2008 Feb 26 2:08 PM
Hi experts,
I am fresher to security concept. my role is creating roles and assigning to user please anybody can explain the concept of providing security to a tables.please help me detailed navigation to providing security and giving the acces to users of those tables.
Thanks.
Yousuf.
2008 Feb 26 2:17 PM
2008 Feb 26 2:43 PM
Security to tables is assigned through table auth groups. You can create table auth group through se16->tbrg for object s_tabu_dis and link the same to the tables(You can ask your ABAPer for that linking).
You can also see the table-auth group linking in se16->tddat.
Search for table auth groups and you will get lots of info on that.
2008 Feb 26 2:47 PM
Hello Yousuf,
Tables are covered by the Security concept though assigment of authorization groups to them. An authorizationn group can be assigned to n number of tables but a table can only be assigned one authorization group.
You can do this by the atble maintenance transaction.
goto transaction SM31: select table V_DDAT.
and click maintain.
In the next screen, position the curson for the table you want, select the table and assign/modify the authorization group tothe table as required.
(Never change authorization group assignments according to your whims. Always ask the functional / ABAP guys for functional tables)
Now the next step is to assign the authorization group given to the table in an authorization object.
Select the role where you want the authorization to be available in PFCG. Go to authorizations tab (change mode).
there find the authorization object S_TABU_DIS. Add the authorization group in the field DICBERCLS (authorzation group).
the activity should be 02 for create / change or 03 if its display.
A note of advice here since you say your are a fresher. Never assign authorization groups assigned to BC component tables to other tables. For that matter try to keep your house clean by keeping the authorization groups limited (Standard one give by SAP) to their functional tables.
Regards,
Prashant
2008 Feb 26 2:58 PM
You can refer to http://searchsap.techtarget.com/tip/1,289483,sid21_gci816940,00.html for more info.
Thanks!
2008 Mar 27 9:37 PM
It should be noted that the link above http://searchsap.techtarget.com/tip/1,289483,sid21_gci816940,00.html is a bit outdated as the View for assigning table auth groups in newer R/3 versions (4.7 and above) is V_DDAT_54. You can also view table TDDAT to see which auth groups are assigned to tables.
2008 Mar 27 9:41 PM
2008 Mar 28 12:31 AM
One might also want to question why the users want direct access to tables? They might just confuse themselves...
2008 Jun 19 3:15 PM
Hi Yusuf,
from Security side,we just need to crete a autho group using SE54 and give the name to developers(ABAP) and provide them the table which table you want to add in that auth group,thats enough they will do that table assignment.
Then you can assing the auth group in the roles(auth obe is S_TABU_DIS).
Cheers,
Chinna