SAP Authorizations Retain the values of the permission trace to the role menu

Direkt zum Seiteninhalt
Retain the values of the permission trace to the role menu
Essential authorizations and parameters in the SAP® environment
SAP authorizations are a security-critical and thus an immensely important topic in companies. They are used not only to control the access options of users in the SAP system, but also the external and internal security of company data depends directly on the authorizations set.

A note on the underlying USKRIA table: This table is independent of the client. For this reason, you cannot maintain this table in systems that are locked against cross-client customising. In this case, you should create a transport order in the development system and transport the table to the production system.
A complicated role construct
Confidential information from your SAP system can also be sent by email. Make sure that this data is only transmitted encrypted. Your SAP system contains a lot of data, which is often confidential. This can be business-critical or personal data or even passwords. It happens again and again that such data must also be sent by e-mail. Therefore, make sure that this information is always encrypted and signed if necessary. Encryption is intended to ensure the confidentiality of the data, i.e. that only the recipient of the e-mail should be able to read it. The digital signature serves the integrity of the data; the sender of an e-mail can be verified. We present the configuration steps required for encryption and provide examples of how to encrypt the sending of initial passwords. There are two ways to encrypt and sign emails in the SAP system: via SAPconnect, via a secure third-party email proxy.

The panel menus also simplify the maintenance of permissions to the audit structures. You can select the audit structures or area menus you use in role editing and import them into the roles as menus. If you want to set up a constraint on AIS users to specific audit structures or protect individual audits from access, you can use the S_SAIS authorization object. This object controls access to the audit structures or the audit numbers of individual audits.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

If you want to get more information about SAP basis, visit the website www.sap-corner.de.


The checks for specific authorization objects can be globally off for all transactions (in transaction SU24 or SU25).

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.


Specify Import and confirm with Yes.
Zurück zum Seiteninhalt