Davatec Consulting

How to create a transaction

for a Report Painter Report

Includes
- Step-by-Step instruction to create the transaction
- Instructions to configure the transaction for Security
- SAP Security role setup

V 1.0 – Tested & applied on a ECC 5.0 system – April 2009

Copyright © 2009 - Davatec Consulting, Inc. http://www.davatec.com

e-Mail: work@davatec.com
 Davatec Consulting
How to Create a Transaction Code for Report Painter
Reports
By Jon Davatz, President, Davatec Consulting
In many organizations, the usage of transaction GR55
has been removed from end users and the usage of
custom transaction for Report Painter report is
preferred.
These transactions need to be added to roles & also
transported via the SAP Transport system and go
through change control
One mistake is to create Variant Transactions that add
another layer of objects to maintain and transactions
that are not easily accepted by the end user
community:
The user will then have to navigate past the selection
screen where the report group is selected.
Another common mistake is that users create the
transaction code with the SAP-generated program
name of the Report Painter report.
The users usually runs the report and via the menu
path system status identifies the SAP generated report
Copyright © 2009 - Davatec Consulting, Inc.
name, such as
GP4D9W908VD93NG59JGEC5C4HE3200 in the
development system or in the productive system as
GP4D9W908VD93NG59JGEC5C4HE3400. Both
program names look identical except for the last 3
digits, which represent the client in which the report
was generated.
Because you don’t have control over the SAP-
generated program name, you run into problems when
the user tries to execute the program and a short
dump may occur or the system may tell the user that
the program doesn’t exist.
The right approach is to create a Parameter
Transaction, map this transaction to the necessary
objects in SU24 so that you can make sure that you
won’t run into any authorization issues when the user
runs the reports.
To create a custom transaction, you need to use
transaction SE93 in the development client where
your program development & configuration takes
place.
Enter a transaction with the naming convention
that your organization has issued and select the
‘create’ button:
Enter a short description (according to naming
standards of your organization) and select the
option ‘Transaction with parameters’:
http://www.davatec.com
e-Mail: work@davatec.com
 Davatec Consulting

Enter transaction ‘START_REPORT’ as shown below

(1) and select the ‘Skip Initial Screen) (2):

If you want to run the authorization analysis via

ST01, you can find out easily what the values for
S_Program should be:
In the lower section, enter Screen Field
D_SREPOVARI-REPORTTYPE with the value RW for
Report Writer and D_SREPOVARI-REPORT for your
report name. If you should have extended a
extended report name, you also can add this screen
field with the appropriate value D_SREPOVARI- Once you have identified the objects & values, you
EXTDREPORT to the list of screen fields. can then map the object to the transaction with
transaction SU24:

Add all objects needed to run this report (you can

find out the objects via your trace analysis):
After saving the transaction, the system asks you
for a package & transport request. Follow the
development standards & instructions from your
organization.

Once you have created the transaction, you need

to make sure that it will be fully functional from a
SAP Security standpoint. Use transaction SU24 to
map the object S_Program to the transaction you
have just created. The authorization group is the
name of the Library with the prefix of RW_. You
can find out the library via the report group or by Switch the indicator to check/maintain:
running a trace. (This is helpful if you did not
create the report and don’t know what library the
developer was using).

Enter the values according to your findings

Copyright © 2009 - Davatec Consulting, Inc.

http://www.davatec.com
e-Mail: work@davatec.com
 Davatec Consulting

Jon Davatz is president and owner of

Davatec Consulting, Inc., which
specializes in SAP Security &
Governance, Risk & Compliance.
His SAP career started in 1990 working
with R/2 systems in Europe and he
continued to expand his expertise in
1995 to BW and R/3 Systems. He also
developed one of the first profile
generators in SAP back in 1996 and
worked with many clients in the USA,
Europe & Latin America.
Please visit http://www.davatec.com/
Don’t forget to double-check the values. You may
for more information or contact him via
want to make selections regarding on how the user e-mail: work@davatec.com.
can run the report according to your company
guidelines and development standards:

When the SAP Security Administrator maps the

newly created transaction to a role, the objects
needed for this transaction will be automatically
pulled into the role:

Depending on your SAP Security setup, the values

of the individual authorizations for Report Writer
may be more granular or with access to a broader
area.

Copyright © 2009 - Davatec Consulting, Inc.

http://www.davatec.com
e-Mail: work@davatec.com