Authorization tools - advantages and limitations
Deleting versions
After these preparations, we now proceed to the expression of the User-Exit in the validation that has just been created. To do this, you copy the User-Exit definition in the created custom programme, specify a name for the User-Exit definition (e.g. UGALI) and create a new text element.
On the topic of SAP authorizations and SAP S/4HANA, I can recommend the SAP online course by Tobias Harmes as blended learning from Espresso Tutorials for SAP administrators, ABAP developers and people who are currently or will be dealing with SAP authorizations. The online course covers the following topics: - Introduction to the course - Why are SAP authorizations actually important? - How do SAP authorizations work technically? - Developing and maintaining roles - SAP Fiori authorizations/tile authorizations in S/4HANA - Developing authorization checks.
Evaluate licence data through the Central User Management
The Enable Transport Recording button allows you to save the changes in the roles on a transport order. For information on the validity of the PFCG_ORGFIELD_ROLES report, see SAP Note 1624104.
Another important factor that should be considered in an authorization concept is to use a uniform naming convention because, on the one hand, many things cannot be changed after the initial naming and, on the other hand, this ensures searchability in the SAP system. In addition, the preset authorization roles of the SAP system should never be overwritten or deleted, but only copies of them should be created, which can then be adapted as desired.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
The check for Open SQL patterns analyzes the code structure for direct SELECT, MODIFY or INSERT statements that must be avoided or protected on the authorization side.
Do you have questions about the SAP authorization concept? Do you want to revise an existing authorization concept or need help assigning SAP authorizations? Our SAP consultants will be happy to support you in all questions regarding the structure and design of SAP authorization concepts.