In SAP, SE16 is a transaction code used for data browsing, which allows users to view data in tables. When it comes to security, certain tables accessed through SE16 may contain sensitive information, so it’s important to manage access to this transactions carefully. Here are some commonly accessed tables through SE16 for security and administration:
| Table | Description |
| USR02 | Logon data |
| USR04 | User master authorization (one row per user) |
| UST04 | User profiles (multiple rows per user) |
| USR10 | Authorisation profiles (i.e. &_SAP_ALL) |
| UST10C | Composit profiles (i.e. profile has sub profile) |
| USR11 | Text for authorisation profiles |
| USR12 | Authorisation values |
| USR13 | Short text for authorisation |
| USR40 | Table for illegal passwords |
| USGRP | User groups |
| USGRPT | Text table for USGRP |
| USH02 | Change history for logon data |
| USR01 | User Master (runtime data) |
| USER_ADDR | Address Data for users |
| AGR_1016 | Name of the activity group profile |
| AGR_1016B | Name of the activity group profile |
| AGR_1250 | Authorization data for the activity group |
| AGR_1251 | Authorization data for the activity group |
| AGR_1252 | Organizational elements for authorizations |
| AGR_AGRS | Roles in Composite Roles |
| AGR_DEFINE | Role definition |
| AGR_HIER2 | Menu structure information – Customer vers |
| AGR_HIERT | Role menu texts |
| AGR_OBJ | Assignment of Menu Nodes to Role |
| AGR_PROF | Profile name for role |
| AGR_TCDTXT | Assignment of roles to Tcodes |
| AGR_TEXTS | File Structure for Hierarchical Menu – Cus |
| AGR_TIME | Time Stamp for Role: Including profile |
| AGR_USERS | Assignment of roles to users |
| USOBT | Relation transaction to authorization object (SAP) |
| USOBT_C | Relation Transaction to Auth. Object (Customer) |
| USOBX | Check table for table USOBT |
| USOBX_C | Check Table for Table USOBT_C |
| USOBXFLAGS | Temporary table for storing USOBX/T* chang |
It’s important to note that access to these tables should be strictly controlled, and users should only be granted the necessary authorizations based on their roles and responsibilities. Additionally, auditing and monitoring of SE16 access can help ensure that sensitive data is not being accessed inappropriately.
