Tuesday, June 28, 2011

Basis Critical Object: S_USER_AUT

Basis Critical object : S_USER_AUT

Definition
Authorization object, which is checked during authorization maintenance.
The check is made in the following authorization maintenance
transactions (Tools -> Administration -> User maintenance).
o SU03 - maintenance of authorizations
o SU02 - allocate authorization to a profile
Defined fields
This object is defined with the following three fields:
o Authorization object: The authorization objects, for which the
authorization administrator may maintain, delete, etc.,
authorizations, must be entered here.
o Authorization name: With this field, the authorization administrator
can be given a limited name space for the assignment of
authorization names.
It makes sense to do this when there are several adminstrators, so
that the authorizations are not maintained reciprocally or possible
internal naming conventions are adhered to.
o Activity: This field can be used to limit what the administrator may
do with the authorization.
Possible values:
- 01 = create
- 02 = change
- 03 = display
- 06 = delete
- 07 = activate
- 08 = display change documents
- 22 = assign authorization profiles
- 24 = archive
Example
Field Values
Authorization object S*
Authorization name *
Activity 01 - 06
With this authorization, the authorization administrator can create,
change, delete, and display authorizations of any name for all objects
beginning with S (Basis authorization objects). The administrator can
not, however, activate the authorizations or display the change
documents.

No comments: