Question:
Hi all,
At our company we are using individual transactions for each table.One trnasaction for display only and one for maintainence.We are considering to use authorization groups implement the data security .I know that it would decrease the effort for maintaining.Are there any other advantages?
Thanks,
Manjeera
Answer:
Hi all,
At our company we are using individual transactions for each table.One trnasaction for display only and one for maintainence.We are considering to use authorization groups implement the data security .I know that it would decrease the effort for maintaining.Are there any other advantages?
Answer:
It will simplify things if you have a logical set of auth groups on all tables which you would not want people viewing or updating
Answer:
Hi all,
At our company we are using individual transactions for each table.One trnasaction for display only and one for maintainence.We are considering to use authorization groups implement the data security .I know that it would decrease the effort for maintaining.Are there any other advantages?
Thanks,
Manjeera
Use authorization groups. Unless you create your own table maintenance dialog for each transaction you'll need them anyway. This kind of transaction simple-mindedness gives SAP security a bad name. S_TABU_DIS with display or change and a rational set of authorization groups (no not one per table) is quite sufficient).
You do know that if you don't explicitly grant access to a table authorization group (including &NC& for unassigned tables) no one will see or change the table using SAP's standard table browsing and maintenance tools.
_________________
bwSecurity
Answer:
It depends on how many tables you want to maintain and to what extent you have mutilated your security design already.
The question is which strategy is most efficient given what you have and your knowledge of it.
The error is typically in the design.
Tarr