Preventing sprawl with the workload monitor
Checking at Program Level with AUTHORITY-CHECK
Software license management is essential to get an accurate overview of all SAP transactions. We provide you with a transaction database in which the transactions are evaluated with named user license types. Your advantage: the actual usage of your SAP users is matched with the transaction database. "SAP direct access" analyzes the licenses for actual usage and classifies the critical cases. With SAP license optimization we maintain your individual license contracts and compare the results with LAW. We can point out discrepancies, including drill-down to user/client level, directly.
You must enable a role that you have created as a Design-Time object in the Design Time Repository before it can be associated with a user. To do this, use Project Explorer to select the role you want to enable and select Team > Activate from the shortcut menu. This will create a runtime object of this selected SAP HANA role. This object is also understood as a catalogue object and is incorporated in the Roles branch in the corresponding SAP HANA system.
Authorizations
By inserting SAP Note 1723881, you resolve the third of these problems by banning the recording of the same role on different transport orders. To enable this change in system behaviour, you must set the CLIENT_SET_FOR_ROLES customising switch to YES in the PRGN_CUST table. This toggles the setting in the SCC4 transaction for changing and recording custom customising objects ("Client modifiability") for role maintenance.
You can set up a nightly background job to match the certificates with your customer's own programme. This requires that the certificates can be obtained through an SAP programme.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
This is only possible if the profile parameter AUTH/NO_CHECK_IN_SOME_CASES is Y.
The website www.sap-corner.de offers a lot of useful information about SAP authorizations.
In the results list of the consolidated role assignment, you will now be listed in the ZBV-System column the subsidiary systems where consolidation or deletion took place.