06-26-2009 3:07 PM
Hi,
As per the SOx task we are getting users as per the the bleow:
Run ABAP RSUSR002
Transaction Code: SE16
Authorization Object:
1) S_TABU_DIS and values 02
2) S_DEVELOP with value 01 02 06 07.
I got users list,
when I search roles by users (from the list which ever i got) with the
above authorization but I not getting any roles.
Can you please suggest em to go a head.
If they have access with any profile then how can we trace the profile from SUIM.
06-26-2009 3:52 PM
Go to SUIM..
Users by complex selection criteria..
put user name and execute..
in the next screen.. click on "Display Details" screen (left most button in the application toobar)...
click on "Selectively Expand Subtree"
in the Authorization Object field .. use the multiple selection option to put S_TCODE and S_TABU_DIS
Download the full list as spreadsheet... open with excel and search and mark for your desired values in the sheet.
I hope you will find this simple and easy way..
Regards,
Dipanjan
06-26-2009 3:52 PM
Go to SUIM..
Users by complex selection criteria..
put user name and execute..
in the next screen.. click on "Display Details" screen (left most button in the application toobar)...
click on "Selectively Expand Subtree"
in the Authorization Object field .. use the multiple selection option to put S_TCODE and S_TABU_DIS
Download the full list as spreadsheet... open with excel and search and mark for your desired values in the sheet.
I hope you will find this simple and easy way..
Regards,
Dipanjan
06-29-2009 10:33 AM
Hi Dipanjan
Thanks for your reply, As per your reply I got the list and I couldn't find the role and profile for the user.
Please let me know is there any other way to find the role or profile.
06-26-2009 9:23 PM
> when I search roles by users (from the list which ever i got) with the
> above authorization but I not getting any roles.
Then it's coming from a profile...
06-29-2009 10:33 AM
Hi Pravin
Please use the following path
For roles
suim - > roles - > By User Assignment
For Profiles
Suim->user-> user by complex selection crteria->by profiles
hope this is useful
thanks
Shitika
06-29-2009 10:50 AM
Hi Pravin,
make sure, your system has already the corrections of following SAP notes:
918629
961294
1273992
What you could check in addition is, if the users got the authorizations through a reference user assignement.
b.rgds, Bernhard
07-07-2009 10:53 AM
Hello pravin,
I suggest you to find the roles/profiles like that:
Run ABAP RSUSR002 :
fill the data like that: object 1- s_tcode-value-se16
object 2 - s_tabu_dis activity 02
object 3 - s-develop activity 01 or 02 or 06 or 07
then you will get a role list where this sox problem exit.
double-click on user assignment will show you the users with this sox problem.
good luck.
best regards,
Haim Brauner
07-07-2009 10:10 PM
This is not necessarily critical, without knowing the other field names. But it is suspect.
S_TABU_DIS and S_DEVELOP are meant for development systems, but sometimes such roles find their way into production systems and might even be assigned.
It is suspect - but still dependent on the other fields of these objects (the table group, and the object name / package) so it might be isolated, possibly also incorrect repository settings during development (and subsequent "real life").
Cheers,
Julius