Include customising tables in the IMG
Solution approaches for efficient authorizations
Here, the authorizations are either derived from the role menu (through the authorization default values (transaction SU24) or can also be edited manually in expert mode. The individual authorization objects are divided into object classes. For example, the object class AAAB (cross-application authorization objects) contains the authorization object S_TCODE (transaction code check at transaction start) with the authorization field value TCD (transaction code).
The simulation of the mixing process is delivered with SAP Note 1941325. When you call step 2c, you will get a list of all the roles with the information about whether the respective role is already mixed (green light) or still needs to be mixed (red light). Highlight a role in this list. Use the Mix button to get the simulation of the mixing process for the selected roll.
Automatically pre-document user master data
You can view the contents of the checked permission fields by double-clicking on the respective variables. The Variables 1 tab displays the variables with the respective values used for this eligibility check. These values correspond to the values that you also see in the System Trace for Permissions. If a permission check ends with SY-SUBRC = 0 when no appropriate permissions are available, verify that the check is turned off locally via the SU24 or globally through the SU25 or AUTH_SWITCH_OBJECTS transactions.
An overview of the actual relevant information for your system landscape can be obtained from the application System recommendations in the Change Management section of the SAP Solution Manager (transaction SOLMAN_WORKCENTER or SM_WORKCENTER). This application will provide you with a recommendation for the SAP and non-SAP hints to be implemented for the evaluated systems.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.
However, it is difficult for a support worker to understand permissions errors because they have different permissions and are often missing detailed information about the application where the permission error occurred.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
To ensure that processes are mapped securely and correctly, SAP authorizations must be regularly checked and reworked.