01-08-2007 5:33 AM
Hi Gurus,
how to implement security for tables.i e we have to restrict table access.
Thanks
Regards
01-08-2007 6:33 AM
Hi
here is the extract from a popular site.. go thru this ..
Critical and custom SAP R/3 tables are restricted.
Execute transaction SUIM
Authorization Object: S_TCODE
Transaction Code: SM31 (enhanced tables maintenance)
Authorization object: S_TABU_DIS
Activity: 02 AND 03
Risk: The risk here is that users who have this access, have the ability to maintain table data directly in the production system. This includes transactional, masterfile, security and configuration data.
Execute transaction SUIM
Authorization Object: S_TCODE
Transaction Code: SM31
Authorization object: S_TABU_DIS
Activity: 02 AND 03
Authorization Object: S_TABU_CLI
Identify if custom transactions have references to authorization objects.
Execute transaction code: SE16
Table name: TSTCA / TSTC
TCODE: Z*
Check table TSTCA and verified that no Z transactions existed. Verified in table TSTC that the majority were secured by Authorization objects. Since all transactions are secured by S_Tcode this control is still effective.
hope this will help you.
with br,
Rajesh .
<i>award suitable points</i>
01-08-2007 6:33 AM
Hi
here is the extract from a popular site.. go thru this ..
Critical and custom SAP R/3 tables are restricted.
Execute transaction SUIM
Authorization Object: S_TCODE
Transaction Code: SM31 (enhanced tables maintenance)
Authorization object: S_TABU_DIS
Activity: 02 AND 03
Risk: The risk here is that users who have this access, have the ability to maintain table data directly in the production system. This includes transactional, masterfile, security and configuration data.
Execute transaction SUIM
Authorization Object: S_TCODE
Transaction Code: SM31
Authorization object: S_TABU_DIS
Activity: 02 AND 03
Authorization Object: S_TABU_CLI
Identify if custom transactions have references to authorization objects.
Execute transaction code: SE16
Table name: TSTCA / TSTC
TCODE: Z*
Check table TSTCA and verified that no Z transactions existed. Verified in table TSTC that the majority were secured by Authorization objects. Since all transactions are secured by S_Tcode this control is still effective.
hope this will help you.
with br,
Rajesh .
<i>award suitable points</i>
01-08-2007 3:09 PM
Hi,
Identify the roles (using T-Code SUIM) which has T-code SM31 and object values (02 or 03).
Identify users (SUIM) who all been assinged the above roles.
Either modify the role as per the requirement.
Or
Remove the authorization (Role for that particular user)
Cheers
Soma
Message was edited by:
soma pradeep
03-07-2007 6:55 PM
Hi,
Do in this way. First you should know which object need to protect table. Here is the object need to protect table
S_TABU_DIS
Then create ztransaction as custom transaction or parameter transaction of SE16
Ex: To protect table Mara we we need customized transaction as follows
Go to SE93 and click Create button add this values
ZMara_SE16
Transaction SE16 as taking properties to this customized transaction
Assign the object S_TABU_DIS
Next
Go SE54 and create table authorization Group such as "Demotable"
In Se54 Tcode just click create authorization group it willl go to list of table authozn groups and u will see screen with button "New entry".
So click to New Entry enter your named authn group for table different companies have different naming convention ex. sat
next SAVE it and now you created Authn group
Next you need to assign this group to set of table.
So go to Se16 table enter TDDAT. you will see view of tables and Authn group.
Next click to create button
enter authn group and enter the table one by one
Example: Table "MARA" Authn Group "sat"
Then SAVE it
Assign the t_code to role where user can only access to defined table
So Inthis way you have protected table. Hope you got the right answer.