Scribd
Upload
11 views

SAP Security

Uploaded by

gadesiger
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views

SAP Security

Uploaded by

gadesiger
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

➡️ IMPORTANT T - CODES:

T-Code Description

SU01 User Maintenance

SU10 Mass User Maintenance

SU01D User Maintain Display

SU02 Manual Creation of Profiles

SU3 Maintain User Profile

SU03 Maintain Authorizations and Profiles


SU05 Maintain Internet Users

SU20 Maintain Authorization Fields

SU21 Maintain Authorization Objects

SU22 Maintain Authorization Defaults (SAP)

SU24 Maintain Authorization Objects for


Transactions

SU25 Profile Generator (Post-upgrade role


adjustments)

SU53 Display Authorization Check

SU56 Display User’s Authorization Buffer

SUGR Maintain User Groups

SUPC Mass Profile Generation


PFCG Role Maintenance

PFUD User Master Comparison

SUIM User Information System (Reports for


users, roles, profiles)

SCC4 Client Administration (Client-specific


security settings)

SCC1 Copy Transport Request

SE09/SE10 Transport Organizer

SM18 Maintain Audit Information System

SM19 Security Audit Log Configuration

SM20 Security Audit Log (view system audit log)

ST01 System Trace


STAUTHTRACE System Trace for Authorization Checks

SM01 Lock Transaction

RZ10 Profile Configuration

RZ11 Maintain Profile Parameters

SE93 Create Custom T-Code

SE43 Maintain and Display Area Menus

SE84 Information System for SAP R/3


Authorizations

SM30 Extended Table Maintenance

SE16 Display Table Data

SA38 Execute/Display Program

SE38 Maintain/Change Program


➡️ IMPORTANT TABLES:

• AGR* tables contain data about roles.


• USR* tables contain user master information.
• USH* table has change documents information.

Table Description

AGR_1016 Role Menu Information

AGR_1251 Authorization data for the activity group

AGR_1252 Organizational Data for Role

AGR_AGRS Hierarchy of composite roles

AGR_DEFINE Role definition

AGR_HIER2 Role Menu Node Information

AGR_OBJ Assignment of Menu Nodes to Role


AGR_PROF Profiles in Roles

AGR_TCDTXT Transaction Codes in Role

AGR_TEXTS Short Descriptions of Roles

AGR_TIME Time Stamp for Role

AGR_USERS Assignment of roles to users

USR01 User Master Data (runtime data)

USR02 Logon data (password, username, validity


date etc.)

USR03 User Address Data

USR04 User master authorization

USR05 User Master Fields (User Defaults)

USR06 User Master License data


USR07 User's Authorization Profiles

USR08 User System Assignment

USR10 Authorization Values (changed)

USR11 Text for authorization profiles

USR12 Authorization Profiles

USR13 Short text for authorization

USR40 Table for illegal passwords

USH02 Change history for logon data

USH04 History of user password changes in SAP

USH10 Change history of profiles in user master


records

USH012 Change history of authorization values


DEVACCESS Table for development user data.

UST04 User profiles

UST10C Composite profiles (i.e. profile has sub


profile)

USER_ADDR Address Data for users

USGRP User groups

USGRPT Text table for USGRP

USOBT Relation Transaction to Auth. Object (SAP)

USOBT_C Relation Transaction to Auth. Object


(Customer)

USOBX Check table for table USOBT

USOBX_C Check Table for Table USOBT_C


➡️ IMPORTANT REPORTS:

Report Description

RSUSR000 Lists all users logged on

RSUSR002 Users by complex selection criteria

RSUSR003 Check the Passwords of Standard users

RSUSR005 Lists users with critical authorizations

RSUSR006 Lists Locked Users and Users with Incorrect


Logons

RSUSR007 Lists Users with Incomplete Address Data

RSUSR020 Profiles by Complex Selection Criteria

RSUSR030 Authorizations by Complex Selection Criteria

RSUSR040 Authorization objects by Complex Selection


Criteria
RSUSR050 User Comparisons

RSUSR070 Roles by Complex Selection Criteria

RSUSR100N Change Documents for Users

RSUSR101 Change Documents for Profiles

RSUSR102 Change Documents for Authorizations

RSUSR200 List of Users According to Logon Date and


Password Change

RSUSR405 Reset all user buffers in all clients

RSUSR406 Automatically Generate Profile SAP_ALL

RSUSRSUIM User Information System

RSUSR008_009_NEW Users or Roles with Combinations of Critical


Authorizations

RSUSRLOG Log Display for Central User Administration

You might also like