You are on page 1of 7

transaction.

Kindlyprovideyourvaluablecomments/feedbacksothat
itwillbehelpfulformeandothers.

Overview:

Aspartofauditorsecurityactivities,wemayneedtogetactiveuser
IDs,roles,profiles,changedocumentsetc.,Togetthosedetails,we
needtousemanyreportsintheABAPsystem.for
example:RSUSR002reportforuserselectionbycomplexcriteriaetc.,we
cantrememberallthereportshenceSAPgaveallthereportsexecution
optionstogetherinsingletransactionthatisSUIM.

InialScreen:

TheSUIMinitialscreenlookslikebelowattachedscreen.wehavethe
optionsforsortingusers,roles,profiles,authorizations,authorization
objects,transactions,comparison,whereusedlistandchange
documents.

UserNode:

Usernodewillbeusedtoextractthelistforusersbasedonour
selectioncriteria.forexamplewecangetlockeduses,userswhoever
havingparticularrolesorprofilesorbyaddressdata,userswhoever
havingaccesstoparticulartransactionetc.,

hereis,attachedsamplescreenshowsusersbycomplexselection
criteria.youcanapplymultipleselectionconditionssimultaneously.
furtherselectionconditionsfortheusersareshowinginthebelow
screen.ifCUAisconfigured,youcancheckusersbysystem,roles,
profilesandlicensedata.
Rolesnode:

SUIMisusefultoolforsearchingrolesandprofiles.Ifyouwantto
assignalistoftransactionstoparticularuserID,thenyoucansearch
therolesbytransactionassignmentinSUIMandassignthoserolesto
thatuserID.

forexample,Iwanttolisttheroleswhichhasthetransactions
DB02,ST06andSU01.doubleclickonByTransactionAssignment
andprovidethetransactionswithANDconditions.youwillgetthelist
ofroleswhichhasthespecifiedtransactions.

Likethisway,youcansortouttherolesbyname,assignmentand
multipleselectionconditionstogether.

Profiles,authorizationsandauthorizationsobjects:

searchingtheprofiles,authorizationsandauthorizationsobjectsare
sameasrolessearchinSUIM.youcansearchtheprofilesbasedon
thename,profilesbyrolesandothermultipleselectioncriteria.

Transactions:

Wecansearchthetransactionsinaparticularrolesorexecutableby
usersetc.,forexample,IfIwanttolistoutthetransactionswhichare
executableforuserAAA,IcanusetheoptionExecutablebyuser.in
thisway,youcancangettransactionslistwithmultipleselection
conditions.
IfyouexecutewithDDICuserID,itwillshowstransactionswhichare
executableforDDIC.

Comparison:

SUIMmakesyoutocomparetwousers,roles,profiles,authorizations
andusercomparisonacrossthetwosystems.here,Ihavecompared
DDICuserIDwithADSCALLER.thecomparisoncolumnwillberedif
thetheobjectisnotassignedinanyoneoftheuser,yellowobjectis
existsbothoftheusermasterdatabutfiledlevelaccessisindifferent,
greenforboththeuserIDhastheauthorizationobjectwithsamefield
levelaccess.

Likethisway,youcancompareroles,profilesetc.,

WhereUsedList:

Whereusedlistwillbeusedtoextractdetailsaboutparticularroles,
profilesetc.,whereitisbeingusedinthesystem.forexample.,Ineed
togettheroleZ_xx_yyassignmenttotheusers.soIcansimplyuse
theWhereusedlisttofindoutwhoarealltheusershavethisrole.

ChangeDocuments:

ThisoptionisreallyusefultotrackthechangesinuserID,roles,role
assignmenttousers,profilesandauthorizations.wecangetlast
changednamelistinSU01orPFCGitselfhoweverwedontknow
whatchangehasbeendone.SUIMwillprovidethefeaturetotrack
thechangesdoneinuserID,roles,profilesbydate,month,yearetc.,
HereIamstoppingthedocument,butifyouarenewtoSUIM
transaction,Pleasecheckindividualnodesandoptionsindetail.Itis
verysimpleandunderstandabletransaction.

Pleasereferthelink
https://help.sap.com/saphelp_nw04/helpdata/en/52/671261439b11d1
896f0000e8322d00/content.htmformoreinformationabouttheSUIM
transaction.

Kindlyprovideyourvaluablecomments

Cheers,

Pradeep

AlertModerator

Bethefirsttoleaveacomment
YoumustbeLoggedontocommentorreplytoapost.

Share&Follow
Privacy TermsofUse LegalDisclosure Copyright Trademark Sitemap Newsletter