Skip to Content

S_DEVELOP in PRD without Developer access key?

Hello,

If a user appeared in DEVACCESS table and have access to authorization object S_DEVELOP with ACTVT value 01 and 02, and later someone deletes the user from DEVACCESS, will that still be a security issue and what all activity that user can perforrm?

Thanks

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Feb 26 at 11:26 PM

    which ABAP release are you on? Developer Keys are no longer used in S/4HANA systems.

    You need to protect via authorisations and shouldn't be assigning that level of access in production.

    Refer note 2309060 - The SSCR license key procedure is not supported in SAP S/4 HANA

    Add comment
    10|10000 characters needed characters exceeded

    • Thanks Colleen, In this case someone had debug access, now I wanted to understand if any changes were done using that access. Audit logging in the system is not enabled hence can’t check the sm20 logs, any other leads to see If any changes were made??

      Tried checking if RSTPDAMAIN is invoked through ST03N and it appears during the period but do RSTPDAMAIN gets called even with display debug access as well?? And is it’s the right way to go about it?

      Any other possible way to find out if at all any changes were made??

      Thanks a lot for helping.

  • Feb 27 at 05:46 AM

    Hi,

    I think he/she can view the program and debug it since he got 02(changed), she/he change manipulate the data filters through debugging..

    Add comment
    10|10000 characters needed characters exceeded