However, you need to be careful. This transaction will always tell you which transactions a user should be able to start, but it doesn't in one comprehensive way tell you what they can do within the transaction once it has started. Such a report is the "Holy Grail" of security reporting. I do not believe that developing a conclusive report describing everything someone can do is a realistic possibility.
Dig Deeper on SAP security
Related Q&A from Corwin Slack
A SearchSAP.com reader wants to know how to grant a user access to cost centers, as well as access to one cost element across all cost centers. Continue Reading
Learn how to stop SAP users from displaying HR table contents in an SAP table without restricting access to an SE16N transaction. Continue Reading
A SearchSAP.com reader who stores user email addresses within the SAP SU01 transaction code and wants to know where to locate the data. Continue Reading