Solved: How to access User's Time Zone if no access to USR...

Former Member · ‎07-11-2014

Hi,

I have requirement to change User's Default Time zone but only for those who has blank entry and other will remain as it is.

I can do mass update via SU10 however to get list of user's with Blank Time zone i should have access to USR02

as per our security policy no one in organization has access to USR02 table including basis /security team.

how do i get this list in Production system?

Regards,

Satyajit

martin_voros · ‎07-11-2014

Hi,

if you can call BAPI_USER_GETLIST in SE37 then this FM allows you to search by field TZONE (time zone). Read documentation for this FM for more info how to pass values to this FM.

Cheers

martin_voros · ‎07-11-2014

Hi,

if you can call BAPI_USER_GETLIST in SE37 then this FM allows you to search by field TZONE (time zone). Read documentation for this FM for more info how to pass values to this FM.

Cheers

Former Member · ‎07-12-2014

Hi Martin,

I am aware of this FM but, as this is production system i can't have access to SE37 as well.

is there any other workaround ?

Regards,

Satyajit

martin_voros · ‎07-12-2014

Bad luck. I am not aware of any report that could give you this info. So you will have to write a custom report or create view on top of USR02 that does not contain password hashes and use SE16.

Cheers

former_member183424 · ‎07-12-2014

If you do not have authorization of the table USR02 and also no authorization for SE37, then only one option is there, that is SU01, enter the user name and check the data for time zone manually.

Colleen · ‎07-12-2014

Wouldn't that defeat the purpose of using su10 to update?

martin_voros · ‎07-14-2014

Actually, there is already view called VUSR02_HEADER defined by SAP that show basic user info and does not include password hashes.

Cheers

Colleen · ‎07-15-2014

thanks Martin - that's really good to know

Former Member · ‎08-05-2014

Thanks Martin this is what i was looking for.

Former Member · ‎08-05-2014

Thanks Martin.

former_member300754 · ‎07-12-2014

Hi Satyajit

As far as i know, HR standard function verifies authorization as same way as going for TCODE. For worst case, write ABAP program to modify Time Zone data is my suggestion.

BR,

PJO

Colleen · ‎07-12-2014

The se37 workaround, etc go again the goal of the policy to restrict table access.

if your system is locked down I would be asking if there is a temporary process you can go through to get the access(e,g, firefighter) to fix the records.

regards

Colleen

Former Member · ‎07-13-2014

It's rather an interesting setup, where mass administration is allowed under your "own user id" in Production but display access to table USR02 is not allowed.
I concur with Colleen....I would be asking for a "Fire Fighter" access if it's configured, or to assign you a temp role with the required authorization to give you access, which you may need it for 5 to 10 minutes max.

Cheers,

Savitha

Colleen · ‎07-13-2014

the motivation for restricting of the USR02 table would be to protect access to the password hashes - for a bit more information this blog is quite good.

other than some form of development (even a cut down version of USR02 for non-sensitive fields) would be to educate users to update their own defaults if they do not want the system time zone.

Regards

Colleen

Former Member · ‎07-15-2014

Thanks Colleen!

Former Member · ‎08-05-2014

Thank you all for valuable inputs.

Regards,

Satyajit

How to access User's Time Zone if no access to USR02