Tables are protected for data access by the S_TABU_DIS object. An important input here is the authorization group. The relationship between tables and authorization group is stored in table TDDAT. STDDAT has functions to mass maintain and check the authorization group to table relationships.
Questions that will be answered in this blog are:
How do I find and remove inconsistent entries in TDDAT table?
How do I find dangerous items in TDDAT table?
When you start transaction STDDAT, hit the button Consistency in the first screen:
Wait for the results:
Select the entries and delete with or without transport.
Finding dangerous entries in TDDAT
In the Authorisation group there are two types of entries to check:
Space: what will happen?? Vague!
&NC&: everybody can access
Select these on the first screen as input for field Authorization Group and press execute:
Select the entries you want to change and press the Assign button:
Some standard SAP tables are delivered by SAP as customizing tables with transports, but which are logically and business wise application tables and are maintained directly in production by business people. Example is the currency exchange rate table.
This blog will explain the option and best practices to overcome this.
Questions that will be answered:
What are current settings and how does it work?
When and how to de-customize a standard SAP table?
Current settings is bit of hidden feature in SAP systems. Per customizing object you can select if it is using the current settings option or not.
To do this, start transaction SOBJ and select the customizing object or table. The current setting flag is indicated on the example picture below for the currency conversion rate table:
The effect of the Current Settings is as follows: if the system client in SCC4 is set to “Productive” the transport flags are ignored, and the user can directly update the table and save the changes without transport request popup.
On a development or quality system the “Productive” setting is not there and the SAP system will prompt you for transport request. Especially on quality systems this can be quite annoying.
If you want a customizing table to be maintainable directly on development and quality systems, without transport request, you have to de-customize the customizing table.
Always ask for approval for procedure below and document the tables for which this procedure was applied. Pending on your business security and regulatory requirements more approvals and documentation can be needed.
The de-customization procedure
Step 1 starts with transaction SE11 to call up the table. This you have to doc in the development system. In the delivery and maintenance tab the delivery calls normally shows as type C (customizing).
Now edit and change it to type A (application):
In most cases this will do the trick. The change itself you have to put in a transport request.
Step 2 would be to re-generate the maintenance view and de-activate the recording routine. This should look as shown on picture below:
Also this change must be executed on development system and must be put in transport request.
Step 3 is to move the transport request into the quality and later productive system.
RSA1 settings to avoid transport popup for BI objects
Some settings in RSA1 like process chain starters you want to set locally per system. Default SAP asks you for a transport. In RSA1 you can overrule this. Select Transport Connection on the left hand side. Then select the button Object Changeability on top. In the popup right click on the Not Changeable and set it to Everything Changeable for the items that you don’t want a transport popup to come.