We have added search box. Key in SAP issue keyword to search

Announcement: wanna exchange links? contact me at sapchatroom@gmail.com.

Re: [sap-security] SUIM Table Mapping

Posted by Admin at
Share this post:
Ma.gnolia DiggIt! Del.icio.us Yahoo Furl Technorati Reddit

Reply from SAPAUSSEC on Jul 30 at 10:56 AM
An ABAP developer could do this in less than a day. I am not certain
what you are trying to achieve or why it is so difficult to comment or
indicate which tables will be relevant to you. I assume you are aware
SUIM is a report tree with multiple reports with differing content. It
does not sound like a good approach to me.

Major security tables which are readily identifiable are (note this is
not a complete list):

USR02 Logon data

USR04 User master authorization (one row per user)

UST04 User profiles (multiple rows per user)

USR10 Authorisation profiles (i.e. &_SAP_ALL)

UST10C Composit profiles (i.e. profile has sub profile)

USR11 Text for authorisation profiles

USR12 Authorisation values

USR13 Short text for authorisation

USR40 Tabl for illegal passwords

USGRP User groups

USGRPT Text table for USGRP

USH02 Change history for logon data

USR01 User Master (runtime data)

USER_ADDR Address Data for users

AGR_1016 Name of the activity group profile

AGR_1016B Name of the activity group profile

AGR_1250 Authorization data for the activity group

AGR_1251 Authorization data for the activity group

AGR_1252 Organizational elements for authorizations

AGR_AGRS Roles in Composite Roles

AGR_DEFINE Role definition

AGR_HIER2 Menu structure information - Customer version

AGR_HIERT Role menu texts

AGR_OBJ Assignment of Menu Nodes to Role

AGR_PROF Profile name for role

AGR_TCDTXT Assignment of roles to Tcodes

AGR_TEXTS File Structure for Hierarchical Menu - Cusomising

AGR_TIME Time Stamp for Role: Including profile

AGR_USERS Assignment of roles to users

USOBT Relation transaction to authorization object (SAP)

USOBT_C Relation Transaction to Auth. Object (Customer)

USOBX Check table for table USOBT

USOBXFLAGS Temporary table for storing USOBX/T* change

---------------Original Message---------------
From: dbj460
Sent: Wednesday, July 26, 2017 8:57 AM
Subject: SUIM Table Mapping

No need to be rude.

The original problem is replicating the SUIM results through pulling the data out of the source tables using the same logic as running SUIM, but allow it to be automated. Currently have 30 different variation of suim queries that we run across 13 different systems to look at variations of elevated access. System configuration won't allow for batch processing through SUIM. It does, however, allow for ACL to connect to the source tables. So, in order to save 60-80 hours every time we check for this, I need to map the tables.

Reply to this email to post your response.
Manage Settings | Unsubscribe | Create FAQ | Send Feedback
© 2017 Ziff Davis, LLC. and message author.
Ziff Davis, LLC. 28 E 28th Street New York, NY 10016

Mark as helpful
View this online
Ask a new question
In the Spotlight
Earn Recognition for Your Contributions at Toolbox for IT. Gain Points for Community Achievements



Post a Comment

T r a n s l a t e to your language