Maintain permission values using trace evaluations
Lack of know-how
You should therefore enforce cryptographic authentication and communication encryption by setting up Secure Network Communication (SNC). SNC provides a strong cryptographic authentication mechanism, encrypts data transmission, and preserves the integrity of the transmitted data. For some time now, SNC is freely available without a SSOMechanism (SSO = Single Sign-on) for SAP GUI and the RFC communication of all SAP NetWeaver customers. You should always implement SNC between SAP GUI and application server, as this communication can also run over open networks. For RFC communication, you need an SNC implementation if you think the data transfer could be intercepted.
For this very reason, there is a solution to automate the checking of authorizations with regard to critical authorizations and segregation of duties by means of tool support. This gives the authorization administrators more time to correct any errors that occur instead of having to search for them first.
Set up permissions to access specific CO-PA measures
In everyday role maintenance, you often have to change the permission data of a single role again after you have already recorded the role in a transport order along with the generated permission profiles. In this case, you have previously had to create a new transport order because the table keys of the generated profiles and permissions are also recorded for each individual role record, but are not adjusted for subsequent changes in the role data.
SAPconnect uses the S/MIME (Secure/Multipurpose Internet Mail Extensions) standard for signing when sending emails or for verifying and decrypting received emails. S/MIME is supported by most email clients and requires X.509-based certificates.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
The programme is then checked to see if it is included in the table of allowed programmes (table TPCPROG, configuration with the transaction TPC4).
Select a role and click on the "Users" tab.