User Information System
The User Information System (transaction SUIM) is a set of reports on user-authorization data which allows security administrators to query on authorization data . SUIM is all the more important since standard table maintenance transactions like SE16 are restricted from many users in productive systems.
The initial SUIM screen shows us all the defined reports from which we can select and execute the ones needed for our analysis. We can query for users, roles, profiles, authorizations, authorization objects as well as on the change documents for any of these objects.
We take an example report, “Roles by Complex Selection Criteria” and search for roles with access to the transa ction SU01 and the authorization object S_USER_GRP.
The query results show all roles which match the selection criteria.
Hey thanks for this nice and interesting post. But I still do not understand the first part though! – Tandarts
Hi Reeshof,
Thanks for your comments! I believe your confusion is regarding the first paragraph where I talk about SE16. I will try to explain.
SE16 is the transaction which depending on the users’ authorization will let him display any table defined in SAP Data Dictionary. The data returned by SUIM is also from the same tables. So as long as you know the tables from which SUIm is reporting from, you can get the same data from SE16. I plan to do a future post on the security and user tables.
However, in many productive clients, SE16 is restricted from end users as if not restricted at the table level it can give access to a lot of sensitive data. So if you want to report on security data and you do not have SE16 then SUIM is one of the best options that you are left with.
Hope this helps!
Regards,
Aninda
HI Aninda,
I keep coming back to your website for my queries…
It would be great if you can write an article on interpreting output of ROle comparision in SUIM for ECC6 version..
Role comparision output is quite different in ECC5. I have to run role compare on a regular basis and i am having to do it manually as i am finding it difficult to understand the output of SUIM role comparision in ECC6
Hi Aninda can you ps give some more examples how you u have given this example as below
“Roles by Complex Selection Criteria” and search for roles with access to the transa ction SU01 and the authorization object S_USER_GRP.
Regards,
Sumit
Hi Aninda,
Can you pls give some more examples how you u have given this example as below
“Roles by Complex Selection Criteria” and search for roles with access to the transa ction SU01 and the authorization object S_USER_GRP.So that beginners can get good knowledge on SUIM..
Regards,
Sumit
Hi Sumit,
Think of all the SUIM reports as a very use friendly select statement and the selection conditions you enter are part of the where clause in the query. For searching with S_USER_GRP just put in this objects in the authorization objects section, enter the group name and execute the report. you should get a list of roles with this user group maintained in S_USER_GRP.
Regards,
Aninda
Hi Aninda,
Appreciating your effort towards this site. I have a doubt like, How can we download “the list of users by Company Code”. Can you drop me a line on this please..! Thanks in Advance..
Ranjit