04-06-2006 12:29 AM - last edited on 02-03-2024 9:42 PM by postmig_api_4
Hi folks
I dont know but could you please let me know the security reports and tables.
Ill appreciate your help
Cheers
Usman
04-06-2006 12:32 AM
Usman ,
You can see the reports Under t-code SUIM
RSUSR000 Currently Active Users
RSUSR002 Users by Complex Selection Criteria
RSUSR002_ADDRESS Users by address data
RSUSR003 Check the Passwords of Users SAP* and DDIC in All Clients
RSUSR004 Restrict User Values to the Following Simple Profiles and Auth. Ob
RSUSR005 List of Users With Critical Authorizations
RSUSR006 Locked Users and Users with Incorrect Logons
RSUSR007 Display Users with Incomplete Address Data
RSUSR008 Critical Combinations of Authorizations at Transaction Start
RSUSR008_009_NEW List of Users With Critical Authorizations
RSUSR009 List of Users With Critical Authorizations
RSUSR010 Transactions for User, with Profile or Authorization
RSUSR011 Lists of transactions after selection by user, profile or obj.
RSUSR012 Search authorizations, profiles and users with specified object va
RSUSR020 Profiles by Complex Selection Criteria
RSUSR030 Authorizations by Complex Selection Criteria
RSUSR040 Authorization Objects by Complex Selection Criteria
RSUSR050 Comparisons
RSUSR060 Where-used lists
RSUSR060OBJ Where-Used List for Authorization Object in Programs and Transacti
RSUSR061 Enter Authorization Fields
RSUSR070 Roles by Complex Selection Criteria
RSUSR080 Users by License Data
RSUSR100 Change Documents for Users
RSUSR101 Change Documents for Profiles
RSUSR102 Change Documents for Authorizations
RSUSR200 List of Users According to Logon Date and Password Change
RSUSR300 Set External Security Name for All Users
RSUSR301 Fill non-checking transactions with auth.object S TCODE
RSUSR302 Delete authorization check on object S TCODE from table TSTCA
RSUSR304 Reload Table TSTCA From Table TSTCA_C
RSUSR400 Test Environment Authorization Checks (SAP Systems Only)
RSUSR401 Report to give all SAPCPIC users profile S_A.CPIC
RSUSR402 Download user data for CA manager from Secude
RSUSR403 Assign Profile S_A.CPIC to User SAPCPIC in Current Client
RSUSR404 Conversion Program for Authorizations of Basis Development Environ
RSUSR405 Reset all user buffers in all clients (uncritical)
RSUSR406 Automatically Generate Profile SAP_ALL
RSUSR406_OLD Automatically Generate Profile SAP_ALL
RSUSR408 XPRA: Conversion of USOBX-OKFLAG, USOBX-MODIFIED for upgrade tool
RSUSR409 Transfer all translated titles to generated transaction codes
RSUSR421 Clean-up report: TSTC-CINFO if no check in TSTCA
RSUSR500 User Administration: Compare Users in Central System
RSUSR500D Report RSUSR500D
RSUSR998 Call Reporting Tree Info System
RSUSREXT Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)
RSUSREXTID Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)
RSUSRLOG Log Display for Central User Administration
RSUSRSCUC CUA: Synchronization of the Company Addresses
RSUSRSUIM User Information System
RSUSR_S_USER_SAS Activate Authorization Object S_USER_SAS
RSUSR_S_USER_SAS_01 Complete Authorization Data for S_USER_SAS in Roles
RSUSR_S_USER_SAS_02 Convert Authorization Defaults
RSUSR_SYSINFO_PROFILE Report cross-system information/profile
RSUSR_SYSINFO_ROLE Report cross-system information/role
RSUSR_SYSINFO_ZBV Report cross-system information/CUM
Here`re the tables :
User/Security tables
DEVACCESS Table of development users including dev access key
USR02 Logon data
USR04 User master authorization (one row per user)
UST04 User profiles (multiple rows per user)
USR10 Authorisation profiles (i.e. &_SAP_ALL)
UST10C Composit profiles (i.e. profile has sub profile)
USR11 Text for authorisation profiles
USR12 Authorisation values
USR13 Short text for authorisation
USR40 Tabl for illegal passwords
OBJT Authorisation objetc table
<b>Hope thisll give you some idea . I deserve 10 points now :)</b>
Thanks
Saquib Khan
04-06-2006 12:32 AM
Usman ,
You can see the reports Under t-code SUIM
RSUSR000 Currently Active Users
RSUSR002 Users by Complex Selection Criteria
RSUSR002_ADDRESS Users by address data
RSUSR003 Check the Passwords of Users SAP* and DDIC in All Clients
RSUSR004 Restrict User Values to the Following Simple Profiles and Auth. Ob
RSUSR005 List of Users With Critical Authorizations
RSUSR006 Locked Users and Users with Incorrect Logons
RSUSR007 Display Users with Incomplete Address Data
RSUSR008 Critical Combinations of Authorizations at Transaction Start
RSUSR008_009_NEW List of Users With Critical Authorizations
RSUSR009 List of Users With Critical Authorizations
RSUSR010 Transactions for User, with Profile or Authorization
RSUSR011 Lists of transactions after selection by user, profile or obj.
RSUSR012 Search authorizations, profiles and users with specified object va
RSUSR020 Profiles by Complex Selection Criteria
RSUSR030 Authorizations by Complex Selection Criteria
RSUSR040 Authorization Objects by Complex Selection Criteria
RSUSR050 Comparisons
RSUSR060 Where-used lists
RSUSR060OBJ Where-Used List for Authorization Object in Programs and Transacti
RSUSR061 Enter Authorization Fields
RSUSR070 Roles by Complex Selection Criteria
RSUSR080 Users by License Data
RSUSR100 Change Documents for Users
RSUSR101 Change Documents for Profiles
RSUSR102 Change Documents for Authorizations
RSUSR200 List of Users According to Logon Date and Password Change
RSUSR300 Set External Security Name for All Users
RSUSR301 Fill non-checking transactions with auth.object S TCODE
RSUSR302 Delete authorization check on object S TCODE from table TSTCA
RSUSR304 Reload Table TSTCA From Table TSTCA_C
RSUSR400 Test Environment Authorization Checks (SAP Systems Only)
RSUSR401 Report to give all SAPCPIC users profile S_A.CPIC
RSUSR402 Download user data for CA manager from Secude
RSUSR403 Assign Profile S_A.CPIC to User SAPCPIC in Current Client
RSUSR404 Conversion Program for Authorizations of Basis Development Environ
RSUSR405 Reset all user buffers in all clients (uncritical)
RSUSR406 Automatically Generate Profile SAP_ALL
RSUSR406_OLD Automatically Generate Profile SAP_ALL
RSUSR408 XPRA: Conversion of USOBX-OKFLAG, USOBX-MODIFIED for upgrade tool
RSUSR409 Transfer all translated titles to generated transaction codes
RSUSR421 Clean-up report: TSTC-CINFO if no check in TSTCA
RSUSR500 User Administration: Compare Users in Central System
RSUSR500D Report RSUSR500D
RSUSR998 Call Reporting Tree Info System
RSUSREXT Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)
RSUSREXTID Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)
RSUSRLOG Log Display for Central User Administration
RSUSRSCUC CUA: Synchronization of the Company Addresses
RSUSRSUIM User Information System
RSUSR_S_USER_SAS Activate Authorization Object S_USER_SAS
RSUSR_S_USER_SAS_01 Complete Authorization Data for S_USER_SAS in Roles
RSUSR_S_USER_SAS_02 Convert Authorization Defaults
RSUSR_SYSINFO_PROFILE Report cross-system information/profile
RSUSR_SYSINFO_ROLE Report cross-system information/role
RSUSR_SYSINFO_ZBV Report cross-system information/CUM
Here`re the tables :
User/Security tables
DEVACCESS Table of development users including dev access key
USR02 Logon data
USR04 User master authorization (one row per user)
UST04 User profiles (multiple rows per user)
USR10 Authorisation profiles (i.e. &_SAP_ALL)
UST10C Composit profiles (i.e. profile has sub profile)
USR11 Text for authorisation profiles
USR12 Authorisation values
USR13 Short text for authorisation
USR40 Tabl for illegal passwords
OBJT Authorisation objetc table
<b>Hope thisll give you some idea . I deserve 10 points now :)</b>
Thanks
Saquib Khan
07-25-2007 12:26 AM
That's was really helpful
Thanks
Firoz
04-06-2006 8:04 AM
Hi,
Please refer this link:
http://www.sapgenie.com/basis/Security%20upgrade%20white%20paper.htm
· RSUSR* reports (use SE38 and do a possible-values list for RSUSR* to see all available security reports), including:
RSUSR002 display users according to complex search criteria
RSUSR010 Transactions that can be executed by users, with Profile or Authorization
RSUSR070 Activity groups by complex search criteria
RSUSR100 Changes made to user masters
RSUSR101 Changes made to Profiles
RSUSR102 Changes made to Authorizations
RSUSR200 Users according to logon date and password change, locked users.
Transactions
· SUIM : various handy reports
· SU10 : Mass user changes
· PFCG: Profile Generator
· PFUD: User master comparison
· SU01: User master maintenance
· ST01: System trace
· ST22: ABAP dumps
· SUCU / SE54: Maintain authorization groups for tables / views
· PPOMW: Enjoy transaction to maintain the HR organizational plan
· PO10: Expert maintenance of Organizational Units and related relationships
· PO13: Expert maintenance of Positions and related relationships
· STAT: System statistics, including which tcodes are being used by which users
Tables
Table Use
UST12 Authorizations and Tcodes per Profile
UST04 Assignment of users to Profiles
AGR_USERS Assignment of roles to users
USOBT_C Authorizations associated with a transaction
USR02 Last logon date, locked IDs
AGR_TCODES Assignment of roles to Tcodes (4.6 tcodes)
USH02 Change history for users (e.g. who last changed users via SU01)
USH04 Display history of who made changes to which User Ids
USR40 Non-permitted passwords
USR41 Users with logon information (multiple logons)
Regards,
Gayathri
04-06-2006 4:08 PM
04-07-2006 7:02 PM
Also AGR_1251 for authorization object values
AGR_1252 for org level values
AGR_AGRS for composites
10-27-2006 9:21 AM
Hello,
I've a list of critical HR combinations and want to discuss them. Is there anyone who could check this and vice versa?
Regards,
Ben Goebel
12-12-2006 12:45 AM
Hi,
Thanks for long list of Reports/ Tables.
I have a requirement, where I need to find if any of the profile have a particular Transactions in it. I guess, the SUIM list Transactions only from Menu tab.
Could any one help?
If I query Table AGR_1251 for SU01, will it list all the Profiles having SU01 in it? Will it include value asterick (*) also? Is it s complete list?
Thanks,
Sam
02-10-2020 2:42 PM
Frequently used tables
For Fiori :
USOBHASH, AGR_HIERT, /UI2/V_SYSALIAS, /UI2/V_ALIASCAT & /UI2/V_ALIASMAP, /IWBEP/I_SBD_SV.
For BPC:
RSBPCE_USER_TEAM, RSBPCE_DAP_TEAM, RSBPCE_PROFILE, RSBPCE_DAP_DIM
General Tables :
USER_ADDR,TOBJ,TACTZ,USOBT_C, USOBX_C , AGR_1251,AGR_1252, AGR_DEFINE, USR*, DEVACCESS
Kindly explore all these tables for more details.