Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

To use SU24 or to not use SU24 that is the question

Can i get the opinion from a few seasoned SAP Security Engineers about using SU24. Over my experience I have not maintained SU24 considering this is mostly overhead that would need to be maintained and documented over time. A mature role library does not require much maintenance and we find that transactions are authorized differently depending on the user/role being assigned the transaction. However, I believe for items such as Movement Type and Classification Type SU24 can be very valuable for maintaining corporate standards.

Basically I am looking for arguments for the use and arguments against the use so I can make a educated decision as to whether implement or not implement.

Former Member
Former Member replied

> Michael Mease wrote:

> Over my experience I have not maintained SU24 considering this is mostly overhead that would need to be maintained and documented over time. A mature role library does not require much maintenance and we find that transactions are authorized differently depending on the user/role being assigned the transaction.

It starts off like that, or looking as if it will remain like that when changes are required or upgrades need to be "processed"...

> However, I believe for items such as Movement Type and Classification Type SU24 can be very valuable for maintaining corporate standards.

I am sure you will find a few more.

> Basically I am looking for arguments for the use and arguments against the use so I can make a educated decision as to whether implement or not implement.

I wrote a blog on this a while back together with someone I met here ( see How to get hit by the ABAP authorizations bus, and survive to tell the tale - Part 1 ) and was recently reminded that Part II is overdue... it is almost finished.

Cheers,

Julius

0 View this answer in context
Not what you were looking for? View more on this topic or Ask a question