This code is used to view table data. This is a high data security risk since the user can access confidential data. It also causes performance hit when large tables are viewed. This tcode must be restricted to few users or firefighter ids.
You can see the initial screen. Here we enter the table name to be viewed and hit the enter button and click on the view data button .
You will see the next selection fields appear as shown below. YOu have to enter your selection criteria so that only selected data can be view. Normally almost all tables are large in size so its better to view only selected data. IF you try to view the whole data of the table it takes long time to display and performance of the server get s hit .
S_TABUS_DIS is checked for authorization of SE16. One can give display activity ( 03) only to and end user for this tcode and authorization group DICERBLS field is also checked. give 03 activity and authorization group which the user belongs to for restricting access. YOU should not give 02 activity. If given the user can do changes to table data which gives rise to data integrity issues...
The user must be in a particular USER group like FI to view FI tables or CO to view CO tables. Without user group assignment one cannot see the respective tables. These user groups are maintained using tcode SUGR. These user groups are different from the logon user groups which has entirely different purpose.
It is recommended that custom reports or Tcode are to be generated with particular variants and given to end user. SE16 should no be given to end user. On can create CUSTOM Queries using SQVI tcode and custom transaction using SE93.
This blog provides you information on SAP basis & security. Concentrates on Basis Tips and information.
Subscribe to:
Post Comments (Atom)
Saturday, May 3, 2008
The se16 tcode.
This code is used to view table data. This is a high data security risk since the user can access confidential data. It also causes performance hit when large tables are viewed. This tcode must be restricted to few users or firefighter ids.
You can see the initial screen. Here we enter the table name to be viewed and hit the enter button and click on the view data button .
You will see the next selection fields appear as shown below. YOu have to enter your selection criteria so that only selected data can be view. Normally almost all tables are large in size so its better to view only selected data. IF you try to view the whole data of the table it takes long time to display and performance of the server get s hit .
S_TABUS_DIS is checked for authorization of SE16. One can give display activity ( 03) only to and end user for this tcode and authorization group DICERBLS field is also checked. give 03 activity and authorization group which the user belongs to for restricting access. YOU should not give 02 activity. If given the user can do changes to table data which gives rise to data integrity issues...
The user must be in a particular USER group like FI to view FI tables or CO to view CO tables. Without user group assignment one cannot see the respective tables. These user groups are maintained using tcode SUGR. These user groups are different from the logon user groups which has entirely different purpose.
It is recommended that custom reports or Tcode are to be generated with particular variants and given to end user. SE16 should no be given to end user. On can create CUSTOM Queries using SQVI tcode and custom transaction using SE93.
You can see the initial screen. Here we enter the table name to be viewed and hit the enter button and click on the view data button .
You will see the next selection fields appear as shown below. YOu have to enter your selection criteria so that only selected data can be view. Normally almost all tables are large in size so its better to view only selected data. IF you try to view the whole data of the table it takes long time to display and performance of the server get s hit .
S_TABUS_DIS is checked for authorization of SE16. One can give display activity ( 03) only to and end user for this tcode and authorization group DICERBLS field is also checked. give 03 activity and authorization group which the user belongs to for restricting access. YOU should not give 02 activity. If given the user can do changes to table data which gives rise to data integrity issues...
The user must be in a particular USER group like FI to view FI tables or CO to view CO tables. Without user group assignment one cannot see the respective tables. These user groups are maintained using tcode SUGR. These user groups are different from the logon user groups which has entirely different purpose.
It is recommended that custom reports or Tcode are to be generated with particular variants and given to end user. SE16 should no be given to end user. On can create CUSTOM Queries using SQVI tcode and custom transaction using SE93.
1 comment:
One you are in the record itself, you can use /h to turn on debugging. double click the code variable. change it's value to "EDIT" or "DELETE." Click "Run to End." This allows you to edit and delete records directly in the table. This is not advised in ECC, but it's a common troubleshooting and resolution technique in CRM and SRM.
ReplyDelete
Subscribe to:
Post Comments (Atom)
One you are in the record itself, you can use /h to turn on debugging. double click the code variable. change it's value to "EDIT" or "DELETE." Click "Run to End." This allows you to edit and delete records directly in the table. This is not advised in ECC, but it's a common troubleshooting and resolution technique in CRM and SRM.
ReplyDelete