Solved: SQ01 and authorization object S_TABU_DIS

Former Member · ‎05-29-2013

Hi,

we created a query with the following tables:

EKKO;

ESLH;

ESKL;

ESLL;

EKKN

When users execute the query system replies saying that users doesn't have the authorization to read EKKO.

I executed /nSU53 and system displays an authorization object named S_TABU_DIS with the missing activity (03) and authorization group (MA)

I searched for the above authorization group:

http://help.sap.com/saphelp_470/helpdata/en/c6/74ba3bd14a6a6ae10000000a114084/content.htm

I read the link and its content but this authorization seems related to SM30 and SE16 trx

Don't understand why this happens to SQ01 when the query reads EKKO table.

Thanks

Best regards

Former Member · ‎05-29-2013

Hi

maybe it's because is morning but i dont see any error, read this http://scn.sap.com/community/embedded-analytics/blog/2013/02/07/howto-analyse-sqvi-and-sq01-usage-an...

Let me know if you need more info

a

Former Member · ‎05-29-2013

Hi

maybe it's because is morning but i dont see any error, read this http://scn.sap.com/community/embedded-analytics/blog/2013/02/07/howto-analyse-sqvi-and-sq01-usage-an...

Let me know if you need more info

a

Former Member · ‎05-29-2013

Hi,

without object "S_TABU_DIS" with the activity (03) and authorization group (MA)

system cannot read EKKO table

Not clear how the above authorization is linked and interacts with EKKO

I enabled that object but what happens if user has this kind of authorization object?

Regards

Former Member · ‎05-29-2013

Hi

1. as it should be, you are giving him the auth to read EKKO even if you are not giving him transaction SM30 via SQ01 and

Object S_TABU_DIS provides you authorizations for displaying or maintaining tables.

2.if you will not give access to SM30 or program like that, it will not happen anything

Let me know if you need further details

a

eduardo_hinojosa · ‎05-29-2013

Hi

See also SAP Note 1557277 - SQVI/SQ01: No authorization check on S_TABU_NAM

Regards

Eduardo