Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

SUIM security-audit checklist....

hello, i found a check list SAP security-auditing in SUIM. i searched some of them in internet but my mind confused.

i think it can be very helpful checklist for people working in SAP security-auditing.

if you have time, can you tell me please what these reports mean? with 1-2 sentences.

( i know they are a bit much but i think it can be realy good source for people wants to work in SAP security- auditing like me.)

Thank you very much

Regards..

SUIM--->>>>

1)  S_TCODE = SM36,Authorization Object 1: S_BTCH_ADM = Y; Authorization Object 2: S_BTCH_JOB = * for Job Operations and * for Summary of jobs for a group; Additional selection criteria – Unlocked users only

2)  S_TCODE = SM37; Authorization Object 1: S_BTCH_JOB JOBACTION = *; Additional selection criteria – Unlocked users only

3)  S_TCODE = SM35; Authorization Object 2: S_BDC_MON1=*, Additional selection criteria – Unlocked users only

4)  S_TCODE = SE18; Additional selection criteria – Unlocked users only

5)  S_TCODE = SE19; Additional selection criteria – Unlocked users only

6)  S_TCODE = SM69; Authorization Object 1: S_RZL_ADM= 01; Additional selection criteria – Unlocked users only

7)  S_TCODE =SM49; Authorization object1: S_LOG_COM, COMMAND Value: #*; POSYSTEM Value: #*; R/3 Value: #* additional selection criteria: unlocked users only

8)  Authorization object 1: S_RFC; RFC_TYPE: FUGR; RFC_NAME: #*; activity: 08; additional selection criteria: unlocked users only

9)  S_TCODE = SECR;” “authorization object1: S_IMG_ACTV, Project no: 900; ACTVT = 02; IMG Value = #*” “authorization object2: S_PRO_AUTH Project no: 900 ACTVT: 03” “additional selection criteria: unlocked users only

10)  S_TCODE=SU01: Additional selection criteria – Unlocked users only

11)  S_TCODE=SU01; 2: Authorization object 1: S_USER_AUT; ACTVT Value=03 or 08” Additional selection criteria – Unlocked users only

12)  S_TCODE=SU02; Additional selection criteria – Unlocked users only

13)  S_TCODE=SU03; Additional selection criteria – Unlocked users only

14)  S_TCODE=SU10; Additional selection criteria – Unlocked users only

15)  S_TCODE=RZ10; Authorization object 1: S_DATASET, ACTVT Value = *; Authorization object 2: S_RZL_ADM ACTVT Value = 01 or 03; Additional selection criteria – Unlocked users only.

16)  S_TCODE =SE16; Authorization object1: S_TABU_DIS, Authorization group = SC, ACTVT =02; Additional selection criteria: unlocked users only

17)  S_TCODE = SNRO; authorization object1: S_NUMBER, Value = #*, ACTVT = 01, 02, 11; 3: Additional selection criteria – Unlocked users only

18)  S_TCODE = SCC4; authorization object1: S_TABU_DIS Table Maintenance (via standard tools such as SM30), ACTVT = 01, 02, 03; authorization group = SS; Additional selection criteria – Unlocked users only

19)  Authorization object 1:S_ADMI_FCD, Value: SP01 or SPOR; authorization object 2: S_SPO_ACT Value = ATTR (change attributes of protected spool request) or BASE (see protected spool requests in the output controller [determine whether the spool request exists], display request attributes) and DELE (delete request manually) or REPR (output protected spool request more than once); authorization object 3: S_TMS_ACT (Actions on TemSe objects); STMSOWNER Value  = GRP (external TemSe objects in own) or OWN (own TemSe objects) authorization object 3 = S_TMS_ACT: Additional selection criteria – Unlocked users only

20)  S_TCODE = SCCL; authorization object 1: S_CLNT_IMP, Activity = 21, 60; authorization object 2: S_TABU_CLI, Cross Client Indicator = #*; Additional selection criteria – Unlocked users only

21)  S_TCODE = SCCL; authorization object 1: S_CLNT_IMP, Activity = 21, 60; authorization object 2: S_TABU_CLI, Cross Client Indicator = #*; Additional selection criteria – Unlocked users only

22)  S_TCODE =SM31;” “authorization object 1: S_TABU_DIS, ACTVY =01,” authorization object 2:  “S_TABU_CLI CLIIDMAINT =x”: “additional selection criteria: unlocked users only

23)  S_TCODE =SM30;” “authorization object 1: S_TABU_DIS, ACTVY =01 or ACTVY =02,” authorization object 2:  “S_TCODE =S_TABU_CLI, CLIIDMAINT =x”: “additional selection criteria: unlocked users only

24)  Authorization object 1: “S_TCODE =SA38 or SE38;” “2: authorization object S_PROGRAM Value =SUBMIT: “additional selection criteria: unlocked users only

25)  S_TCODE =SA38 or SE38;” “2: authorization object S_PROGRAM Value =SUBMIT: “additional selection criteria: unlocked users only.

26)  Authorization object 1: S_TRANSPRT Value = 43

27)  S_TCODE = SE01; authorization object 1: S_TRANSPRT Value:1, 2; authorization object 2: S_DATASET Actvt: 06,33,34

28)  S_TCODE = SE03; authorization object 1: S_TRANSPRT Value: 06,43 ; authorization object 2: S_CTS_ADMI Value: TABL

29)  S_TCODE = SE10; authorization object 1: S_TRANSPRT Value: 01, 02; authorization object 2: S_DATASET Value: 06, 33, 34.

30)  S_TCODE = SCC4; authorization object 1: S_CLNT_IMP Value: 21, 60: Additional selection criteria – Unlocked users only

31)  S_TCODE: SM12; authorization object 1: S_C_FUNCT Value = *; activity value = 16; authorization object 2: S_ENQUE; S_ENQ_ACT Value = *.

Former Member
Not what you were looking for? View more on this topic or Ask a question