Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Access to S_TABU_DIS with Activity 01, 02

Former Member
0 Kudos

Hello peers,

In my company we have some roles with access to S_TABU_DIS, Activity 01 or 02. I am in the process of role clean up. Can anyone tell me how should I approach this situation and what should I ask process owners to justify the access? What are best practices suggested by SAP? Your response will be appreciated.

3 REPLIES 3

morten_nielsen
Active Contributor
0 Kudos

Hi Friend

Actvt 01 and 02 for S_TABU_DIS is not necesarily a problem, as long as it is only to specified authorization groups. Have a look in the profile generator, if the authorization is "Standard" I wouldn't change it.

If it's to authorization group &NC&, or even * I would deactivate the object, any value required should be discovered in the test phase. (And remember, never assign access to authorization group &NC&, always assign your tables to an authorization group in SE54)

Regards

Morten Nielsen

0 Kudos

Hello Friend

As rightly mentioned by Morten there should be no S_TABU_DIS 01/02 with * or &NC&.

You need to advise process owner / functional that all tables should have auth group associated with the tables and this is the best practice suggested by SAP.

Thanks

Santosh kumar

Former Member
0 Kudos

Hi

As per my knowledge the process owners always want table view access on daily basis very rarely they want change/create access.

1. Please ask process owners for the list of SAP tables that they want access on daily basis / occasional basis of the table view/change access. List of all the tables and their authorization groups using SE54

2. Clean up the roles, remove the activities 01, 02 from S_TABU_DIS object and maintain activity 03 with valid authorization groups to the respective tables.

3. Create emergency roles for the 01 & 02 activates, assign them whenever user request with valid approval workflow.

Not only S_TABU_DIS object also look into the object S_TABU_CLI object is very crucial.