Client Copy / Export
SE38 ABAP Editor
For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.
In the past, when we deployed SAP environments, we first had to work out a detailed sizing and architecture and pass it on to the procurement team, which then ordered the systems and installed them in the data center. From there, it went on to the network team, the storage team, the operating system team, and the database team. So it was not uncommon for three to six months to pass between the architecture design and the installation of a new SAP system.
What should an SAP administrator be able to do?
Through a sound expertise in the SAP technology environment, it is recommended to bring the know-how of the SAP basis into the IT strategy and IT roadmap. For this, the responsibility lies primarily with the CIO as the carrier and responsible of the IT strategy and the IT organisation. Likewise, the SAP basis should serve as a sparring partner for individuals and boards (such as enterprise architects) that significantly influence the strategy.
A user name without a restricted character set can be a security risk. Therefore, it is advisable that you restrict the character set of the user ID. In this article you will learn where the dangers lie if you do not limit the user ID. I also explain how to eliminate this security risk.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP base.
It's not just the money he lacks.
A large amount of testing quickly pushes the cost-benefit ratio into the realm of inefficiency, because the time required for testing drives up costs.