Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Providing security to tables.

Former Member
0 Kudos
365

Hi experts,

I am fresher to security concept. my role is creating roles and assigning to user please anybody can explain the concept of providing security to a tables.please help me detailed navigation to providing security and giving the acces to users of those tables.

Thanks.

Yousuf.

8 REPLIES 8

jurjen_heeck
Active Contributor
0 Kudos
256

Search the forums for S_TABU_DIS

Former Member
0 Kudos
256

Security to tables is assigned through table auth groups. You can create table auth group through se16->tbrg for object s_tabu_dis and link the same to the tables(You can ask your ABAPer for that linking).

You can also see the table-auth group linking in se16->tddat.

Search for table auth groups and you will get lots of info on that.

Former Member
0 Kudos
256

Hello Yousuf,

Tables are covered by the Security concept though assigment of authorization groups to them. An authorizationn group can be assigned to n number of tables but a table can only be assigned one authorization group.

You can do this by the atble maintenance transaction.

goto transaction SM31: select table V_DDAT.

and click maintain.

In the next screen, position the curson for the table you want, select the table and assign/modify the authorization group tothe table as required.

(Never change authorization group assignments according to your whims. Always ask the functional / ABAP guys for functional tables)

Now the next step is to assign the authorization group given to the table in an authorization object.

Select the role where you want the authorization to be available in PFCG. Go to authorizations tab (change mode).

there find the authorization object S_TABU_DIS. Add the authorization group in the field DICBERCLS (authorzation group).

the activity should be 02 for create / change or 03 if its display.

A note of advice here since you say your are a fresher. Never assign authorization groups assigned to BC component tables to other tables. For that matter try to keep your house clean by keeping the authorization groups limited (Standard one give by SAP) to their functional tables.

Regards,

Prashant

Former Member
0 Kudos
256

0 Kudos
256

It should be noted that the link above http://searchsap.techtarget.com/tip/1,289483,sid21_gci816940,00.html is a bit outdated as the View for assigning table auth groups in newer R/3 versions (4.7 and above) is V_DDAT_54. You can also view table TDDAT to see which auth groups are assigned to tables.

0 Kudos
256

How about SE54?

-Abhishek

0 Kudos
256

One might also want to question why the users want direct access to tables? They might just confuse themselves...

0 Kudos
256

Hi Yusuf,

from Security side,we just need to crete a autho group using SE54 and give the name to developers(ABAP) and provide them the table which table you want to add in that auth group,thats enough they will do that table assignment.

Then you can assing the auth group in the roles(auth obe is S_TABU_DIS).

Cheers,

Chinna