SAP Transaction SU21: A Step-by-Step Guide for SAP Users

Welcome to our tutorial on SAP transaction SU21, an essential transaction code used in SAP systems. In this tutorial, we will provide you with a detailed guide on how to effectively use SU21 to manage authorization objects in your SAP system. Whether you are a beginner or an experienced SAP consultant, this tutorial will equip you with the necessary knowledge to utilize SU21 efficiently.

Before we delve into the details, we would like to introduce you to a valuable resource that can enhance your SAP skills and help you become an expert in the field. Check out the SAP MM online video training offered by our expert SAP MM consultant, available at roadtoexpert.com. This comprehensive training program will provide you with in-depth knowledge and practical insights to boost your proficiency in SAP MM and accelerate your career growth.

Now, let’s begin our tutorial on using SAP transaction SU21.

What is SAP Transaction SU21?

SAP Transaction SU21 (Maintain Authorization Objects) is a transaction code used to manage authorization objects within the SAP system. Authorization objects are used to control user access to various functions and data in the system. SU21 allows you to create, modify, and maintain authorization objects, ensuring secure and controlled access to sensitive information.

Step 1: Accessing SAP Transaction SU21

To start using SU21, follow these steps:

1. Log in to your SAP system using your user ID and password.
2. Launch the SAP Easy Access Menu.
3. Navigate to the “Tools” folder and expand it.
4. Locate and click on the “Administration” folder.
5. From the sub-menu, select “User Maintenance.”
6. In the User Maintenance screen, click on “Authorization” and then select “Maintain Authorization Objects” to access the SU21 transaction.

Step 2: Understanding SU21 Transaction Screen

Once you have accessed SU21, you will encounter the SU21 transaction screen, which consists of various fields and tabs. Let’s explore each of them:

• Authorization Object: This section displays the list of authorization objects available in the system. You can search for a specific authorization object or browse through the list to find the one you need.
• Fields: In this tab, you can view and modify the fields associated with the selected authorization object. Each field represents a specific attribute or parameter that can be assigned values to control user access.
• Activities: The activities tab allows you to define the activities that can be performed on the selected authorization object. These activities include create, change, display, and delete.
• Authorizations: Here, you can define the specific authorizations or permissions associated with the selected authorization object. These authorizations determine the level of access granted to users.
• Dependencies: The dependencies tab displays any dependencies or relationships between the selected authorization object and other objects or programs in the system.
• Additional Data: In this tab, you can find any additional data or information related to the selected authorization object.

Step 3: Managing Authorization Objects with SU21

Using SU21, you can perform various actions to manage authorization objects. Here are some key functionalities:

• Create Authorization Object: To create a new authorization object, follow these steps:

  1. Click on the “Authorization Object” section and select an existing object as a reference.
  2. Click on the “Copy” button to create a new authorization object based on the selected reference object.
  3. Modify the fields, activities, authorizations, and dependencies as required for the new object.
  4. Click on the “Save” button to save the new authorization object.

• Modify Authorization Object: To modify an existing authorization object, follow these steps:

  1. Select the desired authorization object from the list in the “Authorization Object” section.
  2. Make the necessary changes to the fields, activities, authorizations, and dependencies of the selected object.
  3. Click on the “Save” button to save the modifications.

• Delete Authorization Object: To delete an authorization object, follow these steps:

  1. Select the desired authorization object from the list in the “Authorization Object” section.
  2. Click on the “Delete” button to remove the selected object from the system.
  3. Confirm the deletion when prompted.

Congratulations! You have successfully managed authorization objects using SAP transaction SU21.

Step 4: Exploring Additional Functionality

SAP transaction SU21 offers additional functionalities to enhance your authorization management processes. Here are some notable features:

• Search and Filtering: Use the search and filtering options in SU21 to quickly find specific authorization objects based on criteria such as object name, description, or field values.
• Transporting Authorization Objects: SU21 allows you to transport authorization objects between different SAP systems, ensuring consistency and synchronization across landscapes.
• Checking Authorization Object Usage: You can check the usage of an authorization object in SU21 to see which roles, profiles, or users have been assigned the object. This helps in troubleshooting and maintaining proper access control.

Conclusion

In this tutorial, we have provided you with a step-by-step guide on using SAP transaction SU21 in the SAP system. We covered the basics of SU21, explained how to manage authorization objects, and explored additional functionalities. Remember, continuous learning and practice are key to becoming proficient in SAP.

To further enhance your SAP skills, we highly recommend our SAP MM online video training, designed by our expert SAP MM consultant. This training program offers comprehensive modules and hands-on exercises to help you become an SAP expert. Visit roadtoexpert.com to learn more and take your SAP skills to new heights.