How to assign a same role to 200 users ?

You can do using PFCG- >  enter the role -> change -> go to  users tab -> paste the users -> click on user comparsion->   complete comparsion -> Save the role - it's done

or

One can also use "Authorization Data" functionality in  transaction SU10 to complete this task.

User have tcode SA38. How to restrict user to execute only report rsusr003

Use SE93 to create customize tcode: 

a) via 'transaction with value' where we use SA38 screen as inheritance. We have option to hide SA38 screen to avoid user running other program.

b) via 'transaction with value' where we use START_REPORT to call program it self.  Or you can change the following object in the role  with tcode SE38 and in authorization object S_DEVELOP the  activities

DEVCLASS '*'           

OBTYPE '*'          

OBNAME  ' RSUSR003'           

p_group '*'           

activity '03'

How to check list of user from table usr02 using SQL Query.

How to check list of user from table usr02 using SQL Query.

1. In Ms SQL Server Management studio.

2. Execute  SELECT BNAME FROM hrs.USR02 WHERE MANDT='310'; 

Table with list of activity types.

Table with list of activity types.

01 Create or generate
02 Change
03 Display
04 Print, edit messages
05 Lock
06 Delete
07 Activate, generate
08 Display change documents
09 Display prices
10 Post
11 Change number range status
12 Maint.and gen.change document
13 Initialize number levels
14 Field select.:Generate screen
15 Field select.:Assign table
16 Execute
17 Maintain number range object
18 Deliveries from coll. proc.
19 Invoices from coll. proc
20 Transport without translation
21 Transport
22 Enter, Include, Assign
23 Maintain
24 Archive
25 Reload
26 Change customer account group
27 Display totals records
28 Display line items
29 Display saved data
30 Determine
31 Confirm
32 Save
33 Read
34 Write
35 Output
36 Extended maintenance
37 Accept
38 Exercise
39 Check
40 Create in DB
41 Delete in DB
42 Convert to DB
43 Release
44 Flag
45 Allow
46 Merge
47 Borrow
48 Simulate
49 Request
50 Move
51 Initialize
52 Change application start
53 Display application start
54 Display application archive
55 Change application archive
56 Display archive
57 Save archive
58 Display takeover
59 Distribute
60 Import
61 Export
62 Create automatic Ledger
63 Activate
64 Generate
65 Reorganize
66 Refresh
67 Translate
68 Model
69 Discard
70 Administer
71 Analyze
72 Plan
73 Execute Digital Signature
74 Revoke approval
75 Remove
76 Enter
77 Pre-enter
78 Assign
79 Assign Role to Composite Role
80 Print
81 Schedule
82 Supplement
83 Counterconfirm
84 Settle
85 Reverse
86 Rebook
87 Return
88 Exercise
89 Force Posting
90 Copy
91 Reactivate
92 Create from Template
93 Calculate
94 Override
95 Unlock
96 Reject
97 Set
98 Mark for release
99 Generate invoice list
A1 Accrue
A2 Pay
A3 Change status
A4 Resubmit
A5 Display reports
A6 Read with filter
A7 Write with filter
A8 Process mass data
A9 Send
AA Print Again
AB Settle
B1 Display permitted values
B2 Complete Technically
B3 Derive
B8 Execute Again
B9 Post Parked Document
BD Maintain obj. in non-OwnerSys.
BE IMG projection
C1 Maintenance of payment cards
C2 Display of payment cards
C3 Maintenance of manual auth.
C4 Develope Payment Card
C5 Reopen
C8 Confirm change
D1 Copy
D3 Detailed Display
DL Download
DP Delete plan
E0 Save extract
E6 Delete own extracts
E7 Delete external extracts
EP Prioritise extract
FP Change customer field selectn
G1 Maintain Budget
G2 Billing
G3 Maintain Overhead Costs
G4 Maintain Reevaluation
G5 Park
G6 Transfer Budget
G7 Reverse
GL General overview
H1 Deactivate
H2 Activate Logging
H3 Deactivate Logging
KA Activate notice
KI Knock In
KO Knock Out
KS Reverse notice
KU Give notice
L0 All functions
L1 Function range level 1
L2 Function range level 2
LM Change LDAP Mapping
LS Change LDAP Sync. Switch
MA Deactivate mod.assistant
P0 Accept CCMS CSM data
P1 Edit CCMS CSM data
P2 Maintain CCMS CSM methods
P3 Register CCMS CSM remote systm
PA Open Period
PB Close Period
PC Open Consolid. Grp Processing
PD Close Consolid. Unit Processng
PP Set Productively
PU Publish
RS Send to New Recipient
S1 Edit template
S2 Edit specification
SO Edit in Sourcing
SZ Assign Switch Framework Switch
U2 Compare business volumes
U3 Change business volume comp.
U4 Add business volume data
UL Upload
V1 Create version
V2 Change Version
V3 Display Version
V4 Delete Version
V5 Transport Version
V6 Delete Version Header
VE Create an Enhancement ID
VF Expired
W1 Debug
W2 External Start

Display a list of user's password status and lock status.

·       Execute tcode rsusr200  or  Tcode SUIM

·       User-->

      Users By Complex Selection Criteria -->

      By Logon Date and Password change -->        

·      

           Enter a list of user (or) Enter single user name.   

    You will be able to see details as below.

·         

Table USR02 - User Lock value

1. Execute SE16

2. Enter USR02

3. Below are the value and its description:

Value:

0	Not locked
16	Lock
32	Locked by CUA admin (User Admin)
64	Locked by system Administrator
128	Locked due to incorrect logon attempts or too many failed attempts
192	A combination of both. The user is locked by admin and user tries to logon with incorrect passwords and gets locked ( 192 = 64+128)

USR02 SAP Table - Logon Data

Field	Data Element	Data Type	length	Checktable	Description
MANDT	MANDT	CLNT	000003	*	Client
BNAME	XUBNAME	CHAR	000012		User
BCODE	XUCODE	RAW	000008		Initial password
GLTGV	XUGLTGV	DATS	000008		Valid from
GLTGB	XUGLTGB	DATS	000008		Valid through
USTYP	XUUSTYP	CHAR	000001		User Type
CLASS	XUCLASS	CHAR	000012	USGRP	User group
LOCNT	XULOCNT	INT1	000003		Number of failed logon attempts
UFLAG	XUUFLAG	INT1	000003		User Lock Status
ACCNT	XUACCNT	CHAR	000012		Account number
ANAME	XUANAME	CHAR	000012		Creator of User Master Record
ERDAT	XUERDAT	DATS	000008		Creation Date of User Master
TRDAT	XULDATE	DATS	000008		Last Logon Date
LTIME	XULTIME	TIMS	000006		Last Logon Time
OCOD1	XUCODE	RAW	000008		Initial password
BCDA1	XUBCDAT	DATS	000008		Date of Last Password Change
CODV1	XUCODEVERS	CHAR	000001		Password Code Vers.
OCOD2	XUCODE	RAW	000008		Initial password
BCDA2	XUBCDAT	DATS	000008		Date of Last Password Change
CODV2	XUCODEVERS	CHAR	000001		Password Code Vers.
OCOD3	XUCODE	RAW	000008		Initial password
BCDA3	XUBCDAT	DATS	000008		Date of Last Password Change
CODV3	XUCODEVERS	CHAR	000001		Password Code Vers.
OCOD4	XUCODE	RAW	000008		Initial password
BCDA4	XUBCDAT	DATS	000008		Date of Last Password Change
CODV4	XUCODEVERS	CHAR	000001		Password Code Vers.
OCOD5	XUCODE	RAW	000008		Initial password
BCDA5	XUBCDAT	DATS	000008		Date of Last Password Change
CODV5	XUCODEVERS	CHAR	000001		Password Code Vers.
VERSN	XUVERSION	CHAR	000003
CODVN	XUCODEVER2	CHAR	000001		Password Code Vers.
TZONE	TZNZONE	CHAR	000006	TTZZ	Time Zone
PASSCODE	PWD_SHA1	RAW	000020		Password Hash Val.(SAH1, 160 Bit)
PWDCHGDATE	XUBCDAT	DATS	000008		Date of Last Password Change
PWDHISTORY	XUPWDHIST	INT1	000003		External Password History(USRPWDHISTORY)
PWDLGNDATE	XULPDAT	DATS	000008		Date of Last Password Logon
PWDSETDATE	XUSPDAT	DATS	000008		Date: Password Reset by Administrator
PWDINITIAL	XUPWDINIT	INT1	000003		Indicator: Password Is Initial
PWDLOCKDATE	XUPLDAT	DATS	000008		Date: Password Lock
PWDSALTEDHASH	PWD_HASH_STRING	CHAR	000255		Password Hash Value