cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SM59 authorization Problem

Go to solution
Former Member

on ‎05-13-2008 8:18 AM

0 Kudos

Hi Experts,

One user (Ex:user1) having SM59 t-code access in our Production system, I revoked sm59 t-code from this user roles but while i am executing the Tcode suim users-->executable for trans it is showing that this user is still having SM59 t-code authorization.

For this I have assigned the (user1) same roles to other new user id (ex :user2) and i observed that user2 doesn't have the sm59 t-code but user1 having this t-code access.

Please let me know how can i revoke the sm59 t-code access from user1.

Regards,

Reddy V

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

JPReyes
Active Contributor
‎05-13-2008 8:54 AM
0 Kudos

Go to SUIM -> Comparisons -> From users and find out whats the difference between the two users.

Regards

Juan

Show replies
Show replies
Former Member
‎05-13-2008 10:18 AM
0 Kudos

Thank you Juan,

The below mentioned authorization object is showing differen b/w two user ids while comparing the user ids in SUIM.

S_RFC_ADM Administration for RFC Destination

But these two user ids are having same roles. why it is showing this diff. and please let me know why user1 is having sm59 access.

Also I find out the transactions executable for each user id. I observed that these two users are having same t-code access except this SM59 t-code.

Please let me know how can i restrict the sm59 in user1.

Regards,

Reddy V,

JPReyes
Active Contributor
‎05-13-2008 12:57 PM
0 Kudos

User comparison is telling you that the roles are not exactly the same as S_RFC_ADM have different values.

Then check the roles from user1 via SUIM for S_RFC_ADM and change the value to the same as user2.

Actually if you want to restrict access to SM59 remove auth object S_RFC_ADM from user1

Regards

Juan

Former Member
‎05-13-2008 1:47 PM
0 Kudos

Hi Juan,

I have checked all the roles for S_RFC_ADM authorization object in user1 master record but no role is maintaining this authorization object to restrict SM59 T-code.

I have checked all the role using t-code PFCG>authorizations>change authorizations-->find the authorization object (ctrl+f)

Please let me your suggestions on this issue.

Regards,

Reddy V.

JPReyes
Active Contributor
‎05-13-2008 2:27 PM
0 Kudos

SUIM -> Roles -> By Authorization object -> enter S_RFC_ADM, check if user1 have any of the roles in the list... if he has then you found the role causing the issue.

Regards

Juan

Former Member
‎05-13-2008 2:42 PM
0 Kudos

Hi Juan,

I resolved this issue.

I have removed all the roles from user1 master record and ressigned the same roles with same valid period.

And checked users executable for t-code SM59 T-code SUIM

Regards,

Reddy V.

Answers (0)

Ask a Question