Instructions :
If you encounter difficulties in recording and executing transactions, it is advisable to perform an Authorization Check to determine if the problem is due to the absence of authorization objects.
To initiate this check, go to Tools and select Authorization Check. A dialog box called Authorization Check Result will appear, displaying the authorization objects you are authorized to use and those you are not. If any objects indicate that you are not authorized, please capture a screenshot and collaborate with your SAP Security team to rectify the issue.
It is important to note that Winshuttle Transaction fully adheres to SAP® security features, and it cannot bypass the SAP authorization restrictions that apply to you. This document aims to assist you and your security team in understanding the SAP authorizations necessary for working with Transaction. In most cases, these authorizations are already configured. However, if you have attempted to use Transaction but encountered issues or error messages, this document will help you troubleshoot the problem.
For SAP customers running SAP with Support Pack stack 24 or higher, implementing the custom Winshuttle Function Module for Non-Batch recording modes is necessary for proper functionality.
Applies to Function Module 10.X only.
Transaction Authorization using SAP GUI To run a transaction in Winshuttle Transaction, you must have the corresponding authorization in the SAP GUI. If you do not have access to a specific transaction, please obtain the necessary authorization before recording or running that transaction in Transaction.
Authorization for Remote Function Calls (RFC) Transaction utilizes RFC calls to interact with SAP. You need to have the appropriate access assigned to you for RFC calls. In most cases, these authorizations are already assigned to your user profile. The following objects and values should be present in your SAP user profile for seamless integration with Transaction
For the S_RFC Authorization Object:
Field RGC_TYPE: Value FUGR (function group) Field ACTVT: Value 16 (execute) or * Field RFC_NAME: (empty)
The following values are required: For 10.5 Function Module: /WINSHTL/* – If installing 10.5 Function Module
If you prefer discrete values for 10.5 FM, please use the following: /WINSHTLE/CALL_TRANS: Program for Execution of RFCs CALL Trans /WINSHTL/TRC_FUGR_REC: Winshuttle Tx record function group /WINSHTL/TRN_FUGR_RUN: Winshuttle Tx run function group /WINSHTL/TRN_FUGR_SVTX: Function Group to Save Text /WINSHTL/TRN_FUGR_USRFR: Function Group to get the date format /WINSHTL/TRN_TX_F4_106: F4 help for data element field /WINSHTL/TRN_TX_TRACE_EXTR: Extract Transaction Trace
For 10.6 Function Module: /WINSHTLQ/* – If installing 10.6 Function Module or higher
If you prefer discrete values for 10.6 FM, please use the following: /WINSHTLQ/CALL_TRANS: Program for Execution of RFCs CALL Trans /WINSHTLQ/QREVERFUGR: To get WFM version /WINSHTLQ/TRCTAB: Func Grp for Transaction rule maintenance screen /WINSHTLQ/TRC_BW: Func Grp for Transaction Black White Access maintenance screen /WINSHTLQ/TRC_FUGR_REC: Winshuttle Tx record function group /WINSHTLQ/TRN_FUGR_RUN: Winshuttle Tx run function group /WINSHTLQ/TRN_FUGR_SVTXT: Function Group to Save Text /WINSHTLQ/TRN_FUGR_USRFR: Function Group to get the date format /WINSHTLQ/TRN_TX_F4_106: F4 help for data element for field /WINSHTLQ/TRN__TX_TRACE_EXT: Extract Transaction Trace
The following values are required for running shuttle files: SYST, SRFC, SUSR, RFC1, RFCH, SBDC, ATSV, STTF, SDTX
Additional values required for recording shuttle files:
SBDR, SCAT, STTM, SDTX
To verify a user’s authorization to use a specific RFM, Transaction checks if the user has EXECUTE(16) permission on the corresponding Function Group. Hence, authorization for the Function Group is necessary as the Function Module accesses the structures defined within the Function Group.
Table Level Authorizations Transaction may require access to specific tables for logging, extended comments, field descriptions, and messages during the debugging process. Table level access is controlled by the authorization object S_TABU_DIS. Transaction needs access to the following tables: T100, TFDIR, DD03L, DD04L, TSTCT, D020T, and DD03M. To enable
