09-01-2010 1:48 PM
Hi All,
user requesting for the access to a particular table(eg:agr_1251).
How can we find the requested objects and field values for a particular table.
Also we need to give access only to the requested table(no access to other table).
If any of you can shed some light on this, it will be helpful for me.
Thanks in advance
Regards
Rajeev
09-01-2010 2:42 PM
Security to tables through standard tcodes like SE16, SM30 etc are through the auth objects S_TABU_DIS, S_TABU_CLI (for cross client tables) and S_TABU_LIN (Row level security for an individual tables).
Considering the first and simplest case, you would first need to find out the authorization group linked to the particular table for which you want to give access. This information can be found from the TDDAT table. To access the table user would need access to the auth group linked to the particular table through S_TABU_DIS.
Please note that since the access is at the level of auth group, the user would have access to all tables linked to the same. If you want to give access to only a single table you can change the table auth group for a table through the SE54 table. There is a check table for auth groups, TBRG so a new entry might need to be created therein.
09-01-2010 5:45 PM
Hi,
I agree to almost all the point, but using SE54 and creating a custom group and assigning required tables
will it work without the involvement of ABAPER?
09-02-2010 4:22 AM
As far as I remember, you do not need a developer key for any of these activities so an ABAP developer's help should not be needed. But I agree a security consultant with just pfcg, su24 would not have enough access.
09-02-2010 9:20 AM