Professional Documents
Culture Documents
Kindlyprovideyourvaluablecomments/feedbacksothat
itwillbehelpfulformeandothers.
Overview:
Aspartofauditorsecurityactivities,wemayneedtogetactiveuser
IDs,roles,profiles,changedocumentsetc.,Togetthosedetails,we
needtousemanyreportsintheABAPsystem.for
example:RSUSR002reportforuserselectionbycomplexcriteriaetc.,we
cantrememberallthereportshenceSAPgaveallthereportsexecution
optionstogetherinsingletransactionthatisSUIM.
InialScreen:
TheSUIMinitialscreenlookslikebelowattachedscreen.wehavethe
optionsforsortingusers,roles,profiles,authorizations,authorization
objects,transactions,comparison,whereusedlistandchange
documents.
UserNode:
Usernodewillbeusedtoextractthelistforusersbasedonour
selectioncriteria.forexamplewecangetlockeduses,userswhoever
havingparticularrolesorprofilesorbyaddressdata,userswhoever
havingaccesstoparticulartransactionetc.,
hereis,attachedsamplescreenshowsusersbycomplexselection
criteria.youcanapplymultipleselectionconditionssimultaneously.
furtherselectionconditionsfortheusersareshowinginthebelow
screen.ifCUAisconfigured,youcancheckusersbysystem,roles,
profilesandlicensedata.
Rolesnode:
SUIMisusefultoolforsearchingrolesandprofiles.Ifyouwantto
assignalistoftransactionstoparticularuserID,thenyoucansearch
therolesbytransactionassignmentinSUIMandassignthoserolesto
thatuserID.
forexample,Iwanttolisttheroleswhichhasthetransactions
DB02,ST06andSU01.doubleclickonByTransactionAssignment
andprovidethetransactionswithANDconditions.youwillgetthelist
ofroleswhichhasthespecifiedtransactions.
Likethisway,youcansortouttherolesbyname,assignmentand
multipleselectionconditionstogether.
Profiles,authorizationsandauthorizationsobjects:
searchingtheprofiles,authorizationsandauthorizationsobjectsare
sameasrolessearchinSUIM.youcansearchtheprofilesbasedon
thename,profilesbyrolesandothermultipleselectioncriteria.
Transactions:
Wecansearchthetransactionsinaparticularrolesorexecutableby
usersetc.,forexample,IfIwanttolistoutthetransactionswhichare
executableforuserAAA,IcanusetheoptionExecutablebyuser.in
thisway,youcancangettransactionslistwithmultipleselection
conditions.
IfyouexecutewithDDICuserID,itwillshowstransactionswhichare
executableforDDIC.
Comparison:
SUIMmakesyoutocomparetwousers,roles,profiles,authorizations
andusercomparisonacrossthetwosystems.here,Ihavecompared
DDICuserIDwithADSCALLER.thecomparisoncolumnwillberedif
thetheobjectisnotassignedinanyoneoftheuser,yellowobjectis
existsbothoftheusermasterdatabutfiledlevelaccessisindifferent,
greenforboththeuserIDhastheauthorizationobjectwithsamefield
levelaccess.
Likethisway,youcancompareroles,profilesetc.,
WhereUsedList:
Whereusedlistwillbeusedtoextractdetailsaboutparticularroles,
profilesetc.,whereitisbeingusedinthesystem.forexample.,Ineed
togettheroleZ_xx_yyassignmenttotheusers.soIcansimplyuse
theWhereusedlisttofindoutwhoarealltheusershavethisrole.
ChangeDocuments:
ThisoptionisreallyusefultotrackthechangesinuserID,roles,role
assignmenttousers,profilesandauthorizations.wecangetlast
changednamelistinSU01orPFCGitselfhoweverwedontknow
whatchangehasbeendone.SUIMwillprovidethefeaturetotrack
thechangesdoneinuserID,roles,profilesbydate,month,yearetc.,
HereIamstoppingthedocument,butifyouarenewtoSUIM
transaction,Pleasecheckindividualnodesandoptionsindetail.Itis
verysimpleandunderstandabletransaction.
Pleasereferthelink
https://help.sap.com/saphelp_nw04/helpdata/en/52/671261439b11d1
896f0000e8322d00/content.htmformoreinformationabouttheSUIM
transaction.
Kindlyprovideyourvaluablecomments
Cheers,
Pradeep
AlertModerator
Bethefirsttoleaveacomment
YoumustbeLoggedontocommentorreplytoapost.
Share&Follow
Privacy TermsofUse LegalDisclosure Copyright Trademark Sitemap Newsletter