on 06-20-2016 11:37 AM
Hello!
I am new in authorization and roles.I am facing this problem user asking for t-code to assign but I couldn't understand among 5 roles to which role the t-code needs to be assigned.
Please help.
hello Sarita,
Just to add Yuksel's
Search what module does the Tcode belong,
For example the user wants to add FS00 which includes in FICO module.
try to search if there are related authorization.
Anyway, what Tcode does the user wants to be assigned?
if it is okay to share.
Maria
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
For F110 ids under FI-Financial Accounting,
Check the roles if there are related transactions like F110, FBL1N, etc
go to SUIM, under "Transactions" tick the icon beside (Executable for Role)
Type the specific role in the "With Role" Search box.
If you see some tcodes executable in a specific role.
I guess there is where you can add tcode F110.
Maria
Thank you all for such helpful informative solutions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Sarita,
If a user comes up with any transaction then proceed with the below steps,
1. Decide first whether the transaction belongs to which module.
2. Once you identify the module then you can easily select the reference role or single role to add.
3. Every customer will have different naming conventions out of which you can easily pick a role to add.
For Z* transactions,
Z* transactions are customized transactions and you can discuss with Functional teams before adding if you have any doubt.
Regards,
Jegan Raj
Hello Sarita,
First of all you should be knowing that the User belongs to which Category and whether he really needs it.
- Development or FA or SD etc.
- Is the T-code is necessary for his daily work.
- Ask him to send SU53 Screenshot and check.
- Also check with Basis the RISK of the Role or Transaction.
- After verifying all these - Assign him the proper T-code.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Sarita,
Go to those roles and check whether any related transaction is present in there to the transaction he is asking.
- Like Display and Change.
- Check if it is display access or change - Check all the 5 roles for this. If he has any related T-code
else you can create a new role and assign the Transaction to the newly created role once you find its really needed to him for his daily work.
Hello Sarita,
As I said in previous answer functional teams or data owners must decide about the roles and assigned transactions.
If you cannot find a responsible person, check the transaction's module and select one of the related role of that user and assign it. You can also select a role that is not assigned to that user and has the required transaction.
A lot of roles with signle transactions are not recommended of course.
Regards,
Yuksel AKCINAR
Hi Sarita,
First, I guess you have to seek recommendations or help from the BASIS Guys.
They have role list and they are the one who should decide for this.
Question, are you going to add the single t-code to only 1 user?
If yes, the safest way to add the tcode is to make a new role and add the t-code. just like what Yuksel said.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Sarita,
Technical teams must not decide which roles should be given to a user.
This selection should be done by functional teams or data owners (busines).
If there is no one for this decision you could decide according to risks of the roles.
If you see all of them are risky create a new role for the transaction or assign the transaction to one of the roles that the user has.
Regards,
Yuksel AKCINAR
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.