Administrative tasks
SM04 Evaluate user sessions
In order to have some advantage in terms of new SAP technologies, suitable PoCs (Proof of Concepts), research and pilot projects must be initiated to build know-how and evaluate boundary conditions or feasibility. Furthermore, this serves the evaluation of new business models by the underlying technology in collaboration with the respective business unit.
To add additional permissions for defined groups in the launchpad to PFCG roles, follow the steps described above. This time, you only select a "SAP Fiori tile group" instead of a "SAP Fiori tile catalogue". There are very few differences between permissions. Fiori Eligibility for OData Services The launch authorisation for the OData service stored in the backend from a Fiori app is queried on both the front-end and back-end servers when the application is launched. Therefore, this permission must be added to the appropriate role on both servers. The typical sequence of clicking on a Fiori app in the launchpad triggers the following steps: 1) When selecting the tile, the app Fiori implementation is called 2) The app retrieves dynamic data from the HTTP endpoint of the OData service on the frontend server from 3) An RFC call to the gateway activation of the backend system is followed, retrieving the relevant business logic 4) Now the Fiori permission for the corresponding OData service is queried on the backend 5) If this was successful the appropriate business logic permissions are queried in the OData service. To add the Fiori permission to run a OData service for an app to a role, please perform the following steps: In the PFCG, open the appropriate role in Change mode, perform steps on the following screenshot: 1) Select Menu tab 2) Arrow next to the "Transaction" button click 3) Select Permissions proposal.
RECOMMENDATIONS
The establishment of Software-Defined Data Centres or IaaS are the key to further flexibility and standardisation of SAP technology infrastructure. The concept of a Software-Defined Data Centre is to create an abstraction layer over the individual virtualised components, such as servers, networks or storage, that controls, controls, provisioning, and automates the entire infrastructure.
Before the project starts, it must be clear which systems are to be connected to the IdM and which services the system is to provide. This requires close collaboration between the department and IT, as later adaptations or additional systems will extend the implementation and exceed the budget. Analysing existing data To successfully implement an Identity Management System, high quality data is essential. Users' root data must be verified, updated, or maintained. Automation with incomplete or even incorrect data is otherwise not conceivable. Rethinking the Permission Concept With the introduction of an Identity Management System and a workflow for permission granting, the existing roles should be scrutinised once again. You should ask yourself whether the user knows what role he chooses from the current catalogue and whether it is sufficient for his task. Set Role-Owner Not only the user needs to know which role to choose. There must also be a person in charge of the role who adapts or adapts the role as required or acts as a point of contact when required.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Any role for a new key-user in the HCM area, but how exactly was that called? Would you Google the same way? - Not much.
AUTO_MOD_SPAU This step checks whether modifications can be adjusted automatically.