Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Security reports

Former Member
0 Kudos

Hi folks

I don’t know but could you please let me know the security reports and tables.

I’ll appreciate your help

Cheers

Usman

1 ACCEPTED SOLUTION

former_member181966
Active Contributor

Usman ,

You can see the reports Under t-code SUIM

RSUSR000 Currently Active Users

RSUSR002 Users by Complex Selection Criteria

RSUSR002_ADDRESS Users by address data

RSUSR003 Check the Passwords of Users SAP* and DDIC in All Clients

RSUSR004 Restrict User Values to the Following Simple Profiles and Auth. Ob

RSUSR005 List of Users With Critical Authorizations

RSUSR006 Locked Users and Users with Incorrect Logons

RSUSR007 Display Users with Incomplete Address Data

RSUSR008 Critical Combinations of Authorizations at Transaction Start

RSUSR008_009_NEW List of Users With Critical Authorizations

RSUSR009 List of Users With Critical Authorizations

RSUSR010 Transactions for User, with Profile or Authorization

RSUSR011 Lists of transactions after selection by user, profile or obj.

RSUSR012 Search authorizations, profiles and users with specified object va

RSUSR020 Profiles by Complex Selection Criteria

RSUSR030 Authorizations by Complex Selection Criteria

RSUSR040 Authorization Objects by Complex Selection Criteria

RSUSR050 Comparisons

RSUSR060 Where-used lists

RSUSR060OBJ Where-Used List for Authorization Object in Programs and Transacti

RSUSR061 Enter Authorization Fields

RSUSR070 Roles by Complex Selection Criteria

RSUSR080 Users by License Data

RSUSR100 Change Documents for Users

RSUSR101 Change Documents for Profiles

RSUSR102 Change Documents for Authorizations

RSUSR200 List of Users According to Logon Date and Password Change

RSUSR300 Set External Security Name for All Users

RSUSR301 Fill non-checking transactions with auth.object S TCODE

RSUSR302 Delete authorization check on object S TCODE from table TSTCA

RSUSR304 Reload Table TSTCA From Table TSTCA_C

RSUSR400 Test Environment Authorization Checks (SAP Systems Only)

RSUSR401 Report to give all SAPCPIC users profile S_A.CPIC

RSUSR402 Download user data for CA manager from Secude

RSUSR403 Assign Profile S_A.CPIC to User SAPCPIC in Current Client

RSUSR404 Conversion Program for Authorizations of Basis Development Environ

RSUSR405 Reset all user buffers in all clients (uncritical)

RSUSR406 Automatically Generate Profile SAP_ALL

RSUSR406_OLD Automatically Generate Profile SAP_ALL

RSUSR408 XPRA: Conversion of USOBX-OKFLAG, USOBX-MODIFIED for upgrade tool

RSUSR409 Transfer all translated titles to generated transaction codes

RSUSR421 Clean-up report: TSTC-CINFO if no check in TSTCA

RSUSR500 User Administration: Compare Users in Central System

RSUSR500D Report RSUSR500D

RSUSR998 Call Reporting Tree Info System

RSUSREXT Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)

RSUSREXTID Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)

RSUSRLOG Log Display for Central User Administration

RSUSRSCUC CUA: Synchronization of the Company Addresses

RSUSRSUIM User Information System

RSUSR_S_USER_SAS Activate Authorization Object S_USER_SAS

RSUSR_S_USER_SAS_01 Complete Authorization Data for S_USER_SAS in Roles

RSUSR_S_USER_SAS_02 Convert Authorization Defaults

RSUSR_SYSINFO_PROFILE Report cross-system information/profile

RSUSR_SYSINFO_ROLE Report cross-system information/role

RSUSR_SYSINFO_ZBV Report cross-system information/CUM

Here`re the tables :

User/Security tables

DEVACCESS Table of development users including dev access key

USR02 Logon data

USR04 User master authorization (one row per user)

UST04 User profiles (multiple rows per user)

USR10 Authorisation profiles (i.e. &_SAP_ALL)

UST10C Composit profiles (i.e. profile has sub profile)

USR11 Text for authorisation profiles

USR12 Authorisation values

USR13 Short text for authorisation

USR40 Tabl for illegal passwords

OBJT Authorisation objetc table

<b>Hope this’ll give you some idea . I deserve 10 points now :)</b>

Thanks

Saquib Khan

8 REPLIES 8

former_member181966
Active Contributor

Usman ,

You can see the reports Under t-code SUIM

RSUSR000 Currently Active Users

RSUSR002 Users by Complex Selection Criteria

RSUSR002_ADDRESS Users by address data

RSUSR003 Check the Passwords of Users SAP* and DDIC in All Clients

RSUSR004 Restrict User Values to the Following Simple Profiles and Auth. Ob

RSUSR005 List of Users With Critical Authorizations

RSUSR006 Locked Users and Users with Incorrect Logons

RSUSR007 Display Users with Incomplete Address Data

RSUSR008 Critical Combinations of Authorizations at Transaction Start

RSUSR008_009_NEW List of Users With Critical Authorizations

RSUSR009 List of Users With Critical Authorizations

RSUSR010 Transactions for User, with Profile or Authorization

RSUSR011 Lists of transactions after selection by user, profile or obj.

RSUSR012 Search authorizations, profiles and users with specified object va

RSUSR020 Profiles by Complex Selection Criteria

RSUSR030 Authorizations by Complex Selection Criteria

RSUSR040 Authorization Objects by Complex Selection Criteria

RSUSR050 Comparisons

RSUSR060 Where-used lists

RSUSR060OBJ Where-Used List for Authorization Object in Programs and Transacti

RSUSR061 Enter Authorization Fields

RSUSR070 Roles by Complex Selection Criteria

RSUSR080 Users by License Data

RSUSR100 Change Documents for Users

RSUSR101 Change Documents for Profiles

RSUSR102 Change Documents for Authorizations

RSUSR200 List of Users According to Logon Date and Password Change

RSUSR300 Set External Security Name for All Users

RSUSR301 Fill non-checking transactions with auth.object S TCODE

RSUSR302 Delete authorization check on object S TCODE from table TSTCA

RSUSR304 Reload Table TSTCA From Table TSTCA_C

RSUSR400 Test Environment Authorization Checks (SAP Systems Only)

RSUSR401 Report to give all SAPCPIC users profile S_A.CPIC

RSUSR402 Download user data for CA manager from Secude

RSUSR403 Assign Profile S_A.CPIC to User SAPCPIC in Current Client

RSUSR404 Conversion Program for Authorizations of Basis Development Environ

RSUSR405 Reset all user buffers in all clients (uncritical)

RSUSR406 Automatically Generate Profile SAP_ALL

RSUSR406_OLD Automatically Generate Profile SAP_ALL

RSUSR408 XPRA: Conversion of USOBX-OKFLAG, USOBX-MODIFIED for upgrade tool

RSUSR409 Transfer all translated titles to generated transaction codes

RSUSR421 Clean-up report: TSTC-CINFO if no check in TSTCA

RSUSR500 User Administration: Compare Users in Central System

RSUSR500D Report RSUSR500D

RSUSR998 Call Reporting Tree Info System

RSUSREXT Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)

RSUSREXTID Enter Correct SNC Names in Table View VUSREXTID (from SAP R/3 4.5)

RSUSRLOG Log Display for Central User Administration

RSUSRSCUC CUA: Synchronization of the Company Addresses

RSUSRSUIM User Information System

RSUSR_S_USER_SAS Activate Authorization Object S_USER_SAS

RSUSR_S_USER_SAS_01 Complete Authorization Data for S_USER_SAS in Roles

RSUSR_S_USER_SAS_02 Convert Authorization Defaults

RSUSR_SYSINFO_PROFILE Report cross-system information/profile

RSUSR_SYSINFO_ROLE Report cross-system information/role

RSUSR_SYSINFO_ZBV Report cross-system information/CUM

Here`re the tables :

User/Security tables

DEVACCESS Table of development users including dev access key

USR02 Logon data

USR04 User master authorization (one row per user)

UST04 User profiles (multiple rows per user)

USR10 Authorisation profiles (i.e. &_SAP_ALL)

UST10C Composit profiles (i.e. profile has sub profile)

USR11 Text for authorisation profiles

USR12 Authorisation values

USR13 Short text for authorisation

USR40 Tabl for illegal passwords

OBJT Authorisation objetc table

<b>Hope this’ll give you some idea . I deserve 10 points now :)</b>

Thanks

Saquib Khan

0 Kudos

That's was really helpful

Thanks

Firoz

Former Member
0 Kudos

Hi,

Please refer this link:

http://www.sapgenie.com/basis/Security%20upgrade%20white%20paper.htm

· RSUSR* reports (use SE38 and do a possible-values list for RSUSR* to see all available security reports), including:

RSUSR002 – display users according to complex search criteria

RSUSR010 – Transactions that can be executed by users, with Profile or Authorization

RSUSR070 – Activity groups by complex search criteria

RSUSR100 – Changes made to user masters

RSUSR101 – Changes made to Profiles

RSUSR102 – Changes made to Authorizations

RSUSR200 – Users according to logon date and password change, locked users.

Transactions

· SUIM : various handy reports

· SU10 : Mass user changes

· PFCG: Profile Generator

· PFUD: User master comparison

· SU01: User master maintenance

· ST01: System trace

· ST22: ABAP dumps

· SUCU / SE54: Maintain authorization groups for tables / views

· PPOMW: Enjoy transaction to maintain the HR organizational plan

· PO10: Expert maintenance of Organizational Units and related relationships

· PO13: Expert maintenance of Positions and related relationships

· STAT: System statistics, including which tcodes are being used by which users

Tables

Table Use

UST12 Authorizations and Tcodes per Profile

UST04 Assignment of users to Profiles

AGR_USERS Assignment of roles to users

USOBT_C Authorizations associated with a transaction

USR02 Last logon date, locked ID’s

AGR_TCODES Assignment of roles to Tcodes (4.6 tcodes)

USH02 Change history for users (e.g. who last changed users via SU01)

USH04 Display history of who made changes to which User Ids

USR40 Non-permitted passwords

USR41 Users with logon information (multiple logons)

Regards,

Gayathri

0 Kudos

Thanks Guys !!!

Cheers

Usman

0 Kudos

Also AGR_1251 for authorization object values

AGR_1252 for org level values

AGR_AGRS for composites

Former Member
0 Kudos

Hello,

I've a list of critical HR combinations and want to discuss them. Is there anyone who could check this and vice versa?

Regards,

Ben Goebel

Former Member
0 Kudos

Hi,

Thanks for long list of Reports/ Tables.

I have a requirement, where I need to find if any of the profile have a particular Transactions in it. I guess, the SUIM list Transactions only from Menu tab.

Could any one help?

If I query Table AGR_1251 for SU01, will it list all the Profiles having SU01 in it? Will it include value asterick (*) also? Is it s complete list?

Thanks,

Sam

0 Kudos

Frequently used tables

For Fiori :

USOBHASH, AGR_HIERT, /UI2/V_SYSALIAS, /UI2/V_ALIASCAT & /UI2/V_ALIASMAP, /IWBEP/I_SBD_SV.

For BPC:

RSBPCE_USER_TEAM, RSBPCE_DAP_TEAM, RSBPCE_PROFILE, RSBPCE_DAP_DIM

General Tables :

USER_ADDR,TOBJ,TACTZ,USOBT_C, USOBX_C , AGR_1251,AGR_1252, AGR_DEFINE, USR*, DEVACCESS

Kindly explore all these tables for more details.