Sap Security Tables Overview PDF

SAP SECURITY TABLES OVERVIEW
.
10/01/2011
SAP/ HITECH-1
Gitartha Changmai (258607) -- gitartha.changmai@tcs.com
Akhila. P.Shetty (341402) -- akhila.pshetty@tcs.com
Jyoti Kumar Barman (350286) -- jyoti.barman@tcs.com

TABLE OF CONTENT
PURPOSE 3
1. INTRODUCTION 4
2. Transaction code for View \ Maintain Table 4
2.1 Transaction code for DATA BROWSER 5
2.2 Transaction codes for TABLE MAINTENANCE 6
3. List of Commonly used Security Tables 7
3.1 USR01 8
3.2 USER_ADDR 9
3.3 TACT 10
3.4 TSTC 11
3.5 USOBT 12
3.6 USOBX 13
3.7 USR40 15
3.8 AGR_USERS 17
3.9 AGR_1016 18
3.10 UST12 19
Conclusion 21
Reference 21
2
TATA Consultancy Services TCS Internal
PURPOSE:
This document is mainly intended for beginners in SAP R/3 Security which mentions purpose for
basic security tables and their Menu path from SAP easy access screen. It includes an overview of
some commonly used security tables along with screenshot for easy reference and understanding.
3
1. INTRODUCTION
Definition:
A table is an area in a dynamic document in which you can display data in a structured form.
There are two kinds of tables:
Standard Tables:
Standard tables may contain any kind of element, including forms and other tables. You may place
any number of elements in each cell. Although they are flexible in this respect, constructing them
at runtime can be time-consuming.
Quick Tables:
Quick tables may only contain texts, links, and icons, and you may only place one element in each
cell. However, they are less time-consuming to construct at runtime, and are therefore a sensible
alternative to standard tables if you want to display a large table without using elements such as
pictures, forms, or nested tables.
2. Transaction code for View \ Maintain Table
SE16 Data Browser

SM30/SM31 Table Maintenance
4
2.1 Transaction code for DATA BROWSER.

T-code : SE16
Menu Path SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser
Purpose:
SE16 is a data browse and it is used to view the contents of the table and we cannot change or
append new fields to the existing structure of the table as we cannot view the structure level
display using the se16
Detailed Steps:
1. Open SAP Transaction Screen. Enter SE16 in the command line and click enters.
2. Enter the table name.
3. Press table content button.
4. If Authorizations exist then Corresponding Table is displayed, otherwise an error message is
displayed.
5
2.2 Transaction codes for TABLE MAINTENANCE

T-code: SM30
Menu Path System --> Services --> Table Maintenance --> Extended Table Maintenance
Purpose:
Create table authorization groups, Maintain assignments to tables
Description:
SM30 is used for create Authorization groups and Maintain Tables.
Detailed Steps:
1. Open SAP Transaction Screen, Enter SM30 in the command line and click enter.
2. Select Table .Click on Maintain
3. Fill the Table entry
4. Click to Save.
6
3. List of Commonly used Security Tables
3.1 USR01
3.2 USER_ADDR
3.3 TACT
3.4 TSTC
3.5 USOBT
3.6 USOBX
3.7 USR40
3.8 AGR_USERS
3.9 AGR_1016
3.10 UST12
7
3.1. USR01
The USR* tables contains all the data related to user master information.
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser-->USR01
(Or Transaction: SE16 USR01)
Purpose
USR01 Table stores user master data.
Detailed Steps
1. Open SAP Transaction Screen, Enter SE16 in the command line and click enter.
2. Type USR01 in table name field and click enter. This will display the below screen:
3. Put user name in the user field and execute (F8); it will display all the values in the next screen
for that particular user.
8
3.2. USER_ADDR
Address Data for users.
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> USER_ADDR.
(Or Transaction : SE16 USER_ADDR)
Purpose
USER_ADDR is use to view the address of the User.
Detailed Steps:
2. On the Table name: Initial Screen, type USER_ADDR and click enter. It will display the
following screen:
3. Put the user name in the field user and execute (F8). It will display the address data for that
particular user, eg: First name, last name, city, cost centre etc.
9
3.3. TACT
Table for finding the activity.
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> TACT.
(Or Transaction: SE16 TACT)
Purpose
TACT is use to view all the existing activity in a sap system.
Detailed Steps:
2. On the Table name: Initial Screen, type TACT and click enter. It will display the following
3. In the activity field, put * and execute. It will display the following screen.
10
3.4. TSTC
Table for authority checks.
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> TSTC.
(Or Transaction: SE16 TSTC)
Purpose
The system checks in table TSTC whether the transaction code is valid and whether the system
administrator has locked the transaction.
Detailed Steps:
2. On the Table name: Initial Screen, type TSTC and click enter. It will display the following
screen:
3. Now put any transaction code in the field Transaction code and execute (F8). It will display
Details of that transaction code like program, screen number, transaction text etc.
11
3.5. USOBT
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> USOBT.
(Or Transaction: SE16 USOBT)
Purpose
It defines for each transaction and authorization object, which default values should be used in the
profile generator. In the USOBT table the values are the SAP standard values as shown in SU24.
With SU25 one can (initially) transfer the USOBT values to the USOBT_C table. The C stands for
Customer.
Detailed Steps:
2. On the Table name: Initial Screen, type USOBT and click enter. It will display the following
screen:
3. Now press execute (F8). It will display the standard value for different object.
12
3.6. USOBX
Menu Path SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> USOBX
(or Transaction: SE16 USOBX)
Purpose
It defines which authorization checks should occur within a transaction and which authorization
checks should be maintained in the profile generator. We can determine the authorization checks
that can be maintained in the profile generator using check indicators. In the USOBX table the
values are the SAP standard values as shown in SU24. With SU25 one can (initially) transfer the
USOBX values to the USOBX_C table. The C stands for Customer.
Detailed Steps:
2. On the Table name: Initial Screen, type USOBX and click enter. It will display the following
screen:
3. Now press execute (F8). It will display the authorization check flag.
13
N = Do not check; X = Always check; Y = Check + USOBT entry
The flag indicates how the system is to deal with the authorization object (new mode) for an
authorization check.
Value 'N' Authorization object is not checked when the transaction is called.
Value 'Y' Authorization object is checked when the transaction is called. The values for the fields
of the authorization object must also be maintained in table USOBT for the profile generator.
Value 'X' Authorization object is checked, but the field values are not specified in table USOBT for
the profile generator. Value (SPACE) A valid flag ('N', 'X', or 'Y') has not yet been assigned to the
authorization object.
14
3.7. USR40
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> USR40.
(Or Transaction: SE16 USR40)
Purpose
USR40 is use to view the password which should not be used.
Detailed Steps:
2. On the Table name: Initial Screen, type USR40 and click enter. It will display the following
screen:
3. Now put * password field and execute. It will displays all the password which should not be
Used.
15
Screenshot of USR40 Table:
16
3.8. AGR_USERS
AGR* tables contains data about roles.
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> AGR_USERS.
(Or Transaction: SE16 AGR_USERS)
Purpose
It is use to view the assignment of roles to users
Detailed Steps:
2. On the Table name: Initial Screen, type AGR_USERS and click enter. It will display the
following screen:
3. Now put either user name or role name in the field user or role and press execute (F8). It will
display all the corresponding details of the user or role.
17
3.9. AGR_1016
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser-->AGR_1016.
(or Transaction: SE16 AGR_1016)
Purpose
AGR_1016 is use to view the assignment of roles to users.
Detailed Steps:
2. On the Table name: Initial Screen, type AGR_1016 and click enter. It will display the
following screen:
3. Now put the role name in the field Role and click execute (F8). It will display profile
for that role, version (active or maintenance) etc.
18
3.10. UST12
Menu Path
SAP Menu--> Tools--> ABAP Workbench --> Overview --> Data browser--> UST12.
(Or Transaction: SE16 UST12)
Purpose
UST12 is use to view the authorization value maintained within an authorization object.
Detailed Steps:
2. On the Table name: Initial Screen, type UST12 and click enter. It will display the following
screen:
3. Now put authorization object in the field Object (eg: s_tcode) and press execute it will displays
all the standard values which are maintained for that authorization object.
19
Screenshot of UST12 Table with object s_tode
20
Conclusion
The menu path and its purpose for Basic Transaction Codes highlighted in this document would
serve to beginners thriving to make an imprint in SAP Security. In this Version Basic Security
Table which would be necessary for Security Administration are brought to limelight. In the
upcoming versions more detailed information of Security Table and their description are planned
to be released.
Reference
1) SAP R/3 Handbook, Third Edition

By Jose Antonio Hernandez, Jim Keogh and Franklin Martinez
McGraw-Hill/Osborne 2006 (624 pages) Citation
ISBN: 9780072257168
2) www.help.sap.com
21
NOTE:
22

Sap Security Tables Overview PDF

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Sap Security Tables Overview PDF

Enviado por

Direitos autorais:

Formatos disponíveis

SAP SECURITY TABLES OVERVIEW

Akhila. P.Shetty (341402) -- akhila.pshetty@tcs.com

Jyoti Kumar Barman (350286) -- jyoti.barman@tcs.com

2. Transaction code for View \ Maintain Table 4

2.1 Transaction code for DATA BROWSER 5

2.2 Transaction codes for TABLE MAINTENANCE 6

3. List of Commonly used Security Tables 7

2. Transaction code for View \ Maintain Table

SE16 Data Browser

2.1 Transaction code for DATA BROWSER.

2.2 Transaction codes for TABLE MAINTENANCE

Create table authorization groups, Maintain assignments to tables

SM30 is used for create Authorization groups and Maintain Tables.

3. List of Commonly used Security Tables

Address Data for users.

USER_ADDR is use to view the address of the User.

N = Do not check; X = Always check; Y = Check + USOBT entry

USR40 is use to view the password which should not be used.

Screenshot of USR40 Table:

AGR* tables contains data about roles.

It is use to view the assignment of roles to users

(or Transaction: SE16 AGR_1016)

AGR_1016 is use to view the assignment of roles to users.

for that role, version (active or maintenance) etc.

Screenshot of UST12 Table with object s_tode

1) SAP R/3 Handbook, Third Edition

Você também pode gostar