Showing results for 
Show  only  | Search instead for 
Did you mean: 

Flexnet SAP Authorization role Permission

Need your support with role  authorization aligned with Admin & Satellite  , SAP Security team has raised the below concern


Authorization object

Access Level


Role has display access to all tables however the  tool is checking certain tables hence Security Team  need to restrict by Seeking support if the required  Tables/Auth Groups to restrict the Role byreplacing  the * value


Role has authority for User Changes and Lock/Unlock  along with Display access; seeking feedback if this access is required by the Tool  or we can restrict


Data collected  by the  SAP system from Table DD03L .




(1) Reply

Hi Sagar,

You can customize the role based on your own situation.

  • S_TABU_DIS: As we support a variety versions of SAP NetWeaver, the role definition should be compatible to all these versions. But we have noticed a few standard tables belong to different auth groups in different versions. That is one of the reason we use * here. Customer can start with the following list of tables if they decide to use table name or authorization group.
    • /LICMAN/* (/LICMAN/ is Flexera reserved namespace)
    • SAP standard tables which can be found in FlexNet Manager for SAP Applications Installation Guide. There is a chapter called “Tables Read and Data Collected by the SAP Inventory Agent “ introducing the tables it needs to read.
  • S_USER_GRP: FNMS SAP Admin Module supports user maintenance functionalities which requires such authorization. If customer just reviews license recommendation on Admin Module side instead of processing license recommendation, they can only leave display access.


Diggesh H Joshi

Diggesh H Joshi