Permissions with Maintenance Status Used
SAP systems: Control user authorizations with a concept
Let's say that a user - we call her Claudia - should be able to edit the spool jobs of another user - in our example Dieter - in the transaction SP01. What do you need to do as an administrator? Each spool job has a Permission field; By default, this field is blank. If Claudia wants to see a Dieter spool job, the system will check if Claudia has a specific spool job permission with a value of DIETER. Claudia does not need additional permissions for its own spool jobs that are not protected with a special permission value.
An SAP authorization concept is used to map relevant legal standards and internal company regulations to the technical protection options within an SAP system. Authorization concepts are thus the key to optimal protection of your system, both externally and internally.
Evaluate licence data through the Central User Management
Communication users are also intended for use by people who log on to the SAP system from outside via RFC call. Therefore, dialogue is not possible. If the password is set by the administrator, it will be assigned Initial status. However, an RFC call does not prompt the user to change the password. It therefore often retains this status, even if the user has the possibility to change the password by calling a function block (then: Status Productive). The password rules apply to this type of user. However, this is often not noticed in practice, as password rules for initial passwords are less used.
The concept for in-house developments is obligatory for every company that writes its own software. It specifies requirements, for example, for the structure, naming and documentation of program components, and in particular for dealing with safety-critical aspects. The wording should not be too general, but should explicitly address the special features of programming in SAP.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
Some useful tips about SAP basis can be found on www.sap-corner.de.
In addition to the partially available online help for individual authorization objects, the question arises as to how the documentation for the authorization object can be called up.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
You must now configure these organisational values in the system as organisational criteria that represent business areas; serve as a bridge between the organisational columns in the tables and the permission field in the authorization object.