SAP Authorizations User Information System (SUIM) - SAP Basis

Direkt zum Seiteninhalt
User Information System (SUIM)
Read the old state and match with the new data
An overview of the actual relevant information for your system landscape can be obtained from the application System recommendations in the Change Management section of the SAP Solution Manager (transaction SOLMAN_WORKCENTER or SM_WORKCENTER). This application will provide you with a recommendation for the SAP and non-SAP hints to be implemented for the evaluated systems.

Use the RSUSR003 standard report (or RSUSR003 transaction) to validate the default users for initial passwords and ensure the security policies associated with those users. You can define and use your own layout on the home page. After the report is executed, you will be presented with an overview of the existing standard users in the different companies. This includes the password status, a lock flag, the reasons for the lock, the number of false logins, the user validity periods and the security policies associated with the users. The security policy appears to help you understand whether these users are subject to special login or password rules.
Use table editing authorization objects
Since the maintenance effort would be too great if individual authorizations were entered in the user master record, authorizations can be combined into authorization profiles. Changes to access rights take effect for all users who have entered the profile in the master record.

If you want to know more about SAP authorizations, visit the website www.sap-corner.de.

The chapter on authorization recertification should also be defined in the authorization concept, which is documented in writing. This refers to a regular review of the assigned authorizations in the SAP® system, to be performed at least once a year. In the course of this process, the responsible departments should review the assignment of the respective roles to users in their area and critically scrutinize it once again. This process ultimately ensures that users only have the authorizations in the SAP® system that they actually need. It must therefore be defined in which time period and in which form the departments must receive the information about the assigned authorizations and report back regarding the correctness of the assignment. During preparation, it is therefore necessary to check whether the process has been carried out in accordance with the internal specifications, but also in accordance with possible suggestions for optimization made by the auditor, and whether all the evidence is stored ready to hand for the auditor.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

For SAPartner who want to maintain their permission checks in their namespaces, the classic name rooms, starting with J, are used up.

The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.

You can run the report for users, roles, profiles, and permissions as described above.
SAP BASIS
Zurück zum Seiteninhalt