SU01 Myths

Many of us have used/using SU01 transaction code. But, did you know some facts about it???

  • SU01_NAV is the “navigation” version of SU01, which is rarely used in SAP (its actually meant for developers).
  •  Transaction codes OMDL, OMEH, OMWF, OPF0, OTZ1, OY27, OY28, OY29, OY30, GCE1, OMDL, OOUS are considered as Backdoor transaction codes for SU01. Only the forensic auditors look into these.
  •  Personalization tab is the rarely used tab in SU01. I am sure, most of the security consultant doesn’t know the purpose of it? It is used to assign the personalized objects which has some default settings such as e.g Workflow/Approvals , User layouts etc., Table SPERS_OBJ holds the information. It can be maintained using Class CL_PERS_ADMIN.
  •  EWZ5 and EWZ6 are the alternative transaction codes (infact classified as most confusing transaction codes.. don’t use if you are not sure on how to use them) used to lock/unlock users.
  •  It is not possible to restrict the authorization to only password reset with authorization objects (works along with the lock activity) – Solution is to create a transaction variant and remove the other buttons.
  •  Renaming user is the option which is rarely used in SU01.

Author - Raghu Boddu

Raghu is a SAP Security specialist with expertise in SAP Governance, Risk Management, Compliance and SAP Forensic Security. He is a regular blogger of topics like Security, Governance & Compliance, Application Security, Technology and other trending topics.

VN:F [1.9.22_1171]
Rating: 9.5/10 (15 votes cast)
SU01 Myths, 9.5 out of 10 based on 15 ratings

Share This Post

Related Articles

Leave a Reply

© 2020 SAP Security Expert. All rights reserved. · Entries RSS · Comments RSS
Managed by 7n Domains