Use Custom Permissions
Basics SAP Authorizations including Fiori - Online Training
Since SAP NetWeaver 7.02, such a feature is available, which means that you can access the data from the system trace to maintain PFCG roles. In the following we show you how you can apply the permission values from the permission trace to your role. To do this, you must first record applications against their permission checks and then add them to your role menu.
A separate programme - a separate permission. What sounds simple requires a few steps to be learned. Do you want to implement your own permission checks in your own development or extend standard applications with your own permission checks? When implementing customer-specific permissions, a lot needs to be considered. In this tip, we focus on the technical implementation of the authorisation check implementation.
Protect Passwords
If the programme determines that both of the criteria set out in the previous bullet points are met, the criterion of equality shall apply. This means that the proposed values of the permission that is already in place and to be added will come from the same transaction. Thus, the programme does not add a new default permission to the permission tree.
The website www.sap-corner.de offers a lot of useful information about SAP authorizations.
Access to tables and reports should be restricted. A general grant of permissions, such as for the SE16 or SA38 transaction, is not recommended. Instead, parameter or report transactions can help. These transactions allow you to grant permissions only to specific tables or reports. You can maintain secondary authorization objects, such as S_TABU_NAM, in the Sample Value Care.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
It is supported by the tools from the SAP CO module, which can provide comprehensive evaluations and analyses.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
For example, they can map the expiration organisation or a matrix organisation in your company.