The question is whether the underlying code relating to these transactions includes an authority-check statement against GSBER. You could start by checking SU24 for each individual transaction to see if there is a SAP delivered or customer-updated relationship between the tcodes and an authorization object containig the GSBER field. This method could take some time and is not fool-proof as the relationships spelled out in SU24 are not necessarily indicative of the authorization checks made. The more expedient approach would be to run a ST01 authorization trace against the execution of these transactions and review the log for a check against GSBER. If you do not find an authorization check, a custom solution is in your future.
↧