Question:
Out of the box , High level thinking :
Parameter : auth/authorization_trace
Parameter : auth/test_mode
Short description: Jump to report RSUSR400 at every authority check
Parameter description :
If this parameter is set to Y, the system jumps to the ABAP report
RSUSR400 at each authorization check. There you can execute
statistics or additional checks.
Caution: 1. Syntax errors in report RSUSR400 paralyze the system!
2. The performance of the authorization checks is very
poor. Therefore do not switch it on.
What do you think , have you tried something on them , any ideas ?..
I mean has anyone tried to use them to build some USER stats log tables .
Answer:
Who ever discovered the syntax error might be able to help you
Julius
Answer:
That is NOT what this report does, Use ST03 or function modules SAPWL_WORKLOAD_GET_STATISTIC
SAPWL_WORKLOAD_GET_SUMMARY
to read the user activity collected by the collector batch job ( report rscoll00).
Heed the warning:
Caution: 1. Syntax errors in report RSUSR400 paralyze the system!
2. The performance of the authorization checks is very
poor. Therefore do not switch it on.
The intent of the report is to load SU24 values, but DO NOT START IT!
Answer:
syntax error is a gimic ... when some one will turn this one within secs he will find out the system is normal or not , so he will turn back it off and correct the report .. just test this on sandbox before bringing in on live system
Answer:
John i have already got the stats the other way like RBE tool func modules has used ,and the RFC Func module info , but i am not satisfied and i don't plan to use RSUSR400 code to do some thing in the system ?? don't want to touch USOBX/USOBT tables.
You get what i am doing ... trying to get all user -> tcode-> auth-> values.... STATS .. in a seperate custom table for past 12 months or so.
Once you get the information you can have the data run in SAP or other database like MSQL and you have TCODES/ORGANISATION LEVEL information also mapped to users.
Key is to Get all information from the kernel not from tables or files .
I told you earlier i am not advising anyone to do this or doing it , and i know it is NITRO stuff , just ideas only.
Answer:
The data is all there in SAP just not linked and does not have to be "exported", the STAT data resides in the system +/- 24 hours and is summaraized and you can configure ST03 to hold the summary for 12+ months ( there is actually a hidden Year field). You can use the user exit in MONI collector to get more info and the use the CDHDR and associated table and document created reports to get the rest of the data if you want to look at what the user USED as opposed to their access. or you could create a role with only their access and look in there...
Answer:
This parameter was used by SAP to build the USOB* tables for the profile generator. That is why they are so junky. Take SAPs advice on this one.
You could consier it for a sandbox system with one ow two users executing transactions for say a new SAP bolt-on such as PRA.
Answer:
Tried this one on sandbox , the auth/test_mode was switched to 'Y' and then i tried to put a break-point in the report RSUSR400 and it did not work ????
I tried this on 46C system , well i know kernel is going to bring the tcode/objects values to the report but to my surprise it did not pass thru the report. May be basis issue ??
Answer:
Interesting thing is the report says : RSUSR400 - Test Environment Authorization Checks (SAP Systems Only) ..
Is there a way in which you can find the installtion of sap is "Customer System " or "SAP System " .???