cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What are the Tables users can display and maintain ?

Go to solution
Former Member

on ‎02-04-2014 6:56 AM

0 Kudos

Hello All,

I have list of 10 table names with me. Now i want to know out of 10 tables how many tables user can maintain.

Eg Tables:

Table 1

Table 2

Table 3

Table 4

Table 5

Table 6

Table 7

Table 8

Table 9

Table 10

1. May be this tables are maintained via S_TABU_NAM or S_TABU_DIS.

Below Steps i tried :

1. SUIM >>Roles by selection > S_TABU_NAM with activity 01 or 02. So i got 10 roles for example.Same way for S_TABU_DIS another 10 Roles.

2. SE16 >> AGR_1251 i have given 10 roles in the role field and S_TABU_NAM in the authorization object field to get the list of tables names in side the roles. eg i got 20 tables names how to differentiate which table are maintain table and which tables are display out of this 20.


Note: Because Role one has auth object S_TABU_NAM two times 

                                       1. S_TABU_NAM     Table    : Table 1

                                                                      Avtivity : 02

                                       2. S_TABU_NAM     Table    : Table 20                        

                                                                      Avtivity : 03

same case in S_TABU_DIS.

Please let me know if you need more details. Sorry i know its bit confusing

Regards

Kiran.S

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎02-04-2014 8:04 AM
0 Kudos

Hi Kiran,

you will see for each authorization object field value combination (ACTVT and TABLE combination for S_TABU_NAM)  there is separate Authorization in AGR_1251 table.


now to find out roles with only display access to particulate table -


To get list of role with Maintain access to Tables do this :

1) SE16 >> AGR_1251 put  roles and S_TABU_NAM in the authorization object field

2) Put TABLE in filed called "Field name"

3) Put all table names into field called "Value"

4) exclude single value "X" in field called "ID whether object is deleted"

5) Execute

5) Copy column  "Authorization Name" - put then into one notepad we need this data in next steps

6) Go back to SE16 >> AGR_1251 put  roles and S_TABU_NAM in the authorization object field

7) Put ACTVT in filed called "Field name"

😎 Put 02 into field called "Value"

9) Put Copied  "Authorization Name" data into field called "Authorization"

10) Execute



this will give roles having maintain access to Tables .


Regards,

Satyajit

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎02-04-2014 8:25 AM
0 Kudos

Just on addition to this.

Don't forget that maybe users will have assigned profiles directly to them as well (besides the roles). If you want to have the picture of profiles  having access to the tables (instead of roles having access to the tables) You should also have a look at the ust12 table to get the overview of the authorizations and then relate the authorizations to the profiles (ust010s, ust10c).

Show replies
Show replies
Former Member
‎02-04-2014 7:36 AM
0 Kudos

If I understand you correctly you want to know how to output your SE16 AGR_1251 query so that you can see which roles allow the user to maintain or just display the tables, yes?

If so, then pay attention to the AUTH field in the AGR_1251 output, as this will show you specific authorization instances (ie the combination of ACTVT and DICBERCLS fields, for example). That way you can easily export the data and create an Excel Pivot table showing what roles contain specific instances or combinations. This will show you whether they have display or maintain, or perhaps a combination of both (there's no reason why you can't add both S_TABU_DIS and S_TABU_NAM, or any number of obects, in your query).

I do this quite often on a large scale for customers when I want to show them what their roles contain. It's a fairly quick and easy job, and puts the data in an easily searchable format.

Edit - to try to explain that more clearly, the screenshot below shows 3 authorization instances - I've highlighted the top and the bottom ones. These could all be in one role, or they could be in three different roles. In this case they are all in one role, so a pivot table that allows me to filter by role name allows me to see all the auths combinations contained within it.

Show replies
Show replies
Ask a Question