SAP Authorizations Use Custom Permissions - SAP Basis

Direkt zum Seiteninhalt
Use Custom Permissions
Integrate S_TABU_NAM into a Permission Concept
Permissions must be maintained in every SAP system - a task that becomes more difficult the more complex the system landscapes and the greater the number of users. Especially in growing system landscapes, once defined concepts no longer fit the current requirements or the processes in role and authorisation management become more and more complex and cumbersome over time.

To define the proposed values for the new transaction, use the transaction SU24_S_TABU_NAM. In the selection mask, you can either enter your new Z transaction, or you can enter the SE16 transaction in the Called TA search box. This will search for all parameter transactions that use the SE16 transaction. In the result list, you will find all parameter transactions that use the SE16 transaction as the calling transaction. The last two columns indicate whether the S_TABU_DIS or S_TABU_NAM authorization objects have suggestion values maintained in the SU24 transaction.
Calling RFC function modules
We recommend that you implement all safety instructions of priority very high (1) and high (2) directly. On the other hand, you can implement medium (3) and low (4) security advisories via support packages, which you should also include regularly. If you are unable to insert a support package at the moment, SAP will also provide you with the priority 3 and 4 security advisories. For the evaluation of the security advisories, you should define a monthly security patch process.

At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.

The AL08 transaction displays all logged-in users and their application servers. In the Server Name column, you can see which application server the user is logged on to, and which has the permission issue. Switch to this application server by calling the SM51 transaction and double-clicking the application server you are looking for. On the application server that is now active, run the permission trace as usual and review the evaluation.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

This also applies to every privilege and role.

So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.

He may forbid visitors who are not relatives to enter the bedroom or the daughter to have a public party in the house.
SAP BASIS
Zurück zum Seiteninhalt