PROGRAM START IN BATCH
Maintain permission values using trace evaluations
Communication users are also intended for use by people who log on to the SAP system from outside via RFC call. Therefore, dialogue is not possible. If the password is set by the administrator, it will be assigned Initial status. However, an RFC call does not prompt the user to change the password. It therefore often retains this status, even if the user has the possibility to change the password by calling a function block (then: Status Productive). The password rules apply to this type of user. However, this is often not noticed in practice, as password rules for initial passwords are less used.
After successful implementation of your permission check, the new authorization object for your application must be maintained in transaction SU24. If your solution is distributed in other system landscapes, the authorisation proposals in the transaction SU22 are maintained. In addition, with the permission proposal value maintenance, you can make sure that the new authorization object is not forgotten in a role system, because it is now loaded automatically into the PFCG role when the application is called up via the role menu. In the final step, the permission administrator can create the PFCG role or must remix the existing PFCG roles.
Query the Data from an HCM Personnel Root Record
You noticed that the maintenance status of the permissions in PFCG roles changes when you maintain, change, or manually add authorization objects? Find out what the permission status is. When deleting or adding transactions in the role menu of PFCG roles, the respective permissions in the PFCG role have the Maintenance Status Standard. Add or change the permissions, the Maintenance Status changes to either Care or Changed. You may have seen the Maintenance Status Manual before. What are the background to this maintenance status and what do they actually say?
To calculate the recommendations, you can filter the SAP notes by their productive system, by the SAP solution, and by the applications and components, by the technical system name, and by the time of publication. The recommendation is issued in the following categories: Security-relevant SAP information, information on performance optimisation, HotNews, information on changes in legal regulations, and notes on corrections in the ABAP system.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
After generating and saving the role, you will be returned to eCATT.
Many innovations make this work easier and make the whole process more transparent.