SAP Authorizations Maintain transaction start permissions on call CALL TRANSACTION

Direkt zum Seiteninhalt
Maintain transaction start permissions on call CALL TRANSACTION
Redesign of SAP® Authorizations
For result and market segment accounting, you can define planning authorization objects, the information system, and item-based reports of the information system. In the customising (transaction SPRO), you create them via the following path and then select the corresponding section. Controlling > Income and market segment calculation > Tools > Permissions management > CO-PA specific eligibility objects.

As a role developer, you can now select the specific application in the PFCG transaction from the list of web dynpro applications published by the software developers on the Menu tab and enter it in the Role menu. To generate the role profile, switch to the Permissions tab. There you can check the concrete value expressions of the S_START permission fields and, if necessary, the additional relevant authorization objects for this Web application and supplement them if necessary. Finally, you must generate the role profile as usual.
If you have an older SAP NetWeaver release than 7.00 installed, only two possible values for the customising switch BNAME_RESTRICT are available after the implementation of SAP Note 1731549. The switch is NO, and you can switch it to ALL, so that the switch takes on the same functionality as in the higher releases.

In addition to these requirements, other settings can ensure that the transaction can be performed without verification: Verification of eligibility objects is disabled by check marks (in transaction SU24). This is not possible for SAP NetWeaver and SAP ERP HCM authorization objects, i.e. it does not apply to S_TCODE checking. The checks for specific authorization objects can be globally off for all transactions (in transaction SU24 or SU25). This is only possible if the profile parameter AUTH/NO_CHECK_IN_SOME_CASES is Y. In addition, executable transactions may also result from the assignment of a reference user; the reference user's executable transactions are also taken into account.

"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.

To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.

Suppose you want to allow access to certain data for specific users or revisors.

If the asterisk is in a different position, it is interpreted as part of the file name, which is not allowed in Microsoft Windows, for example.
SAP Corner
Zurück zum Seiteninhalt