01-23-2008 8:41 PM
All,
We have FI guys requesting different transactions.
To stop this and keep track of this,
I need to ffind out what transactions have been adde to each FI role ?
Is there any report out there that would tell me what new transactions have been added to all
Customized FI roles ?
Please advise.
From
PT.
01-23-2008 10:02 PM
What 'new' transactions have been added / changes to the profiles or roles, you could use SUIM -> Change Documents -> Roles or Profiles.
If you would like to see all the transactions executable for a User/ Profile/ Role, Use Transactions under SUIM.
Hope this helps.
Regards,
Snehal
01-23-2008 9:10 PM
PT,
Just go to SUIM report tree, you will find all the reports you need there.
Have fun.
Lye
01-23-2008 9:18 PM
To be more specific, go to the section called "change documents" in SUIM.
01-23-2008 10:02 PM
What 'new' transactions have been added / changes to the profiles or roles, you could use SUIM -> Change Documents -> Roles or Profiles.
If you would like to see all the transactions executable for a User/ Profile/ Role, Use Transactions under SUIM.
Hope this helps.
Regards,
Snehal
01-23-2008 10:08 PM
>
> If you would like to see all the transactions executable for a User/ Profile/ Role, Use Transactions under SUIM.
Ehh, please be aware of the fact that the 'transactions' reports under suim look in table AGR_TCODES which itself does not contain 'real' authorizations (or sources for the profile) but only the tcodes that were put in the role via the menu tab.
To actually see which transactrons are executable for a user look at the reports for authorization values, select object S_TCODE. This also reports manually entered S_TCODE values as well as ranges.
01-27-2008 4:54 PM
Thanks all.
I think ST03n will give the all the transacitons that were
executed by user.
From
PT.
01-27-2008 5:08 PM
>
> I think ST03n will give the all the transacitons that were
> executed by user.
I am a bit curious now, since this is true but I miss the relation to your original question. That was about the contents of the roles.
In the majority of systems the users have access to more transactions than they actually use. Restricting access based on findings from ST03N can cause problems, especially in FICO where some actions are only executed once a month or even once a year....
01-27-2008 7:06 PM
Issue is, here we have FICO users requesting transactins
that they are not sure if they really need it.
<removed_by_moderator> did not do the good job on training this users for FICO functional area.
From
PT
Edited by: Julius Bussche on Jan 27, 2008 7:43 PM
01-27-2008 7:51 PM
Hello PT,
Feel free to flame consultants in general, as well as auditors, end users, developers, etc, (there are enough here to defend themselves... but please abstract specific implementation details without mentioning company's names.
Regarding "need or not need" a transaction... ST03N will give you the "used or not used" information... and even this is not necesarily correct => a user might submit a report or execute a transaction (for which the system writes a stat record), however an authority-check or other condition failed... so they did not actually "use the transaction", let alone "need it".
Kind regards,
Julius