Tables visited by a user

SAP Security

Moderators: Snowy, thx4allthefish, jurjen

Post Reply
sapnov05
Posts: 295
Joined: Sun Feb 06, 2005 8:35 am

Tables visited by a user

Post by sapnov05 » Fri Mar 16, 2012 9:13 am

Hi folks - is there any way to restrict users to view certain tables only in SE16N?
Also, is there any transaction to find out which tables were actually called up by any user in SE16N if this restriction can't occur for any reason? I know we can create transactions for specific table call up but we have too many and want to restrict it in this way if possible?

Many thanks in advance!

Snowy
Posts: 28796
Joined: Mon Oct 21, 2002 2:33 pm
Location: 3.1415926535

Re: Tables visited by a user

Post by Snowy » Fri Mar 16, 2012 9:45 am

I am moving this in the SAP Security forum

YuriT
Posts: 885
Joined: Fri Feb 03, 2006 6:40 am
Location: Basel/Riga

Re: Tables visited by a user

Post by YuriT » Wed May 23, 2012 6:43 am

Remove SE16N authorization totally. Create custom parameter transaction in SE93 for each table you want to access through SE16N. Assign those transactions selectively.

Gary Morris
Posts: 400
Joined: Sun Oct 20, 2002 10:42 pm
Location: New York

Re: Tables visited by a user

Post by Gary Morris » Thu Aug 02, 2012 1:17 pm

Or if you want to use SE16N protect the table by an authorization group and assign the authorization group in auth object S_TABU_DIS in their role. Don't allow group &NC& and if needed assign that table to a group as &NC& means the table has not been assigned a group.

The reason auditors tell you not to user SE16 is because you don't have documentation showing which tables and groups you are protecting as critical. If you have documentation auditors will not flag you on using SE16, if they do, then they are ignorant.
Gary Morris
SAP Security Consultant
garydavidmorris@gmail.com

Post Reply