You are likely missing access to auth objects - M_ORDR_WRK and / or M_ORDR_EKO. Depending upon where the SAP ABAPer put the auth object check - sometimes you would be allowed to execute the transaction code and get stopped when you attempted to go further - other times it will not even let you execute the tcode though you may have access to the tcode.

Agree with Alex - using wildcards in S_TCODE is not recommended as it bypasses the "benefits" of profile generator.

Thanks alot JC and alex for the reply

But i want to know the behaviour of wildcard in S_tcode

If i give a range ME*--ME21 in S_tcode then it should give me access to ME00 and ME01 (if associated auths are there in profile)

but when i check through SUIM it shows ME00 and ME07 authorization.

Hope you got the point

Regards

Nilesh

If you give ME* - ME21 then you will get all tcodes starting with ME as you have given a values that supersedes ME21 (ME*)

If you are reporting via SUIM then it is possible that it is reporting transactions that are entered in the menu or evaluating the complete tcodes it sees in object S_TCODE.

I don't have a system in front of me to check right now, but every system I have used will give you access to pass the auth check against S_TCODE for all tx starting with ME if you enter ME* into the S_TCODE object.

Depending upon the selection critieria in the SUIM reports, it will check for different areas of your role. If you are running the role report and you select by tcode, then the report only checks the menu section of your role for tcodes. To check for all values that are in the S_TCODE auth object, you will need to select by auth object values so input the S_TCODE and the value range - this will check the auth object section (AGR_1251) of your role.