Integrate S_TABU_NAM into a Permission Concept
Reset Manually Maintained Organisation Levels to Roles
In SAP systems you always have the possibility to integrate custom developments. In such extensions or your own programmes, you must implement permission checks and may also create your own authorization objects. You can also supplement authorisation checks in standard transactions if the existing checks do not cover your requirements.
On the other hand one can call the system trace over the transaction ST01. Here it is possible to set individual filters for the checks. In addition, you can switch off the trade via the "Trace off" button or the F8 key and switch the trace back on via the "Trace on" button that is then displayed or the F7 key. If you click on the button "Evaluation" or the F2 key, you can display the evaluation.
Use SAP Code Vulnerability Analyser
This function was not part of the standard delivery. With the support package named in SAP Note 1860162, the transaction SAIS_SEARCH_APPL is now delivered. This transaction allows you to verify that other applications have startup properties similar to those available in a particular application. For example, we searched for applications with similar functionality as the PPOME transaction provides.
From release 10.1, SAP Access Control supports the creation of users and the assignment of roles and privileges in HANA databases. If you use the concept of business roles in SAP Access Control, you can achieve an automatic installation of the users in SAP NetWeaver AS ABAP and HANA database and the assignment of the ABAP and HANA technical roles (or privileges) when assigning a business role.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
The authorizations are combined in an authorization profile (Generated profile), which is assigned to a role.
User administrators then assign the appropriate roles (single role or composite role) via the user master record so that the user can use the appropriate transactions for his or her tasks.