SAP Authorizations - A Common Perspective of Developers and Consultants
Determine Permissions Error by Debugging
This solution is only available via a support package starting with SAP NetWeaver AS ABAP 731 and requires a kernel patch. For details on the relevant support packages, see SAP Note 1891583. In principle, user login to the application server can then be restricted by setting the new login/server_logon_restriction profile parameter.
When were which changes made to a role (PFCG)? In the PFCG, click on Utilities > View Changes in the menu at the top to view the change documents. You will see a detailed list of which user made which change to which object and when.
ICS for business processes in SAP systems
The topic-related audit structures are created based on area menus. On the one hand, SAP default audit structures are offered, and on the other hand, you have the possibility to create custom audit structures as area menus. The advantage of the audit structures as area menus is that you can use existing area menus or simply create new area menus. The SE43 transaction gives you an overview of the existing area menus; It is also used to maintain and transport area menus.
Together with you, we develop suitable authorizations for your systems and processes. In workshops with your departments, we create concepts to assign the required rights to employees. The goal is to define so-called job roles, which represent job profiles at the job level.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
You can also use the trace to search only for permission errors.
Because previously all password rules for the service user were invalid, and now the rules for the contents of the passwords also apply to the service user (see Tip 5, "Defining User Security Policy" for details on security policy).