Hi Jurg

Thanks for the tip.

I scan through some of the forum , and manage to find something like this:

"You can check table TDDAT to find the authorization groups related to the Z-tables. Note that if a table is not maintained here it is automatically assigned group &NC&.

if you want to allow a user access to only some Z-tables then the procedure would be -

1. create a new auth group for S_TABU_DIS via SE54.

2. modify table TDDAT to associate the required Z-tables to the Z-auth group.

3. create a new role with SE16 and the object S_TABU_DIS and only add the new Z-auth group in field DICBERCLS.

4. assign the role to the concerned user. "

But what about , say i found auth group , example "SS" , which by default belongs to a table A & B , and a whole lot of other tables. Table A which I allow users to view , but table B I don't. What is the usual practise to separate for this scenario. I was thinking of changing auth group for B , to example ZZ , so that the users are

not authorize to view them. But does this have any impact on anywhere else?

Any help or tips will be greatly appreciated. Thanks.

Hi Jurjen

Thanks for the tip. I'll take a look through it , if anyone has any more suggestions , I would appreciate it too. Thanks guys

There is a similar - may be of interest to you -post thats is running parallel to yours- the post is titeld -Table Access / protection.

The driving force behind that post is to close out the EWA

Thanks