Skip to Content
avatar image
Former Member

HR tables nightmare

Hi Friends/Experts,

This is really a silly question from my "Global security implementation Project"

An issue came up:

How do we access the infotypes in a role , list the infotypes with description for that role

Now this is what I did

1. SE16 - AGR-1251 gives the ouput , filtered by keyword infty and infoty got the list

2. pulled all the infotyes being used in the HR system with its description

3. wrote a lookup to get the infotype and its description specific to that role

Now the fun part is :

the AGR-1251 does not expand the ranges for infotypes having from(LOW) and to(HIGH) value

so i missed out on many infotypes in range, manual entry is not an acceptable path or solution.

Simple question with no answer available so far is

how do you expand the From and to value to get all the infotypes in range in the role?

example below(part of AGR_1251) the low and high column is what I am talking about

FIELD LOW HIGH MODIFIED DELETED COPIED NEU NODE

INFTY 105 G O 47

INFTY 167 171 G O 47

INFTY 194 195 G O 47

INFTY 207 210 G O 47

INFTY 377 378 G O 47

My input is what you entered in role is what you get, anyone with a different approach or idea

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Jun 26, 2010 at 07:09 PM

    The best people to analyse HR authorizations in my opinion are those who understand the data and config. There are a lot of options... so try to work closely together with them otherwise it will be futile.

    A little example is P_PERNR. Finding an infotype or range of this can go in all directions and overrides other authorizations. Avoiding ranges is generally good advise anywhere in SAP security....

    The executive summary in this case is in the function module HR_READ_INFOTYPE's code if you want to read it... 😊

    Cheers,

    Julius

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 07, 2010 at 01:40 PM

    A first step: Use SE16 for table T777T and use the data from AGR_1251 to fill the select option for field INFTY. Enter the single values and pattern into the single value tab and the interval into the select range tab.

    If you want to get the subtypes, too, then you have to develop a custom program which reads T777T and T777U because you have to check INFTY and SUBTY for eavery authorization in the role independantly.

    Kind regards

    Frank Buchholz

    Add comment
    10|10000 characters needed characters exceeded