Perform Risk Analysis with the Critical Permissions Report
Authorization roles (transaction PFCG)
By adding certain SAP standard reports and the user information system ("SUIM"), you can quickly identify security-relevant issues and correct any errors. This improves basic management of your existing security concept and protects you against external and internal intrusions. If you need help with your system analysis, please feel free to contact us. Xiting offers you a wide range of services related to SAP Security. Above all, our proprietary security tool, the Xiting Authorizations Management Suite, or XAMS for short, allows you to build a new role concept based on your usage data and even generate a revision-compliant security concept at the push of a button. Why not see for yourself and join one of our many different webinars.
In our eCATT test configuration, the prepared file can now be used to play the recording. Note that playback stops when we encounter an error in the PFCG transaction, such as when we try to create a role with the input values that already exist. To play, specify the file under External Variants in Test Configuration and click Run (F8). You will be given the opportunity to set some playback properties. Now, with Run, it starts. You will see some messages from the PFCG version at the bottom of the status bar and will end up with a summary of success (or failure if there were errors). We admit that eCATT is more complex to use than the transaction SU10. However, if you have used eCATT a few times, it is quite quick. Please always note that the basic mechanism is to play a recording and therefore other organisational levels (e.g. a third organisational level, which is in the dialogue before the work and the sales point) also require a different recording and editing.
Background processing
Especially in complex and multi-level system landscapes, roles may be assigned to a user twice. In addition, roles may also have expired due to the specification of a validity period. To keep your role concept and your user administration maintainable and clean, it is recommended to delete these obsolete roles. You can do this by clicking on the report PRGN_COMPRESS_TIMES. This program is also available via the PFCG under the system tab "Utilities" and category "Mass adjustment".
SAPconnect uses the S/MIME (Secure/Multipurpose Internet Mail Extensions) standard for signing when sending emails or for verifying and decrypting received emails. S/MIME is supported by most email clients and requires X.509-based certificates.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
On www.sap-corner.de you will also find useful information about SAP basis.
The SAP standard offers various ways to record and play on a massive scale.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
For this reason, you cannot maintain this table in systems that are locked against cross-client customising.