Permissions objects already included
Permission implementation
First, select the authorization object that you want to maintain. There can be multiple permissions for each authorization object. Then load the trace data by clicking the Evaluate Trace button. A new window will open again, where you can set the evaluation criteria for the trace and limit the filter for applications either to applications in the menu or to all applications. Once the trace has been evaluated, you will be presented with all checked permission values for the selected authorization object. With the Apply button, you can now take the values line by line, column by column, or field by field. In the left part of the window, you will see the permission values added to the suggestion values already visible. After confirming these entries, you will be returned to the detail view of your role. You can see here the additions to the permission values for your authorization object.
Transaction SU53 can be used to immediately display the missing authorizations for a single SAP user. This is advantageous when individual background processing or activities are not executed correctly and the cause is suspected to be missing authorizations. In this way, the cause of the error can be narrowed down more quickly.
SIVIS as a Service
In addition to your custom authorization objects, you must also express the other relevant CO-PA authorization objects in your users' permissions. As a rule, you must limit access to the result reports of the K_KEB_REP object to the result area and the report name, and limit the functions of the information system in the K_KEB_TC object, such as executing or updating reports. You also need permissions to maintain the authorization objects in customising the result and market segment calculations. To do this, assign permissions to the K_KEPL_BER object. In the CERKRS field, define the result area for which authorization objects are created, and in the ACTVT field, define the activity, where the action 02 is Create and Modify.
The topic-related audit structures are created based on area menus. On the one hand, SAP default audit structures are offered, and on the other hand, you have the possibility to create custom audit structures as area menus. The advantage of the audit structures as area menus is that you can use existing area menus or simply create new area menus. The SE43 transaction gives you an overview of the existing area menus; It is also used to maintain and transport area menus.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
For example, a parameter transaction allows you to call tables through the SE16 transaction without having to specify the table name in the selection screen because it is skipped.
They fall under the customising and can only contain four characters until SAP NetWeaver 7.31 SP 2.