![IBacademy_Logo_blau[496]](https://www.ibsolution.com/hs-fs/hubfs/IBacademy_Logo_blau%5B496%5D.jpg?width=200&name=IBacademy_Logo_blau%5B496%5D.jpg "IBacademy_Logo_blau[496]"){kind=logo}
SAP Identity Management (IdM) uses the function module RFC_READ_TABLE to read application server ABAP (AS ABAP) tables. This can be used, for example, to load picklists for salutations and titles within initial load and update jobs. The module is also often used to load data from SAP HCM (Human Capital Management) for HR integration, for example tables PA0000, PA0001, etc.
Do you want to manage the user roles and access rights of your users?
Data no longer readable for SAP IdM
With a new basis release (at least 0026) the functionalities and the data structures of the function module RFC_READ_TABLE have been changed. As a result, SAP IdM can no longer read data via this module. The symptom is an empty value set, no data is returned.
Importing an SAP Support Note
To enable SAP IdM to read data again, SAP Support Note 2246160 must be imported. This makes the previously used data structures available again and the return values are correct again.
Configure PFCG role
Since the function module RFC_READ_TABLE can potentially read any table, it is recommended to restrict the authorizations of the communication user used by SAP IdM and to grant him access only to tables he needs. Such customized PFCG roles based on an authorization trace can be created by using SECMENDO.authority_generator for example.
