SAP Authorizations Centrally view user favourites - SAP Basis

Direkt zum Seiteninhalt
Centrally view user favourites
Use SAP Code Vulnerability Analyser
Changes in customizing and various security-relevant changes, such as the maintenance of RFC interfaces, can be viewed via table change logs. This authorization should only be given to an emergency user.

The goal is for SAP SuccessFactors users to maintain an overview of roles and authorizations in the system. Analysis and reporting tools help to achieve this. At ABS Team, we use our own combination of an SAP SuccessFactors solution and external documentation for this purpose. As the first graphic shows, our approach is built on a delta concept: all SAP authorizations and processes function independently of each other.
Automatically pre-document user master data
If you do not see the Expert Mode button for step 2 in the SU25 transaction, check whether you can call the expert mode from the SU24 transaction by clicking the Sample Value Match button. In this view, it is possible to select the proposed values to be matched by specific selections, so that not all proposed values are used for matching. In the first selection, you can choose the data to take. You can select here whether only SAP standard applications or customer or partner applications should be considered. You can still limit the selection by type of application, package, or component shortcut in the Other Constraints pane. In the Application Search pane, you can also limit the SU22 data to an upload file, transport jobs, or role menus.

If you want to know more about SAP authorizations, visit the website www.sap-corner.de.

To create a authorization object, you must first select the result area and the form of the result invoice, whether calculating or accounting, for which you want to validate the authorization object. To do this, you must enter the name of the authorization object to be created and click the button (Next). You then set a text for the authorization object and select a maximum of ten permission fields for the object using the Fields button. Only a selection of the characteristics defined for the result area - and for the calculation of the result account also the value fields - is possible. You can now create different authorization objects for the key numbers and characteristics, or you can group the relevant fields into a authorization object. We advise you to define only one object with all relevant fields, as this will facilitate the maintenance of permissions. In our example, we created an accounting authorization object for the characteristics of the profit centre, distribution channel and work in the information system.

The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".

With the changes mentioned in note 1702113, the S_BTCH_ADM object can be used to restrict the authorization assignment more precisely.

A note box in which data of all kinds can be quickly filed and retrieved. This is what Scribble Papers promises. At first, the program looks very spartan. But once a small structure is in place, you realise the great flexibility of this little helper.

This means that the auditor compares the document with the actual status in the SAP® system for the main topics relevant to the audit.
SAP BASIS
Zurück zum Seiteninhalt