Thursday, June 13, 2013

Sensitive T-codes in SAP

We have few t-codes which come under sensitive t codes list like SU01,PFCG. But there are few T-codes in
System as well which can be classified under same when assigned with certain activity and fields values.

I have noted down few of them in below note :
SCC4 Client Administration
  S_TABU_DIS Table Maintenance (via standard tools such as SM30) (CM)
    ACTVT Activity
      With ANY of these values:
      01 01
      02 Change
    DICBERCLS Authorization group
      With ANY of these values:
      SS SS

STMS Transport Management System
STMS_IMPORT Import Queue
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_CTS_ADMI Transport Organizer
    ACTVT Activity
      With ANY of these values:
      IMPA Import
      IMPS Import

SM30 Call View Maintenance
SM31 Call View Maintenance Like SM30
  S_TABU_DIS Table Maintenance (via standard tools such as SM30) (CM)
    ACTVT Activity
      With ANY of these values:
      02 Change
    DICBERCLS Authorization group
      With ANY of these values:
      * ( Treat * as a wildcard ) *

SE38 ABAP Editor
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      06 Delete
      34 Write
  S_DEVELOP ABAP Workbench (CM)
    ACTVT Activity
      With ANY of these values:
      01 01
      02 Change
  S_PROGRAM ABAP: Program Flow Checks (CM)
    P_ACTION User action ABAP/4 program
      With ANY of these values:
      BTCSUBMIT BTCSUBMIT
      SUBMIT SUBMIT

SPRO Customizing - Edit Project
  S_PROJECT Project Management: Project authorization
    ACTVT Activity
      With ANY of these values:
      02 Change
      06 Delete
  S_TABU_DIS Table Maintenance (via standard tools such as SM30) (CM)
    ACTVT Activity
      With ANY of these values:
      02 Change
    DICBERCLS Authorization group
      With ANY of these values:
      * ( Treat * as a wildcard ) *

SU01 User Maintenance
  S_USER_GRP User Master Maintenance: User Groups
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change
  S_USER_PRO User Master Maintenance: Authorization Profile (CM)
    ACTVT Activity
      With ANY of these values:
      22 Enter, Include, Assign

SU10 User Mass Maintenance
SU12 Mass Changes to User Master Records
  S_USER_GRP User Master Maintenance: User Groups
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change
  S_USER_PRO User Master Maintenance: Authorization Profile (CM)
    ACTVT Activity
      With ANY of these values:
      22 Enter, Include, Assign

SU01 User Maintenance
  S_USER_GRP User Master Maintenance: User Groups
    ACTVT Activity
      With ANY of these values:
      05 Lock

SU10 User Mass Maintenance
SU12 Mass Changes to User Master Records
  S_USER_GRP User Master Maintenance: User Groups
    ACTVT Activity
      With ANY of these values:
      05 Lock

SU02 Maintain Authorization Profiles
  S_USER_PRO User Master Maintenance: Authorization Profile
    ACTVT ACTVT
      With ANY of these values:
      01 01
      02 02

SU03 Maintain Authorizations
  S_USER_AUT User Master Maintenance: Authorizations (CM)
    ACTVT ACTVT
      With ANY of these values:
      01 01
      02 02

PFCG Role Maintenance
  S_USER_AGR Authorizations: Role Check
    ACTVT ACTVT
      With ANY of these values:
      01 01
      02 02
  S_USER_GRP User Master Maintenance: User Groups
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change
  S_USER_PRO User Master Maintenance: Authorization Profile
    ACTVT ACTVT
      With ANY of these values:
      01 01
      02 02

RZ10 Maintain Profile Parameters
  S_RZL_ADM Transport Organizer
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change

SE06 Set Up Transport Organizer
  S_CTS_ADMI Administration Functions in the Change and Transport System
     CTS_ADMFCT Activity
      With ANY of these values:
      * ( Treat * as a wildcard ) *
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change

SE11 ABAP Dictionary
SE13 Dictionary: Technical Settings
  S_DEVELOP ABAP Workbench (CM)
    ACTVT Activity
      With ANY of these values:
      01 01
      02 Change

SE16 Data Browser
  S_TABU_DIS Table Maintenance (via standard tools such as SM30) (CM)
    ACTVT Activity
      With ANY of these values:
      02 Change
    DICBERCLS Authorization group
      With ANY of these values:
      * ( Treat * as a wildcard ) *

SA38 ABAP Reporting
SE38 ABAP Editor
  S_PROGRAM ABAP: Program Flow Checks (CM)
    P_ACTION User action ABAP/4 program
      With ANY of these values:
      BTCSUBMIT BTCSUBMIT
      SUBMIT SUBMIT

SE01 Transport Organizer (Extended)
SE09 Transport Organizer
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change

SE10 Transport Organizer
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      01 Create or Generate
      02 Change

SE01 Transport Organizer (Extended)
SE09 Transport Organizer
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      43 Release

SE10 Transport Organizer
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      43 Release

STMS Transport Management System
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      01 Create
      02 Change

STMS Transport Management System
STMS_IMPORT Import Queue
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      43 Release

STMS Transport Management System
STMS_IMPORT Import Queue
  S_DATASET Authorization for file access (CM)
    ACTVT Activity
      With ANY of these values:
      33 Read
      34 Write
  S_TRANSPRT Transport Organizer
    ACTVT Activity
      With ANY of these values:
      60 Import

SM36
  S_BTCH_ADM Background Processing: Background Administrator
    BTCADMIN Background administrator ID
      With ANY of these values:
      Y Y
  S_BTCH_JOB Background Processing: Operations on Background Jobs
    JOBACTION Job operations
      With ANY of these values:
      DELE DELE
      RELE RELE
  S_BTCH_NAM Background Processing: Background User Name
    BTCUNAME Background user name for authorization check
      With ANY of these values:
      "*" ( Treat * as a literal, see the screenshot below ) *

SM36
  S_BTCH_ADM Background Processing: Background Administrator
    BTCADMIN Background administrator ID
      With ANY of these values:
      Y Y
  S_BTCH_JOB Background Processing: Operations on Background Jobs
    JOBACTION Job operations
      With ANY of these values:
      DELE DELE
      RELE RELE
  S_BTCH_NAM Background Processing: Background User Name
    BTCUNAME Background user name for authorization check
      With ANY of these values:
      * ( Treat * as a wildcard ) *

SM64
  S_BTCH_ADM Background Processing: Background Administrator
    BTCADMIN Background administrator ID
      With ANY of these values:
      Y Y










Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)