Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from SAPAUSSEC on Jul 30 at 10:56 AM An ABAP developer could do this in less than a day. I am not certain what you are trying to achieve or why it is so difficult to comment or indicate which tables will be relevant to you. I assume you are aware SUIM is a report tree with multiple reports with differing content. It does not sound like a good approach to me. Major security tables which are readily identifiable are (note this is not a complete list): USR02 Logon data USR04 User master authorization (one row per user) UST04 User profiles (multiple rows per user) USR10 Authorisation profiles (i.e. &_SAP_ALL) UST10C Composit profiles (i.e. profile has sub profile) USR11 Text for authorisation profiles USR12 Authorisation values USR13 Short text for authorisation USR40 Tabl for illegal passwords USGRP User groups USGRPT Text table for USGRP USH02 Change history for logon data USR01 User Master (runtime data) USER_ADDR Address Data for users AGR_1016 Name of the activity group profile AGR_1016B Name of the activity group profile AGR_1250 Authorization data for the activity group AGR_1251 Authorization data for the activity group AGR_1252 Organizational elements for authorizations AGR_AGRS Roles in Composite Roles AGR_DEFINE Role definition AGR_HIER2 Menu structure information - Customer version AGR_HIERT Role menu texts AGR_OBJ Assignment of Menu Nodes to Role AGR_PROF Profile name for role AGR_TCDTXT Assignment of roles to Tcodes AGR_TEXTS File Structure for Hierarchical Menu - Cusomising AGR_TIME Time Stamp for Role: Including profile AGR_USERS Assignment of roles to users USOBT Relation transaction to authorization object (SAP) USOBT_C Relation Transaction to Auth. Object (Customer) USOBX Check table for table USOBT USOBXFLAGS Temporary table for storing USOBX/T* change
| | | ---------------Original Message--------------- From: dbj460 Sent: Wednesday, July 26, 2017 8:57 AM Subject: SUIM Table Mapping No need to be rude. The original problem is replicating the SUIM results through pulling the data out of the source tables using the same logic as running SUIM, but allow it to be automated. Currently have 30 different variation of suim queries that we run across 13 different systems to look at variations of elevated access. System configuration won't allow for batch processing through SUIM. It does, however, allow for ACL to connect to the source tables. So, in order to save 60-80 hours every time we check for this, I need to map the tables. | | Reply to this email to post your response. __.____._ | _.____.__ |