03-29-2017 6:27 AM
Hello All,
I have been working on one new requirement a custom program has been created and a new Z T code has been suggested to be created.
My Question is I have to provide the roles to be added to this new Z T Code, how to identify which roles can be used for this T code.
03-29-2017 7:38 AM
It really depends on what your new transaction does exactly, why it was developed in the first place, who is supposed to use it and what are the business processes in your company. You need to discuss these points with your colleagues (functional consultants and security experts) and with the business team. This is a problem, which can be resolved locally.
I usually use SUIM to list roles, in addition to that I look at the authorization checks performed in the custom transaction, other than S-TCODE (different options here - ST01 trace or view the code), then think of possible complications of dangerous combinations if the transaction is added to specific roles or having it as a separate one.
03-29-2017 7:38 AM
It really depends on what your new transaction does exactly, why it was developed in the first place, who is supposed to use it and what are the business processes in your company. You need to discuss these points with your colleagues (functional consultants and security experts) and with the business team. This is a problem, which can be resolved locally.
I usually use SUIM to list roles, in addition to that I look at the authorization checks performed in the custom transaction, other than S-TCODE (different options here - ST01 trace or view the code), then think of possible complications of dangerous combinations if the transaction is added to specific roles or having it as a separate one.