Problem solve Get help with specific problems with your technologies, process and projects.

Authorizations for S_TCODE

In this expert response, Corwin Slack discusses how SAP may require many authorizations for conducting different SAP transactions and the importantance of SAP security professionals to be familiar with authorization concepts.

Help an IT auditor, please!

I run RSUSR002 and search for S_TCODE as the authorization object and SE30 as the program name. I appear on the resulting report as someone who can run SE30. But, when I try SE30 I am blocked and told I'm not authorized.

Where do I look to get the truth about which transactions our users can execute? I'd prefer not to have to do it one user at a time. I am approaching this from the "who can do a SE11" point of view.
Many thanks.

This is the perennial audit question. Please get a good book on the SAP authorization concept.

Authorization for S_TCODE is a necessary but not sufficient condition for starting an SAP transaction from the session manager or the Command box of the SAPGUI. There are frequently additionally authorization checks before a user can complete the transaction.

Dig Deeper on SAP Basis