cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to find the Role contains any Tcode

Former Member

on ‎12-30-2009 11:21 AM

0 Kudos

Dear Sir/Madam,

With SUIM I found users list having a tcode sm30. But when I tried to find out the exact Role containing that Tcode with SUIM , it is not showing any role. I have to remove this Tcode from these Users. How it can be done?

Please advice.

Thanks and Regards,

Pranab

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

jurjen_heeck
Active Contributor
‎12-30-2009 3:02 PM

> But when I tried to find out the exact Role containing that Tcode with SUIM , it is not showing any role.

The suim report roles "by transaction assignment" is notoriously unreliable because it only looks in the role menus. Better use the report for roles "by authorization values", fill in "S_TCODE" as object 1, hit the enter key and give SM30 as value. Now you should get a list of roles containing SM30, even if it isn't in the role menu.

I think that's less tedious than Bala's suggestion and just as accurate.

For more detailed explanations browse or search the SDN forum.

Jurjen

One other thought: Are there any profiles assigned directly to the users? That would also explain the behaviour you described.

Edited by: Jurjen Heeck on Dec 30, 2009 4:30 PM

Show replies
Show replies
Former Member
‎03-01-2016 10:50 AM
0 Kudos

working fine for me. thanks

Former Member
‎12-31-2009 6:53 AM
0 Kudos

Hi,

As per your query you find out how many users have this t-code. If necessary then create another profile for this and assign to said user.

Anil

Show replies
Show replies
Former Member
‎01-23-2010 12:22 PM
0 Kudos

Hi,

Above all are correct, you have to choose best one, i am giving another one:

suim --> user -->user by complex selection criteria --> put tcode (i.e sm30) --> F8 -->double click on user name -->profile --> own profile -->in each profile you have to see in s_tcode & TCD if sm30 is there the note taht profile and from corrospownding role you have to remove sm30 with the help of pfcg, do the same process with all the users.

Regards,

Sanjay Jha

Former Member
‎12-31-2009 2:07 AM
0 Kudos

Hi,

With SUIM I found users list having a tcode sm30

review that user you found, do they have inappropriate profile? eg. standard profile &_SAP_ALL will allow user to execute almost all transaction. if yes, please remove inappropriate profile. you should maintain transaction assignment via role only.

hope it help you,

rgds,

Alfonsus Guritno

Show replies
Show replies
Former Member
‎12-30-2009 1:45 PM
0 Kudos

Hi,

1. First you need to prepare a list of user for whom you will need to remove the SM30 auth.

2. Now go to su01 type the first user select roles copy down the list of roles in a notepad.

3.In SUIM you need to check the transactions --> Executable for Role... if you find SM30 in list then delete it in PFCG and

Proceed check with the next role.

4. This may be tedious process but will give you 100 % accuracy.

5.This step has to be continued till the last user in the list.

Regards

Bala

Show replies
Show replies
Ask a Question