cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OB52 is Still Accessable

Go to solution
former_member598106
Explorer

on ‎02-12-2019 2:28 PM

0 Kudos

Hello;


I removed OB52 from all users roles by going to SUIM --> Roles by transactions then removed it from all roles as the company wants only users who have sap_all to do the work in OB52.


I did the above but when I check I still find two users who still can access OB52.

Can you please suggest how I should remove it from all users except admins

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Colleen
Advisor
Advisor
‎02-13-2019 4:28 AM
0 Kudos

Hi

when you ran SUIM report did you run by authorisation S_TCODE = Ob52 or via transaction in menu?

Also to consider, Ob52 is not the only transaction code to maintain period end closing: SM30 with S_TABU_DIS or S_TABU_NAM authorisations to the table or table group. also, transaction s_alr_87003642 give yous OB52

Finally, if it's a specific user with who still has access, you can look in their user buffer via SU56 to see what S_TCODE and S_TABU* access they have


Cheers

Colleen

Show replies
Show replies
former_member598106
Explorer
‎02-13-2019 9:57 AM
0 Kudos

Hi Colleen Hebbert;

Thank you for your reply. For T-code "s_alr_87003642" it is not given to anyone excep the admin which is what we need.

Thanks to your suggestion I checked SU56 and added the user ID and this helped to detect what role easier:

Earlier I was doing it from SU01 to check the user roles, but took too long, and could not track the t-code OB52 to remove it.

Via SU56 was diret there 🙂 thanks alot.

Best Regards

Amal Aloun

Colleen
Advisor
Advisor
‎02-14-2019 12:26 AM
0 Kudos

glad to hear you had it working. The SUIM report roles by complex criteria with a filter on User Id and authorisation S_TCODE= OB52 should have found all of the roles for the user as well. Much faster than going through SU01

I use SU56 as final resort in case there is a need to refresh user buffer or a corrupt profile that needs to be generated again.

Answers (1)

Answers (1)

TammyPowlas
Active Contributor
‎02-12-2019 2:39 PM
0 Kudos

Can you do an STAUTHTRACE on the 2 users who have OB52 and see what authorizations they have?

Show replies
Show replies
Ask a Question