03-14-2013 8:25 AM
Hi,
I am having problems associating authorization objects to some transactions. I am going the table way and standart documentations points to USOBT or USOBT_C tables. However *SOME* Z* transactions(which I know use authorization objects) do not have any entries present in these tables for some reason.
Is this common? Can anyone help me understand why?
And most important of all, can anyone point me to another table(or tables if they needed to be linked) inorder to observe auth.obj. <-> tcode association?
Thanks,
Bora
03-14-2013 9:51 AM
Hi Bora,
If you looking for auth object <>Tcode relation maintained in SU24. then please use table TSTCA
03-14-2013 8:20 PM
Hello
TSTCA returns the initial auth check and not the actual/required objects
Kind regards
David
03-14-2013 1:15 PM
03-14-2013 2:29 PM
Hi Abhijeet,
Can you please explain how the OP will use SUIM to solve his issue?
03-14-2013 8:22 PM
Hi
SUIM won't help find the related authorisation checks..at aleast not in an easy way that I can see - please could you explain?
Kind regards
David
03-14-2013 2:29 PM
Hi,
Auth checks in transactions only appear in the USOB* tables once they are associated through SU24. If they have never been associated then you will not see them. This is very common where security has been administered poorly.
To get the info you will have to go through the code, update SU24 and then you will have a more accurate list. As Binish stated, you could use TSTCA to see where a static auth check has been assigned against the transaction code in SE93.
03-14-2013 8:27 PM
Hello
I don't think your table entries approach will work.
How do think the tables entries you are searching on are populated in the first place? Who does this - security, basis, functional, SAP These are custom transactions rather that SAP delivered which will not initially include sufficient SAP/Customer values.
Cheers
David
03-18-2013 2:59 AM
Hello,
For Z* transations, you need to maintain the values in SU24 by yourself.
After that, you can maintain "Check indictor" and authorization objects which will be proposed while
adding the tcode in role menu.
Thanks.
Jim