SAP Authorizations Ensuring secure administration - SAP Basis

Direkt zum Seiteninhalt
Ensuring secure administration
The Anatomy of SAP Authorization or Documentation on SAP Authorization Objects and Authorization Field Values
In our eCATT test configuration, the prepared file can now be used to play the recording. Note that playback stops when we encounter an error in the PFCG transaction, such as when we try to create a role with the input values that already exist. To play, specify the file under External Variants in Test Configuration and click Run (F8). You will be given the opportunity to set some playback properties. Now, with Run, it starts. You will see some messages from the PFCG version at the bottom of the status bar and will end up with a summary of success (or failure if there were errors). We admit that eCATT is more complex to use than the transaction SU10. However, if you have used eCATT a few times, it is quite quick. Please always note that the basic mechanism is to play a recording and therefore other organisational levels (e.g. a third organisational level, which is in the dialogue before the work and the sales point) also require a different recording and editing.

Package Privileges permissions: Package Privileges are permissions that control access to development packages in the SAP HANA database. Packages contain design-time versions of objects that can be transported with this package via a delivery unit and thus made available to other systems.
User Management
You can't keep an eye on everything. Therefore, avoid that your colleagues do not assign users to a user group, and thus ensure that the user master data maintenance permissions check is correct. You do not want a user without a user group to be able to be created in your SAP systems? Users without a user group can be changed by all administrators with permission for any user group. You should also prevent incomplete permission checks when assigning roles and profiles to users without a permission group. Because it is possible to assign roles and permissions to a user first, and then assign a user group that does not have permission to assign roles and profiles. Finally, do you want to change the user group for an existing user without having permission for the new user group? In the following section we will show you how to secure your user master data maintenance.

If you want to know more about SAP authorizations, visit the website www.sap-corner.de.

Step 2d (Show Modified Transaction Codes) lists all roles that have been found to use an old transaction code. Sometimes, new transaction codes replace old transaction codes. In this step you have the option to exchange the transaction codes. Once you have completed the upgrade of the Eligibility proposal values, you will be given the option in Step 3 (Transport of the Customer Tables). Transport your permissions suggestions in your system landscape.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

As a general rule, there are internal and external auditors who carry out such audits.

The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.

Insert SAP Note 1171185 into your ZBV system.
SAP BASIS
Zurück zum Seiteninhalt