SAP Authorizations Implementing the authorization concept in the FIORI interface - SAP Basis

Direkt zum Seiteninhalt
Implementing the authorization concept in the FIORI interface
User Management
How is it possible to jump from one transaction to another without checking the eligibility for the target transaction? With the CALL TRANSACTION statement! In this tip, we will explain how you can grant permissions for jumps from one transaction to another using the ABAP CALL TRANSACTION command, or actively determine which checks to perform. The CALL TRANSACTION statement does not automatically check the user's permission to perform the invoked transaction. If no verification takes place in the invoked programme, it must be installed in the calling programme by adding additional features for the eligibility check.

The security check also shows when no redesign is necessary because the authorizations found are compatible with the current concept. The checks allow incorrect authorizations to be identified and rectified without a redesign.
Grant permissions for SAP background processing
However, it is possible to include the same role in several tasks of different operators within each contract. This increases transparency for you, because all participants can instantly identify which users are editing the role. Before you enable the use of the SCC4 transaction setting for role maintenance, you should release existing role transports to avoid recording conflicts. As a rule, you do not choose the setting depending on your role-care processes; So you have to think very carefully about what the activation will do.

If you want to know more about SAP authorizations, visit the website www.sap-corner.de.

In the SAP standard, there is no universally applicable way to automate the mass maintenance of role derivations. We therefore present three possible approaches: 1) Approach to custom development 2) Automated mass maintenance using the Business Role Management component 3) Use of a pilot note that allows a report for mass update of organisational values in rolls (currently available to selected customers) (BRM) from SAP Access Control.

However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".

If you have set the distribution parameters for the user group to Global or Redistribution, the appropriate subsidiary system will reject the changes made to users that do not have a user group in the Central System, and you will receive an error message in the SCUL transaction.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.

From the result of the statistical usage data, you can see which transactions (ENTRY_ID) were used, how often (COUNTER), and how many different users.
SAP BASIS
Zurück zum Seiteninhalt