Include customising tables in the IMG
Development
When were which changes made to a role (PFCG)? In the PFCG, click on Utilities > View Changes in the menu at the top to view the change documents. You will see a detailed list of which user made which change to which object and when.
The Security Audit Log now also logs events where the runtime was affected by the debugger. New message types have also been defined in this context. To install this extension, you will need a kernel patch. For the fixes and an overview of the required support packages, see SAP Notes 1411741 and 1465495.
Read the old state and match with the new data
Permissions are often not restricted because there is often no information about how the object should be shaped. The identification of the required functional components is often considered to be too burdensome and the risks from a lack of limitation are considered to be too low.
If a user is assigned SAP_ALL, he has all permissions in an ABAP system. Therefore, particular care should be taken in the dedicated award of this entitlement. SAP_ALL can be generated automatically when you transport authorization objects. The SAP_ALL_GENERATION parameter must be maintained in the PRGN_CUST table.
Authorizations can also be assigned via "Shortcut for SAP systems".
If you want to get more information about SAP basis, visit the website www.sap-corner.de.
After rolling the profiles do not match your last changes? With the new features in the transport management of rolls, you can avoid such inconsistencies and connect role maintenance to the customising setting.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
The descriptive texts to the tables can be found in the table DD02T.