Hi,

Thanks for the reply.

I have created a user group and I want to assign some authorizations ya.

How to assign S_AUTH_GRP authorization obj to the user group which I have created.

By default SUPER is the user group that is been created and this group contains authorizations how is it possible.

With Regards,

Venkat.

Hi Prashant,

Refer to the below help.sap link:

http://help.sap.com/saphelp_nw04s/helpdata/EN/ce/17533e5ff4d064e10000000a114084/frameset.htm

S_USER_GRP is the object through which you can restrict users assigned to specific auth. groups.

Also user group "SUPER" is hardcoded in SAP to ensure protection of standard SAP users like DDIC, SAP*, Earlywatch. These SAP standard users are hardcoded "SUPER" user group to ensure that only "SUPER" users can edit their properties.Refer to below help.sap link for more details:

http://help.sap.com/saphelp_nw70/helpdata/en/3e/cdaccbedc411d3a6510000e835363f/frameset.htm

Edited by: sap.sec.akshay on Feb 18, 2010 10:03 AM

There is no such object as S_AUTH_GRP or S_USER_GROUP...

Probably you are looking on the Groups tab in SU01, which is the general reporting groups of users and irrelevant to authorizations.

What you are looking for is the authorization group field in the Logon data tab - this one is authorization relevant.

Cheers,

Julius

Hi Thanks for the reply,

Ya what you have caught is wright.

My query is if I creat a user group in SUGR like with the word " FULL" and assign this user group to a user in user group (or) in authorization group tab.

Does this user get any kind of permissions?

If I assign " SUPER" group to any user does that user get any kind of permissions?

With Regard,

Venkat

Hi Praashanth,

A user dosent get access by the virtue of being in the group. THe Groups just make it easy to do a mass maintainance form Su10.

The authorizartion is only controlled at the role level. Byt suppose if you were to give a same role to all the users in a group you could use the massupdate option based on groups.

Thanks,

CP