Users V Transactions

Question: Hi

Just wondering if there is a standard transaction for producing a list of users and their authorised transactions. I know you can do it for one user at a time in the User Info System, but can't seem to find where to get the info for a range of users

I know it's gonna be a big list, but we are being audited at the moment and that's what they've asked for

Cheers
RF

Answer:
I am moving this one to the Security forum.

Answer:


I know it's gonna be a big list, but we are being audited at the moment and that's what they've asked for

Cheers
RF
If they (auditors) are not performing the test (i.e. downloading it themselves) then what they are doing is questionable from an audit point of view. How do they have confidence over what you download (potentially edit) and give to them.

As far as I know there is no report which will give this info straight away, you can create a query using USR01, AGR_USERS and AGR_1251 (filtering on S_TCODE) which will give a rough list of the transactions they can start.

Turn it around on them by asking how they recommend you get the data. The main auditing firms have tools to do this, why aren't they using them?

Answer:
Thanks Al

Managed to create the query using the tables you suggested.

Might also take up your suggestion on asking them how I should get the data

Cheers
RF

Answer:
Do Note that using the AGR_xxx tables will not guarantee the answer is correct. The AGR tables are playgroungs to create a profile and do not have to match the real secrity in the system. You can generate a profile in PFCG and then delete all the tcodes in the menu and not regenreate and the AGR_xx table says they will not have access but they will.. The USRxx are the most accurate followed by the USTxx, though those get out of sync over time.

Answer:
The first thing I do in the morning is get out of sync.