SAP Authorizations Make mass changes in the table log - SAP Basis

Direkt zum Seiteninhalt
Make mass changes in the table log
Adjust tax audit read permissions for each fiscal year
A universally applicable template for a reliable and functioning authorization concept does not exist due to the individuality and the different processes within each company. Therefore, the structures of the company and the relevant processes must be analyzed in detail during the creation process. Some core elements of the authorization concept to be created can be defined in advance. These include the overarching goal, the legal framework, a naming convention, clarification of responsibilities and process flows for both user and authorization management, and the addition of special authorizations. Only with clearly defined responsibilities can the effectiveness of a concept be guaranteed.

This solution is only available via a support package starting with SAP NetWeaver AS ABAP 731 and requires a kernel patch. For details on the relevant support packages, see SAP Note 1891583. In principle, user login to the application server can then be restricted by setting the new login/server_logon_restriction profile parameter.
In the transaction, select SU10 by login data of users
A troublesome scenario you're probably familiar with: You will soon be going live with a new business process and must now derive your roles in 97 accounting circles. Here eCATT can make your life easier. It's time again: If you don't have anyone in your department who likes to press the Copy button for several hours in the PFCG transaction, replace the Derive shortcut, and then customise the Organisation Levels (Origen) in the new roles on the Permissions tab (repeatedly connected to memory), the job will hang on you. Because there is hardly anything more boring, at the latest after one hour the first errors creep in. Whenever you have to roll out new roles, for example for your new premium business, to all your divisions, plants, etc. , the creation of the derived roles is tedious - because SAP does not offer smart mass maintenance.

If you want to know more about SAP authorizations, visit the website www.sap-corner.de.

A user trace is therefore also a trace over a longer period of time. Currency of the trace execution, the authorization check is recorded exactly once for each user.

Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.

A chapter should be dedicated to the process for user management.

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.

The RSUSR008_009_NEW report cannot replace a GRC system (GRC = Governance, Risk, and Compliance) with the SAP Access Control component.
SAP BASIS
Zurück zum Seiteninhalt