1> You'll need to check if the transaction that is being requeste

In an environment of derived roles ; a user is asking for a
t-code ; which is not found in suim in search of roles ?
what will u do ?

Question Posted / gaurav

4 Answers
10394 Views
IBM, I also Faced
E-Mail Answers

Answer Posted / gaurav

1> You'll need to check if the transaction that is being
requested is available in the system i.e if it exists or
not. You'll have to check this thru transaction SE93.
[If not then the ABAP team needs to get this transaction
coded into the system]

2> If transaction does exists and if you are not able to
find this in any production/ end user roles, then you'll
have to see if you can find any ViewName/ Table Name linked
to this transaction [this would be on the same screen i.e.
SE93 at the bottom]

3> If a ViewName is available then this means that this new
transaction will be interacting with the table you found
and hence the object S_TABU_DIS and SU24 change will come
into picture.

4> You then need to take a trace yourself in Development
system by executing this transaction and check the trace
report for the activities that show up.
[Note: Remember to undo whatever you have saved]

5> Take appropriate approval for role modification as per
process you follow in your organization.

6> Make SU24/ role changes in development system and have
these changes moved till Quality or Fix system for testing
purpose. Create test ID's accordingly.

7> If testing fails, get SU53 report and redo analysis. If
testing is successful create production/ end user roles,
make a TP request and get your changes moved till
production system.

Is This Answer Correct ?

7 Yes

3 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

How do we test security systems.

647

Differentiate between derived role and composite role

653

How to create users?

719

Differentiate between usobx_c and usobt_c

623

What are the upgrades happened in GRC 5.3 from GRC 5.2?

3720

You want to configure the local and global setting of cua. Where would you do that? What would happen if you have inconsistent settings?

594

What is the use of Personalization tab in SU01?

4994

What is the Functionality difference between ECC 5 and ECC6? i.e. new functionality in ECC6 which is not in ECC 5.

3985

What does the profile generator do?

689

how to do Reporting and Analysis authorizations

1893

What is the difference between c (check) and u (unmaintained)?

1066

Any details about secatt apart from SAPSecurity online.com?

1904

how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS

6353

what are the issues you faced with UME?

2441

Giving fire call access and extending fire call access by using VIRSA’s VFAT tool.can any one brief this

3232