Skip to Content
Author's profile photo Former Member
Former Member
Posted on August 6, 2012 1 minute read

Transaction to Role Mapping

Follow RSS feed
0 Likes 5,152 Views 1 Comment

Transaction to Role Mapping Document

This is used during the design phase to help to view the roles in an easy-to-read format and help the SAP Security Team communicate to the functional teams, the security roles being configured.

Step 1

In PFCG Create a Composite Role ZROLEMATRIX

Assign all single roles

Save

Step 2

Go to SUIM

Pull a list of transactions executable for our created role ZROLEMATRIX and download them in an excel

Get a list of single roles in composite role ZROLEMATRIX

Now paste transactions in column and roles as rows in excel Compare.xls

To Paste Roles in a Row,

(Copy the data in the Columns

Before you paste the copied data, right-click your first destination cell, and then click Paste Special.

In the Paste Special dialog box, select Transpose, and then click OK

Select the Roles and then Angle CounterClockwise).

Step 3

Get Role details,

Go to SE16 ,AGR_1251

Give Role as Z* and object as S_TCODE

Copy this data into another Worksheet (in excel Compare.xls)

In a new column concatenate the role  and transaction using the ‘&’ operator. e.g.: A1&B1

In the next column add just ‘X’ – This will be the value placed in the matrix.

Step 4

Use the following formula to populate the matrix:

=IF(COUNTIF(Compare!$C$1:$D$2865,$C$1&$A3),VLOOKUP($C$1&$A3,Compare!$C$1:$D$2865,2,FALSE),” “)

/wp-content/uploads/2012/08/p_126695.png

RESULT

I.png

NOTE: Please note that this method won’t work for mapping the transaction values with * (For example SU*,MM* being directly assigned in S_TCODE).

Assigned tags

Related Blog Posts

    Related Questions

      /
      /wp-content/uploads/2012/08/p_126695.png
      I.png
      1 Comment
      You must be Logged on to comment or reply to a post.
      • Author's profile photo Former Member
        Former Member

        It’s a proper spreadsheet, which can be gained by doing so as Malti RFeddy discripes.
        I suppose it can be easier to get this table by using the excel-feature PIVOT:

         

        Go to SE16 ,AGR_1251’.

        Give Role(AGR_NAME) <> ‘SAP*’, Object(OBJECT)  = ‘S_TCODE’ and DELETED = blank .

        Copy this data into a worksheet (in excel Compare.xls).

            

        With Excel:
        1. Prepare Pivot table creation: erase all columns except Roles and
        Transactions and erase all empty lines, create column headings, 2. Complete Spreadsheet: Mark both columns and select ‘Insert’, ‘PivotTables’ . . . Drag and drop ‘Authorization Value’(Transactions) to lines, ‘Roles’ to columns and to values. Exchange all ‘1’s by ‘X’s. Ready.