if you need to generate table maintainance, you need to do it through SE80/SE11. It only requires a Authorization group(created through SE54).

your question is not clear. Please specify your exact requirement.

The most important thing to remember about "authorization groups" is that they are optional.

You need to set the BEGRU in the master record for the BEGRU related auth objects to become effective.

Not all applications consistently used BEGRU fields.

Actually the whole thing is an optional pest and sometimes not respected in standard reporting anyway, so it is of little use for display access and a crow's nest to define a concept with a 4 character field for multi-dimentional access (like a BW can).

Direct table access from the application layer is an exception here - tables without an "authorization group" are symbolically "&NC&" and therefore not optional, as they are "not classified".

Tough call.... see --> "S_TABU_NAM" as search term (there is a central FAQ OSS note on it as well) which eases this pain to some extent.

Cheers,

Julius

Hi,

By using authorization groups we can restrict the authorizations at table level.

Here is the procedure to create and maintain Authorization groups.

--> Table TBRG: Here you can able to create new authorization group and If this requirement is for client specific then maintain under Authorization object S_TABU_DIS. If not maintain under auth object S_TABU_CLI.

--> Table TDDAT: Here you get the list of tables and just associat the new auth group to table which you want to restrct it.

--> Maintain this new auth group in the role against the Auth Object S_TABU_DIS or S_TABU_CLI.

Hence we can able to restrict the user from certain tables.

Thanks,

Siva Shankar