Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

List of users with T-Code authorization

bntb_bntb
Explorer
0 Kudos
5,469

Good day,

I can go in T-Code SUIM-User information system > Transaction > Executable for user

...and get a nice list of all transaction that a specific user has access to.

Now what I need is this listing but for ALL users (i.e. I don't want to have to export this listing individually for each of our 110 users).

Is there an SE16 table (or set of two tables) or a report within SUIM that would give me this full listing of authorization?

We do use composite roles.

Thanks.

1 ACCEPTED SOLUTION

nikolayevstigneev
Contributor
0 Kudos
1,479

I ran the report you had suggested in production system for myself and got a list of about 120k t-codes. It should be mentioned that despite the authorisations are quite high I do not have SAP_ALL.

So, in case there is some report that fulfills your needs you are likely to get a list with several millions of lines. What are you going to do with it?

Maybe the task can be set in some other way?

Anyway, firstly, I would exclude users with SAP_ALL authorisations from your list of users (Users -> Users by Complex Selection Criteria -> By Profiles).

And besides t-codes list aren't you interested in business-specific authorizations? Like plants, storage locations, company codes, infotypes ... I mean that the purpose of the report is unclear for me.

In case you won't find a better choice you can submit the mentioned report in a loop for every user as a brute force solution and leave it for the night .

4 REPLIES 4

Former Member
0 Kudos
1,479

SUIM -> USER -> Users by Complex Selection Criteria -> By Transaction Authorizations

0 Kudos
1,479

Thank you Aaron,

But under SUIM > USER > Users by Complex Selection Criteria, only the following are available:

- By Critical Combinations of Authorizations at Transaction Start

- With Unsuccessful Logons

- By Logon Date and Password Chante

- List of Users With Critical Authorisations

- With Critical Authorisations (New Version)

So the option you mentionned is not present.

nikolayevstigneev
Contributor
0 Kudos
1,480

I ran the report you had suggested in production system for myself and got a list of about 120k t-codes. It should be mentioned that despite the authorisations are quite high I do not have SAP_ALL.

So, in case there is some report that fulfills your needs you are likely to get a list with several millions of lines. What are you going to do with it?

Maybe the task can be set in some other way?

Anyway, firstly, I would exclude users with SAP_ALL authorisations from your list of users (Users -> Users by Complex Selection Criteria -> By Profiles).

And besides t-codes list aren't you interested in business-specific authorizations? Like plants, storage locations, company codes, infotypes ... I mean that the purpose of the report is unclear for me.

In case you won't find a better choice you can submit the mentioned report in a loop for every user as a brute force solution and leave it for the night .

0 Kudos
1,479

Thank you Nikolay.

I finally got a list of all executable TCodes by user by doing the following:

I joined: table AGR_1251   Where Object = "S_TCODE"

to          table  AGR_USERS

on field: Role

(this is a many-to-many SQL join)

I then analysed the resulting joined table with an Excel pivot table.

The purpose? To have a user-friendly, global and pivotable view of all executable TCode by users allows me to review whether the roles setup still meet our needs.

Solved.