The power of SUIM
SUIM is a powerfool tool that comes in quite handy for the IT appartment when working with roles and authorizations. In short words, SUIM is a transaction that makes it possible to make complex search across users, roles, transactions and authorization object. In this blog, I will go true som scenarios where SUIM fits perfect. Scenario 1 – User is missing a TCODE A user tries to start a transaction, but get the error message that it doesnt have the right authorization to start it. Navigate in the Structure: User Information System – Roles – By Transaction Assignment Enter the Transaction code (my example: FBL5N) and run As output you get a lot of roles Result:SAP_AUDITOR SAP_AUDITOR_BA_FI_AP SAP_AUDITOR_BA_FI_AR SAP_AUDITOR_TAX SAP_AUDITOR_TAX_CML SAP_AUDITOR_TAX_FI SAP_CML_STAFF_ACCOUNTANT SAP_FI_AR_CHANGE_LINE_ITEMS SAP_FI_AR_DISPLAY_CUST_INFO SAP_RE_APPL If you have developed your own roles, this will also be listed out. Now that you have the roles, you either check your roledocumentation or open up the role in transaction PFCG to get an overview of what other transaction and authorization the role contain. After you find the right role, assign to the user in transaction SU01. Scenario 2 – User is missing Authorization Object A user starts a transaction, but are missing the right authorization to complete it. The user sends you a screenshot of transaction SU53, and you see that he/she is missing an authorization object Navigate in the Structure: User Information System – Roles – By Authorization Object Enter the Authorization Object (my example S_RFC) and run As output you get a lot of roles Result:SAP_BW_DEVELOPER SAP_CA_BFA_DATATRANSFER SAP_ECET SAP_EMPLOYEE SAP_EPM_PLANT_MANAGER SAP_FI_TV_ADMINISTRATOR SAP_FI_TV_MANAGER_GENERIC SAP_FI_TV_TRAVEL_ASSISTANT SAP_FI_TV_TRAVEL_MANAGER SAP_FI_TV_TRAVELER Find the right roles (as described in Scenario 1) and assign it to the user in transaction SU01. Scenario 3 – List all the transaction a user got access to A user got to wide access in the system, and you want a list of what he/she got access to Navigate in the Structure: User Information System – Transactions – Executable Transactions Enter the Username (my example ZFI_GLCLERK1) and run As output you get a lot of transaction. Check the roles that the transactions belongs and adjust the role assignment. Scenario 4 – Comparisons You have two users, and only one of them are experiencing a problem with a transacion. A good suggestion would be to compare this users. Navigate in the Structure: User Information System – Comparisons – Users Enter the Usernames (my example ZFI_AA_CLERK, ZFI_AACLERK) As output you get a list of all compared Objects assigned to the users This is just 4 scenarios that I often use, but the SUIM transaction can be used for much more. Use your imagination and try out different complex search and you will be surprised of what you find.