profiles (i.e. profile has sub profile)

USR11

Text for authorisation profiles

USR12

Authorisation values

USR13

Short text for authorisation

USR40

Tabl for illegal passwords

OBJT

Authorisation objetc table

rEGARds

vivek

please mark all the useful answers

Read only

Go to solution
uwe_schieferstein
Active Contributor
In response to Former Member

‎2006 Sep 17 9:27 PM

0 Likes
818

Hello Nishant

SAP provides us with plenty of reporting functions regarding authorizations (transaction SUIM, User Information System).

For your example you could call either

- Roles -> By Transaction Assignment (check with transaction)

or

- Transactions -> Executable Transactions (check with role)

If you want to search DB tables directly then go for <b>AGR_1251</b> and select for

OBJECT = S_TCODE
FIELD = TCD
LOW = <transaction, e.g. ME22N>

Regards

Uwe

Read only

Go to solution
Former Member

‎2006 Sep 17 12:03 PM

0 Likes
819

HI,

look at the table <b>TSTCA</b>(Values for transaction code authorizations)

Mark all the helpful answers