SAP S/4HANA® Launch Pack for Authorizations
Dissatisfaction and unclear needs in the process
Are you using the result and market segment statements and need permission checks for combinations of characteristics and key figures not included in the standard? To do this, create specific authorization objects. You can define key figures and result objects (groups of characteristics) for the planning and information system in the result and market segment calculation (CO-PA). You may also want to control permissions by using these characteristics or key numbers. This cannot be reflected with the default authorization objects. Therefore, create authorization objects in the customising of the result invoice.
The call to your implementation of the BAdIs is the last step in the process of storing user data. This applies to all transactions or function blocks that make changes to user data. Therefore, the BAdI is also called during maintenance by the BAPI BAPI_USER_CHANGE. You use this BAPI when you implement a password reset self-service as described in Tip 52, "Reset Passwords by Self-Service." This enables encrypted e-mail delivery of initial passwords within a self-service framework.
Task & functionality of the SAP authorization concept
Remove improperly defined SAP Orgebene ($CLASS): This function deletes the $CLASS organisational level that was incorrectly delivered with the GRCPlug-in (Governance, Risk and Compliance). Use the test mode of the report to look at possible corrections in advance.
If RFC function modules are called via RFC connections (for example, from an RFC client program or another system), an authorization check is performed on authorization object S_RFC in the called system. This check checks the name of the function group to which the function module belongs. If this check fails, the system also checks the authorizations for the name of the function module. Configure this check with the auth/rfc_authority_check parameter.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
On www.sap-corner.de you will also find useful information about SAP basis.
You should choose an application where the user does not easily forget his password.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
This allows you to centrally access applications that reside in different SAP systems and have different UI technologies.