SAP Authorizations Controlling file access permissions

Direkt zum Seiteninhalt
Controlling file access permissions
Add External Services from SAP CRM to the User Menu
In many SAP environments, there are historically grown authorization structures that cause unnecessary security gaps. These should be examined closely.

Your SAP system landscape keeps you safe and up-to-date by inserting different types of SAP hints and patches. For a first overview of the security information for SAP systems, see the SAP Service Marketplace at https://service.sap.com/securitynotes. For a complete list of all security advisories for all SAP solutions (SAP NetWeaver Application Server ABAP and Java, TREX, SAP HANA, Sybase, SAP GUI, etc.), see Security Notes Search on this page. The My Security Notes page allows you to find the SAP notes that are relevant for systems registered in SAP Service Marketplace. This does not take into account information already recorded.
Development
You want to document internal system revisions and authorisation monitoring? The new cockpit of the Audit Information System offers you some practical functions. There are several legal requirements that require a regular audit of your SAP system. As a general rule, there are internal and external auditors who carry out such audits. In addition, user and permission management can set up their own monitoring of permissions to avoid unpleasant surprises during audits. Auditor documentation is often standardised in the case of external auditors; for the internal audit or your own monitoring, however, in many cases a suitable documentation is missing. In spite of automated evaluations, external auditors often also demand an activation of the Audit Information System (AIS). We will show you how to activate the AIS and take advantage of the new AIS cockpit.

As an SAP SuccessFactors implementation partner, we are often confronted with complex authorization constellations. For sure: If a consulting company does not implement a process first and the "framework" is missing as a result, the existing SAP authorizations must be analyzed retrospectively and the underlying concept must be understood. Only then can the new process be meaningfully inserted into the authorization concept.

"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.

Some useful tips about SAP basis can be found on www.sap-corner.de.


A typical application arises when a new SAP user is requested.

So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.


For example, if you check what table permissions a particular user has based on the S_TABU_DIS authorization object, you will receive information about the table names, the associated table permission group, and the eligible activities.
Zurück zum Seiteninhalt