Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Utilizing SQ01 SQ02 for user report generation of production data

Former Member

‎05-16-2014 4:08 PM

0 Kudos

I am interested in utilizing sap query transactions SQ01, SQ02, and SQ03 to create and customize end user reports that will be used  by our audit team to analyze SAP data in our production environment. My objective would be to have one person with authorization to run SQ01,02,03 and have that user create all the reports that would be required for the team to use. This way there isn't a bunch of users out there using SQ01 indiscriminately or perhaps not using it at all. I currently have authorization to run SQVI but it is limited. From what I understand there is more flexibility with SQ01 because they allow you to create calculated fields and offer more formatting options. Most of these reports would be related to finance, sales, vendor, customer, etc.

My question is this. How do I create these custom queries and allow multiple users to access and run them? Are the queries created directly in production? Are they created in DEV and then tested in QA before being transported to Prod? I understand you can map an sap query program to a transaction and then add that to a role but isn't the program name generated by SQ01 different in every instance? I would like this code to be reproducible as I have 5 different SAP instances in which these reports would be used. Same reports, different data.

I am looking to leverage the power of SAP query to produce meaningful reports for our team without having to use programmers to develop them from scratch. What is the optimal approach to doing this without creating a lot of hassles and without creating additional security risks?

If I create a query based on SAP tables I have access to does the general user also have to have authorization to those tables in order for the query to run for them? In theory the entire team should have authorization to the same standard SAP tables because we all have the same roles assigned but I may have some additional tables assigned to me because I am the IT auditor. Just confirming.

I appreciate any and all suggestions. I would like to proceed with the best solution as soon as possible.

Thank you very much.

Mark

3 REPLIES 3

Former Member

‎05-16-2014 4:54 PM

0 Kudos

Hi Mark,

Users can create the queries directly in production as well, provided if the user has the appropriate authorizations(S_QUERY).

You can look at the below suggestion, you can generate the programs for the queries and create transaction codes for each query in development and move it to production. Then you can restrict the access to users in roles based on the transaction code.

Hope it works.

Regards,

Laxman

Former Member
In response to Former Member

‎05-16-2014 5:49 PM

0 Kudos

Laxman,

Many of the users on the audit team are not technically savvy which is why I want to restrict access, Also I want to create a standard report that would be the same for everyone to use where they only need to update or change variables before running. I think our security team may not want a lot of users in production with sap query capability.

Thank you for your reply.

Mark

Former Member
In response to Former Member

‎05-16-2014 6:19 PM

0 Kudos

Hi Mark,

It is best to create queries in dev rather than doing it in prd directly.

Query user group can be used to control the access in production.

You can have one query administrator with access to sq01,2,3 and sqvi who will assign query user group to respective users in prd so they can run these.

BR,

Mangesh