ACCESS CONTROL | AUTHORIZATION MANAGEMENT FOR SAP®
Authorizations in SAP systems: what admins should look out for
The SAP authorization concept ensures that no unauthorized access can be made to transactions, programs and services in SAP systems. To call up business objects or execute transactions in the SAP system, a user therefore requires the appropriate authorizations. When called, the application started via a transaction checks whether the authorization exists and whether the user is allowed to perform the selected operation.
Every large company has to face and implement the growing legal requirements. If the use of an authorization concept is to be fully successful on this scale, the use of an authorization tool is unavoidable. For medium-sized companies, the use of an authorization tool is usually also worthwhile. However, decisions should be made on a case-by-case basis.
Authorization objects
You have already created roles for SAP CRM and would like to add additional external services? Nothing easier than that! Create PFCG roles for the SAP CRM Web Client, typically so that you complete the customising of the CRM business role before creating the PFCG role, based on this customising. However, the customising of the CRM business role may be updated. The PFCG role must now also be adjusted, otherwise the newly configured area start pages or the logical links will not be visible. However, there is no automatism for this, as it exists during the initial creation of the role menu. You must apply the adjustment manually in the PFCG role.
SAP authorizations control the access options of users in an SAP system, for example to personal data. Managing this access securely is essential for every company. This makes authorization concepts, authorization tools and automated protection of the SAP system all the more important.
Authorizations can also be assigned via "Shortcut for SAP systems".
However, this only applies to applications that access files using a specified path.
The website www.sap-corner.de offers a lot of useful information about SAP authorizations.
Here, too, it is possible to create security and an overview with the help of tools for HR authorizations.