|
|
|
SAP Security Tables
|
| |
|
Table
|
Description
|
Reports
|
|
USR02
|
Users
Data (logon data)
|
RSUSR020
|
|
USR04
|
User
master authorization (one row per user)
|
|
|
UST04
|
User
profiles (multiple rows per user)
|
|
|
USR10
|
Authorisation
profiles (i.e. &_SAP_ALL)
|
|
|
UST10C
|
Composit
profiles (i.e. profile has sub profile)
|
|
|
USR11
|
Text
for authorisation profiles
|
|
|
USR12
|
Authorisation
values
|
RSUSR030
|
|
USR13
|
Short
text for authorisation
|
|
|
USR40
|
Tabl
for illegal passwords
|
|
|
USGRP
|
User
groups
|
|
|
USGRPT
|
Text
table for USGRP
|
|
|
USH02
|
Change
history for logon data
|
|
|
USR01
|
User
Master (runtime data)
|
|
|
USER_ADDR
|
Address
Data for users
|
|
|
AGR_1016
|
Role
and Profile
|
RSUSR020
|
|
AGR_1016B
|
Role
and Profile
|
|
|
AGR_1250
|
Role
and Authorization data
|
|
|
AGR_1251
|
Role
Object, Authorization, Field and Value
|
RSUSR040
|
|
AGR_1252
|
Organizational
elements for authorizations
|
|
|
AGR_AGRS
|
Roles
in Composite Roles
|
|
|
AGR_DEFINE
|
To
See All Roles (Role definition)
|
RSUSR070
|
|
AGR_HIER2
|
Menu
structure information - Customer vers
|
|
|
AGR_HIERT
|
Role
menu texts
|
|
|
AGR_OBJ
|
Assignment
of Menu Nodes to Role
|
|
|
AGR_PROF
|
Profile
name for role
|
|
|
AGR_TCDTXT
|
Assignment
of roles to Tcodes
|
|
|
AGR_TEXTS
|
File
Structure for Hierarchical Menu - Cus
|
|
|
AGR_TIME
|
Time
Stamp for Role: Including profile
|
|
|
AGR_USERS
|
Assignment
of roles to users
|
|
|
USOBT
|
Relation
transaction to authorization object (SAP)
|
|
|
USOBT_C
|
Relation
Transaction to Auth. Object (Customer)
|
|
|
USOBX
|
Check
table for table USOBT
|
|
|
USOBXFLAGS
|
Temporary
table for storing USOBX/T* chang
|
|
|
USOBX_C
|
Check
Table for Table USOBT_C
|
|
|
TSTCA
|
Transaction
Code, Object, Field and Value
|
|
|
Central User Administration
|
|
SAP Security Reports
|
| |
|
SAP Security Report Name
|
Description
|
|
RSUSR_SYSINFO_ROLE (YOU NEED TO LOG ON TO THE CENTRAL
SYSTEM FOR THIS)
|
Report cross-systm information/role STANDARD SELECTION,
User name, Receiving system, SELECT ROLE Role
|
|
RSUSR_SYSINFO_PROFILE (YOU NEED TO LOG ON TO THE CENTRAL
SYSTEM FOR THIS)
|
Report cross-systm information/profile STANDARD CRITERIA
User Name, Receiving system, Profile
|
|
RSUSRSUIM
|
Same as SUIM User Information System
|
|
RSUSR402
|
Download user data for CA manager from Secude
|
|
RSUSR300
|
Set External Security Name for all Users
|
|
RSUSR200
|
List of Users According to Logon Date and Password Change
|
|
RSUSR102
|
Change Documents for Authorizations
|
|
RSUSR000
|
Currently Active Users Tcodes SU04 and AL08
|
|
RSUSR002
|
Users by Complex Selection Criteria (search by User,
Group, User Group, Reference User, User ID Alias, Role, Profile Name, Tcode,
SELECTION BY FIELD NAME, Field Name, SELECTION BY AUTHORIZATIONS
Authorizatrion Object, Authorization, SELECTION BY VALUES, Authorization
Object 1, AND Authorization Object 2, AND Authorization Object3, ADDITIONAL
SELECTION CRITERIA, Account number, Start Menu, Output Device, Valid Until,
Locked Users ONLY, Unlocked Users Only, CATT Check ID
|
|
RSUSR002_ADDRESS
|
Select User According to Address, NAMES, First Name, Last
Name, User, COMMUNICATION PATHS, Company, City, Buildings, Room, Extension,
OTHER DATA, Department, Cost Center
|
|
RSUSR003
|
Check the Passwords of Users SAP* and DDIC in All Clients
(SAP* DDIC SAPCPIC )
|
|
RSUSR004
|
Restrict User Values to the following Simple Profiles and
Auth Objs SELECTION CRITERIA Single Profiles, Authorization Objs
|
|
RSUSR005
|
List of Users with Critical Authorizations (SAME AS
RSUSR009 but difference is here you can't chose)
|
|
RSUSR006
|
List of Users According to Logon Date and Password Change
|
|
RSUSR007
|
List Users Whose Address Data is Incomplete (here give the
Required Address Data)
|
|
RSUSR008
|
Critical Combinations of Authorizations at Transaction
Start (Can view either Critical Combinations or Users)
|
|
RSUSR009
|
List of User with Critical Authorizations SAME AS RSUSR005
but here you can (Check using either customer data of Check using SAP data)
|
|
RSUSR010
|
Transaction for User with Profile or Authorization
(Transaction executable either by, User, with Role, Profile, Authorization
|
|
RSUSR011
|
Lists of transactions after selection by User, profile or
obj SELECTION FOR User
|
|
RSUSR012
|
Search authorizations, profiles and users with specified
object value (DISPLAY authorization objects, DISPLAY authorizations, DISPLAY
profiles, DISPLAY users)
|
|
RSUSR020
|
Profiles by Complex Criteria SELECTION CRITERIA Profile,
Profile test, ADDITIONAL CRITERIA FOR PROFILES, Composite Profile, Single
Profile, Generated Profiles, SELECTION BY CONTAINED PROFILES Profile,
SELECTION BY AUTHORIZATIONS, Authorization Object, Authorization, SELECTION
BY VALUES, Auth obj, auth obj2, auth obj3, SELECTION BY ROLE
|
|
RSUSR030
|
Authorizations by Complex Selection Criteria SELECTION
CRITERIA, Auth Object, Authorization, BY VALUES
|
|
RSUSR040
|
Authorization Objects by Complex Criteria, STANDARD SELECTIONS,
Authorization object, ADDITIONAL CRITERIA Object class, Obj class text, Field
|
|
RSUSR050
|
COMPARISIONS, Compare Users, USER A ------ USER B--------, ROLES, PROFILES<
AUTHORIZATIONS, Across Systems
|
|
RSUSR070
|
Roles by Complex Selection Criteria STANDARD SELECTION
Role, Description, SELECTION BY USER Assignments
|
|
RSUSR100
|
Change Documents for Users
|
|
RSUSR101
|
Change Document for Profiles
|
|
|
|
|
|
|
|
|
