Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Complete authorization object list apart from USOBT_C

Go to solution
Former Member

‎11-30-2010 12:57 PM

0 Kudos

I am using the USOBT_C to list down the auhorization objects, fields and its current value. However I found it does not include the authorization objects which are set to "NO" under proposal for the check indicator in SU22 or SU24.

I understand this means this authorization objects will not be checked when the transaction is added. However, I have the requirement to gather a list which have all the authorization objects related to any transaction. Oherwise I amgetting a list through USOBT_C where it shows some of the transaction does not contain auth objects.

Please let me know is there way to find it out.

1 ACCEPTED SOLUTION

Go to solution
Bernhard_SAP
Employee
Employee

‎11-30-2010 1:23 PM

0 Kudos

Hi,

for the object list you have to use usobx_c instead. usobt_c contains only the proposal values, if such exist.

b.rgds, Bernhard

7 REPLIES 7

Go to solution
Bernhard_SAP
Employee
Employee

‎11-30-2010 1:23 PM

0 Kudos

Hi,

for the object list you have to use usobx_c instead. usobt_c contains only the proposal values, if such exist.

b.rgds, Bernhard

Go to solution
Former Member
In response to Bernhard_SAP

‎12-02-2010 5:21 AM

0 Kudos

Bernhard,

usobx_c does provide all the authorization object but it does not include all the fields and its corresponding values. So in one way its similar to su22 or su24. I am looking for a table which list all the authorization objects relevant for any transaction codes with its fields and values.

I am looking to get these values to provide to functional consultant so that he can create new roles based on that auth object and its fields.

Sanjay

Go to solution
mvoros
Active Contributor
In response to Bernhard_SAP

‎12-02-2010 5:37 AM

0 Kudos

Hi,

there is no such a table. As Bernard said you have table USOBX_C where you have all authorization objects for transaction and separate table USOBT_C which contains fields with proposed values. So you need to combine these two tables to get what you need. You need to combine them with outer join because there doesn't have to be a record in USOBT_C for each transaction from USOBX_C. You can't create a new database view in SE11 because you can't specify outer join. So you can play with SQ01 and create an infoset as outer join of these 2 tables. Another way is to use excel or write a custom report.

Cheers

Go to solution
Former Member
In response to Bernhard_SAP

‎12-02-2010 6:02 AM

0 Kudos

Hi Sanjay,

Per your requirement:

"I am looking to get these values to provide to functional consultant so that he can create new roles based on that auth object and its fields"

Now why you need to give 'functional consultants' THE values, which will NOT be checked.

they need to know only the one which are in USOBT_C......

hope you get my point

Regards,

Surpreet

Anyway if you still want to do this. Use USOBX_C and then for every Auth Object pick field names and values from table TOBJ. May be use VLOOKUP function in excel.

Go to solution
Former Member
In response to Bernhard_SAP

‎12-05-2010 6:55 AM

0 Kudos

Surpreet, you are correct we should be providing the values from USOBT_C as they are the ones will be checked. But they have insisted to list all the auth objects even like S_TABU_DIS, S_TRANSPRT which does not comes when we look for USOBT_C. Anyway the transaction list is not too long, so I am providing them by manually checking them.

Go to solution
arpan_paik
Active Contributor
In response to Bernhard_SAP

‎12-06-2010 12:23 PM

0 Kudos

Hi Sanjay,

From your post it is really confusing that a functional people will create a role based on the velue provided by you (Security consultant I hope)? Ain't it strange thing? Normally it should be reverse.

However I do understand that you are after transaction with all it's required values in various authorization object. So on that regard USOBT_C provide some standard + customization (delta change on USOBT) values. Few fields will be there are empty that means you have to figure it out (either by functional people or based on your experience). That's why role building comes in our way. There are no magic table for the same.

There will be few transaction that does not have any authorization object mapping but watch out for it's parent transaction. It will pick all objects from that transaction. Like few table related transaction will take objects from SM30.

Regards,

Arpan

Go to solution
sdipanjan
Active Contributor

‎12-06-2010 7:54 PM

0 Kudos

Hi,

If you are interested about the transactions and the authorization objects which are in check and maintain (yes) proposal status + the values proposed by sao for those objects .. then you can take a dump of the table TSTCA.

Else, you may create a Quick View in SQVI to create a table join among USOBT_C, USOBX_C and TSTCA to get a neat output matrix.

Regards,

Dipanjan