SAP Authorizations Define security policy for users - SAP Basis

Direkt zum Seiteninhalt
Define security policy for users
Grant permission for external services from SAP CRM
In the display image of your selected table, go to the Tools menu and select Assign Permissions Group. On the following image, you can then change the association with a table permission group or assign a new permission group. To do this, click the View/Modify button ( ) and enter your permission group in the Permission field.

Are you using SAP NetWeaver Business Client instead of SAP GUI? The arrangement of the applications on the screen is controlled by PFCG roles. The SAP NetWeaver Business Client (NWBC) is an alternative to SAP GUI for access to SAP applications. This allows you to centrally access applications that reside in different SAP systems and have different UI technologies. The NWBC enables you to call not only transactions, but also Web-Dynpro applications and external service applications. In this tip, we will show you how to use PFCG roles to control the design of the NWBC user interface.
BASICS FOR USING SAP REPORTS
The SAP Note 1903323 provides a solution. The functionality is only provided via support packages for NetWeaver releases 7.31 and 7.40. This fix extends the naming conventions so that namespaces in the /XYZ/ format can be used up to a maximum of eight characters. In the development and creation of authorization objects, some functionalities of the SAP hint are extremely helpful, which we present in this tip.

The function block was obviously not intended for this use, but our procedure does not affect the programme process and we are not aware of any limitations resulting from this use. You can also apply this procedure to other BTEs that pass data in a similar form. However, you should always exercise caution and check whether the application has already created sum records or whether there are other dependencies. Finally, you will need to create a product you have developed (you can define the name yourself) in the FIBF transaction and assign it to Business Transaction Event 1650 along with the customer's own function block, as shown in the following figure. A custom product may include several enhancements. It forms a logical bracket around the extensions and thus provides a better overview. In addition, it allows for a targeted activation or deactivation of the implementations.

For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.

However, there are fundamental differences between the two versions.

The system checks direct access to the contents of tables, for example, with transactions SE16, SM30, or SE16N with authorization checks on a table authorization group, object S_TABU_DIS.
SAP BASIS
Zurück zum Seiteninhalt