Table access / authorization group

pts.
Tags:
Basis
Development
What is a good resource to help me understand the risks of assigning the &NC& authorization group to a table, including how these tables can be accessed by "unauthorized" users? Also, what tranaction(s) will I need to evaluate users that have potential access to a table? Thank you !

Answer Wiki

Thanks. We'll let you know when a new response is added.

When you generate the table maintenance (SE56) the system creates a dynpro and a program (in the Function group that you insert) to allow you to update the table using the SM30 transaction.
If you link the authorization group, the system checks that you are authorized to display or update that table data.
For example, if you create the authorization group ZGPF the system authomatically make the following check

AUTHORITY-CHECK OBJECT ‘S_TABU_DIS’
ID ‘DICBERCLS’ FIELD ‘ZGPF’
ID ‘ACTVT’ FIELD ’02’.

The field actvt is 01 to create, 02 to update, 03 to display data.

All user that will be able to update data will have to have “S_TABU_DIS” “ZGPF” “02” in their user authorization.

If you link authorization &NC& to the table, there won’t be any checks. Obviously the system checks that you are authorized to SM30 transaction.

The transaction to create authorization group is SE54.

I hope to be clear … for any other question don’t hesitate to contact me!

Bye
Lara

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Msalas
    To follow up on Lara's response... Once you give authorization to a User to maintain a table in a specific group (like &NC&), the user has maintenance access to all of the tables in that group. Also, the user is authorized to maintain all entries in the table. If you require users to be able to maintain specific entries in the table (like data for a specific SAP Plant), SAP provides the hooks/exits to add the custom code required to force and limit access to the contents of a table.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following