Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Object S_USER_AUT

Former Member
0 Kudos
2,574

Hi ALL,

I was browsing through a SAP std role SAP_BC_USER_ADMIN.

I found a object S_USER_AUT with fields ACTVT,AUTH,OBJECT.

Please Illustrate the second field AUTH with eg.

Thankyou,

Ajit

1 ACCEPTED SOLUTION

Former Member
0 Kudos
399

Hi Ajit,

For any object's documentation, you can go to SUIM.

Go to Authorization object -> By object name, there give the authorization object name (eg:- S_USER_AUT) and execute.

You can see its documentation there.

This contains complete description of the authorization object and its fields with examples.

Hope this helps.

-Neha

6 REPLIES 6

Former Member
0 Kudos
400

Hi Ajit,

For any object's documentation, you can go to SUIM.

Go to Authorization object -> By object name, there give the authorization object name (eg:- S_USER_AUT) and execute.

You can see its documentation there.

This contains complete description of the authorization object and its fields with examples.

Hope this helps.

-Neha

0 Kudos
399

Hi Neha,

I have gone through the documentation.

But not able to understand it.

In documentation,

AUTH = *,

i.e What does this signify?

Please explain with some eg. except * value for AUTH.

Thankyou,

Ajit

0 Kudos
399

You should also want to consider this object (S_USER_AUT) in conjunction with S_USER_OBJ.

Please read the documentation on the S_USER* objects (there are a number of them, which work in conjunction with each other) in transaction SU21, for where they can be used in your concept.

Cheers,

Julius

0 Kudos
399

You can include this object in a test role and see the possible values for this object by doing an input help for the field AUTH.

Also, you can see the same from the transaction SU03, which would show you the list of the profiles (manually created or generated) which contain these objects.

For the same authorization object, there are a number of authorization names (AUTH) field. This you can see in the table USR12.

Well, in all the roles in my system which contain S_USER_AUT, I have assigned * for the AUTH field, so I haven't really used it otherwise (as there is just one security administrator).

I hope someone else is able to explain this field in a better way.

-Neha

Former Member
0 Kudos
399

Authorization to create and maintain authorizations (object S_USER_AUTH).

The object User Master Record Maintenance: Authorizations (S_USER_AUT) defines

the authorization object name and the authorization name for which an administrator

has authorization and the activities that are allowed.

The object S_USER_AUT can be used to grant an administrator authorization to create

only certain authorizations in roles and thus prevent critical authorizations from

being created in roles.

Describtion of fields:

OBJECT: specify Authorization Object that the user can administor

AUTH: With this field, the authorization administrator can be given a limited name space such as customer namespace or for a perticuar module only. As each module has its diffrent namespace.

Former Member
0 Kudos
399

Thankyou All..