SAP Authorizations SIVIS as a Service - SAP Basis

Direkt zum Seiteninhalt
SIVIS as a Service
Deletion of change documents
Identify the personnel master record associated with the user ID that you are creating in the SU01 transaction. To do this, search within the personnel data for a personnel number that entered this user ID in the System User Name SAP System (0001) subtype of the Communication (0105) info type. Subsequently, fill in the fields of transaction SU01 with the data from the personnel master record.

As the rolls pass, the value ranges for the field in question are searched within a role. Automatic cleanup occurs by writing both value ranges together in all fields. Therefore, you should clean up these entries before you start and create two different roles if necessary. The PFCG_ORGFIELD_CREATE report provides a test run that allows you to identify all the affected roles. The Status column provides an overview of the status of the permission values. If the status is yellow, there are different value ranges for the field within the role; the role must therefore be adjusted.
Use AGS Security Services
In many distributed organisations, the Profit Centre is used to map out the distributed units. However, this was only possible for FI with additional programming. In integrated data flows in SAP ERP, the sending application usually does not check the authorization objects of the receiving application. Financial Accounting (FI) in SAP does not check permissions for cost centres and profit centres. However, depending on the case of use, this may be necessary, e.g. if distributed entities are to operate as small enterprises within the enterprise and only collect and view data for this particular unit at a time. With the introduction of the new general ledger, SAP has technically merged the financial accounting and the profit centre account, so that the question of the inclusion of profit centre allowances in FIs becomes even more important.

At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.

Using these authorizations, any source code can be executed independently of the actual developer authorizations and thus any action can be performed in the system. This authorization should only be assigned to an emergency user.

"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.

For example, the extent of the test and release steps varies depending on the criticality of the change, and they may even be shortened considerably for low-risk changes.

To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.

This article identifies the main risk areas.
SAP BASIS
Zurück zum Seiteninhalt