Authorizations for S_TCODE
In this expert response, Corwin Slack discusses how SAP may require many authorizations for conducting different SAP transactions and the importantance of SAP security professionals to be familiar with authorization concepts.
I run RSUSR002 and search for S_TCODE as the authorization object and SE30 as the program name. I appear on the resulting report as someone who can run SE30. But, when I try SE30 I am blocked and told I'm not authorized.
Where do I look to get the truth about which transactions our users can execute? I'd prefer not to have to do it one user at a time. I am approaching this from the "who can do a SE11" point of view.
Many thanks.
Authorization for S_TCODE is a necessary but not sufficient condition for starting an SAP transaction from the session manager or the Command box of the SAPGUI. There are frequently additionally authorization checks before a user can complete the transaction.