2024 Mar 21 3:52 PM
Hello,
Good day!
I have a questions regarding the SAP security.
I´m new in the world of Roles and Authoruizaions and I got a request to extract a report showing the module, scope and if the role is read/write.
Is that a program or a table that I can seek this kind of information ? My team is not the one that create the roles.
Best Regards,
2024 Mar 22 8:48 AM
Check the activity? ACTVT is typically 01 for create, 02 for change and 03 for display.
But it's arbitrary - any field could be used, and any value, since it's mostly handled via an ABAP statement checking for a particular field/value.
2024 Mar 22 9:47 AM
Hello Matt,
Thank you for your input. I thought about that but I´m not able to search in SUIM in Roles by Complex Selection criteria using the ACTVT as an authorization Object. I get the message below:
Message no. 01128
2024 Mar 22 12:24 PM - edited 2024 Mar 22 3:37 PM
ACTVT isn't an authorization object , it's a, frequently used, authorization field
Look within SU21 on some authorization objects
SUIM can only filter in this activity for an explicit autorization object (every object doesn't contain it)
Roles - By Authorization Values
So
2024 Mar 22 1:22 PM
Hello,
in addition to the answer from @matt, viewing the table AGR_1251 might be useful for your needs (AGR_1251 contains the authorization values of roles). In SUIM you can search roles for a single field value only, so you have to execute a search for ACTVT 01, another one for ACTVT 02 and so on. In SE16 you can do this in a single task.
Kind regards
Jan