SAP Authorizations THE "TOP SEVEN" - SAP Basis

Direkt zum Seiteninhalt
The first step in the cleanup process is therefore to find out whether the current authorization concept is sufficient and a cleanup is the best way forward, or whether a rebuild of the authorization concept is necessary. The focus should be on saving the current authorization concept, since rebuilding it takes more time than cleaning it up.

If you use the option described by us to reload the change documents into a shadow database, you should also run the report SUIM_CTRL_CHG_IDX after each reload operation, marking the field Indexes loaded change documents. In this case, all reverse-loaded change documents shall be taken into account. Before doing so, all index entries must be deleted; This can lead to a long run of the report.
Use timestamp in transaction SU25
The simulation of the mixing process is delivered with SAP Note 1941325. When you call step 2c, you will get a list of all the roles with the information about whether the respective role is already mixed (green light) or still needs to be mixed (red light). Highlight a role in this list. Use the Mix button to get the simulation of the mixing process for the selected roll.

We can now execute the test script en masse with any input. We need a test configuration for this. In the example Z_ROLLOUT_STAMMDATEN, enter a corresponding name and click the Create Object button. On the Attribute tab, specify a general description and component. On the Configuration tab, select the test script you created earlier in the corresponding field. Then click the Variants tab. The variants are the input in our script. Since we do not know the format in which eCATT needs the input values, it is helpful to download it first. To do so, select External Variants/Path and click Download Variants.

During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.

You should also consider the security advisories that apply to applications that are installed on your system but that you do not use productively.

When deleting or adding transactions in the role menu of PFCG roles, the respective permissions in the PFCG role have the Maintenance Status Standard.
Zurück zum Seiteninhalt