Skip to Content

SE38 Authorization by Exclusions

I would like to create an authorization group for t-code SE38 - that excludes a handful of programs.

so for example it would give the user access to all SE38 reports - except the few listed.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Sep 26, 2017 at 03:07 AM

    Hi Shane

    Each program would need to be in auth group. Read up on S_PROGRAM/S_PROGNAM authorisations

    It might be more pain than worth. If you change auth groups on standard programs then you might have issues with your security access and have to go through to update SU24 for impacted transactions

    Generally, avoiding SE38 being granted to users in production and then build custom transactions when you want to provide access as you won't know if you have excluded all critical/risk programs that you need to.

    Regards

    Colleen

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 26, 2017 at 03:35 PM

    normally - I agree - except I'm the system administrator - so I need SE38. But our auditors don't want me running two specific programs that could delete audit logs. I'm not sure how else to do that.

    Add comment
    10|10000 characters needed characters exceeded

  • Oct 11, 2017 at 03:34 PM

    SE38 is very powerful Tcode, as you able to modify any program, Please go with SA38.

    • Give SA38
    • Map all programs to a Authorization groups
    • its a one time activity but will secure all standard and custom programs as well.
    Add comment
    10|10000 characters needed characters exceeded