Thanks Sridhar. Good Demo! Maybe you can add one more on the difference - from the control point: By S_TABU_DIS, user can access to all tables in that Authorization group, using S_TABU_NAM, user can only access the specific tables that specified.
Hello Sir, I'm watching your videos and learned many things which are really new to me. You have an excellent knowledge and your explanations are so good. Requesting you to not stop uploading videos on SAP security and GRC. People like me would learn a lot from you!!! Thanks!!!!
You would have accessed the other table under Authorization group SC with TEST_DIS and the same TEST_NAM would not be able to do it as he just have access to USR02.
Excellent explanation sir. I can understand all your videos and they are very easy to understand. I am a security consultant please upload some sap security interview questions more and also sap grc access control videos. Thank you in advance.
Hello sir, Thank you the videos are really helpful. And very amazing. I have understand all the doubts regarding this. Please request you to upload su25 sap upgradation steps video. Thanks, Rajdip
Good video , but you forgot one main point that is if we assign user group remaining tables will get access related to that particular auth group , but we assign table directly , we will get access only for that particular table access only .
What is checked first by the system during the trace, S_tabu_nam or S_tabu_dis? Please have a look at funcion module View_Authority_check for the logic and help us to understand it.
Which one will take precedence while executing ?? Say, if a role contains both objects and DIS is having Change activity for particular group and NAM is having Display activity for one of the table in same group. In this case for that table, will user get access to Change or Display ??
@pankaj kumar ts First DIS gets executed and as the table is present in the group of DIS , it gets edit function. NAM function is helpful for the tables which are out of the table group mentioned in DIS.
10 mintues to say: S_TABU_NAM restricts access to specific tables altogether. S_TABU_DIS limits the ability to view table contents through specific transactions