SAP_J2EE_Admin has PFCG Access Rights?

Former Member · ‎04-27-2017

We just got the Information, that a user can create roles in pfcg. The search / SUIM for S_USER_AGR with ACTVT 01 for this user provides the following role as a result: SAP_J2EE_ADMIN... Nevertheless, the role SAP_J2EE_ADMIN is empty / has no Profile at all.

Is this a known issue?

We added a random object to the role SAP_J2EE_ADMIN and generated it, then the search for S_USER_AGR with ACTVT 01 does not provide the Role SAP_J2EE_ADMIN as a result anymore. So this would help, but is not really a good solution either.

Any ideas?

Thanks a lot!

Colleen · ‎07-07-2017

Hi Sybil

Could the SAP* role have been previously generated so that the use had the profile? Might be too late to replicate this but did you look in the user's buffer to see which profile the authorisation was coming from? Afterwards, run PFUD for user compare and cleanups to see that it disappears (assuming the profile was deleted)

Regards

Colleen

SAP_J2EE_Admin has PFCG Access Rights?

Accepted Solutions (0)

Answers (1)

Answers (1)

Re: SAP Datasphere DBADMIN and Data provisioning a...

Re: How to do client copy in SAP BW after database...

SAP Analytics Cloud for planning - Resource Issue ...

Edit Query Disabled from File server data source i...

Re: Change header field of purchase order on save