The Anatomy of SAP Authorization or Documentation on SAP Authorization Objects and Authorization Field Values
Calling RFC function modules
A user is displayed in the results list if one of the two transactions with the corresponding expression is included in its corresponding permission profile. If the logical link were fully linked to OR, a corresponding user would appear in the results list if only one of the four permissions is in the user's master set and thus in the permission profile.
Using these authorizations, any source code can be executed independently of the actual developer authorizations and thus any action can be performed in the system. This authorization should only be assigned to an emergency user.
By inserting SAP Note 1723881, you resolve the third of these problems by banning the recording of the same role on different transport orders. To enable this change in system behaviour, you must set the CLIENT_SET_FOR_ROLES customising switch to YES in the PRGN_CUST table. This toggles the setting in the SCC4 transaction for changing and recording custom customising objects ("Client modifiability") for role maintenance.
The difficulty in assigning permissions to the S_DATASET object is determining the correct values for the FILENAME and PROGRAMME fields. If you have not specified a path in the FILENAME field, only the files in the DIR_HOME directory will be allowed.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
You can use the SAP NEW Data button to mark whether this authorization object is relevant to an SAP New role of a particular release.
What roles does my user have (SU01)? We start with a simple question: which roles are actually assigned to your SAP user? With the transaction SU01 you can view your (or other) SAP user.