SAP Authorizations Authorizations in SAP BW, HANA and BW/4HANA - SAP Basis

Direkt zum Seiteninhalt
Authorizations in SAP BW, HANA and BW/4HANA
RSUSR008_009_NEW
By correcting SAP Note 1692243, you can now also use the report in a ZBV (Central User Management) environment; It is no longer limited to individual clients. If the role assignment of the ZBV in the SCUM transaction is set to global, it is sufficient if the correction is recorded in the central client. Then it is only possible to execute the report in the central client. Furthermore, you have the option to select the ZBV's subsidiary systems from the Receive System drop-down box in such a way that only the systems in which the role assignment is to be consolidated or deleted are taken into account. In the results list of the consolidated role assignment, you will now be listed in the ZBV-System column the subsidiary systems where consolidation or deletion took place.

Here, the authorizations are either derived from the role menu (through the authorization default values (transaction SU24) or can also be edited manually in expert mode. The individual authorization objects are divided into object classes. For example, the object class AAAB (cross-application authorization objects) contains the authorization object S_TCODE (transaction code check at transaction start) with the authorization field value TCD (transaction code).
Standard authorisation
By inserting SAP Note 1723881, you resolve the third of these problems by banning the recording of the same role on different transport orders. To enable this change in system behaviour, you must set the CLIENT_SET_FOR_ROLES customising switch to YES in the PRGN_CUST table. This toggles the setting in the SCC4 transaction for changing and recording custom customising objects ("Client modifiability") for role maintenance.

At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.

SAP NetWeaver 7.31 introduces a new method for determining affected applications and roles by timestamping (see tip 45, "Using the timestamp in the transaction SU25"). With the Support Package 12 for NetWeaver Release 7.31 and Support Package 4 for NetWeaver Release 7.40 from SAP Note 1896191, the Expert Mode function for taking SU22 data for step 2 has been added.

Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.

On the Menu tab of the PFCG role, you can upload this text file from File by selecting Menu > Import.

So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.

The area of security is often neglected in thought, but can lead to major problems and possibly image-related damage - and resulting financial losses - in retrospect.
SAP BASIS
Zurück zum Seiteninhalt