Maintain authorization objects more easily
SAP Authorization Trace - Simple Overview of Authorizations
In Step 2b (Customised Proposal Values), you must manually adjust the entries that you manually changed in the SU24 transaction in the initial release. This will start the SU24 transaction in upgrade mode, and you can step by step through all applications and match the changes. If you have created custom organisational levels (ormits), you must restore them at this point using the PFCG_ORGFIELD_UPGRADE report. The report must be called for each organisational level. Only the organisation levels that you create are displayed through the Value Help. SAP Note 727536 lists questions and answers about the use of customer-specific organisational levels.
Authorizations are assigned to users in SAP systems in the form of roles. The goal is to create a system that is as secure as possible and to keep the complexity and number of roles as low as possible. This is the only way to achieve a balanced cost-benefit ratio.
Maintain derived roles
A user trace is therefore also a trace over a longer period of time. Currency of the trace execution, the authorization check is recorded exactly once for each user.
The goal is for SAP SuccessFactors users to maintain an overview of roles and authorizations in the system. Analysis and reporting tools help to achieve this. At ABS Team, we use our own combination of an SAP SuccessFactors solution and external documentation for this purpose. As the first graphic shows, our approach is built on a delta concept: all SAP authorizations and processes function independently of each other.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
Diese Abfrage können Sie aber auch mithilfe des Profilparameters login/password_change_for_SSO ausschalten.
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
You must confirm this window.