Last week, I was trying to find out if a user forcefully run a program by “by-passing” the authority check function in Test.
After scanning some sap standard programs by basis, I bumped into these transaction codes – sm20/sm21.
Although this is the first time I have used these tcodes, it did wonders for me so I have decided to share it.
I have a limited access to run a program (even in DEV) that edit the transport’s status so I need to “by-pass” authority check.
I did succeed however in making the edit button displayable – see below highlighted:
Now, one method to trace this is by using sm20
This we can track the ff in the “Audit classes” or the items to be tracked on by simply ticking
Enter the client and the user if you know
press enter and then F8
You will see a consolidated security log like below – focus on the highlighted in orange
It says that the user (me) tried to change the SY- SUBRC field in program LSTR9U03
and this is exactly what we did in debug mode
Now the other tcode is SM21.
SM21 as per sap docs is the system logs that logs all the system errors, warnings, user locks due to failed logon attempts from known users etc.
Now we enter the date/time and the user we need to spy on 😀
it says that the user is trying to change the SY-SUBRC of program LSTR9U03 – same as in sm20 output too.
There is also a more detailed technical info once you double clicked a record
going back to the sm21 selection screen, we can see a button called “Use old System log tcode”
This is just the old tcode but will yield as much as the same output but of course with the previous layout
No client filter so both clients 111 and 222 shows up
a more technical view also will display once a record was double clicked