Use AGS Security Services
Maintain permission values using trace evaluations
Until now, there were no ways to define different password rules or password change requirements for these users. Today, this is possible with the security guidelines that you assign to users and clients. In the following we will show you how to define security policies and how they work.
For accesses by verifier users (from the table TPCUSERN), the selection parameters of the invoked transaction are logged in the application log and can be evaluated with the report CA_TAXLOG. In the example, the single ledger entry for the vendor account 100000 was invoked.
Redesign of SAP® Authorizations
Trace after missing permissions: Run the System Trace for Permissions (ST01 or STAUTHTRACE transaction) to record permission checks that you want to include in the role (see Tip 31, "Optimise Trace Evaluation"). Applications are logged through the Launch Permissions checks.
Make sure that reference users are assigned minimal permissions to avoid overreaching dialogue user permissions. There should be no reference users with permissions that are similar to the SAP_ALL profile.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
In this way, you exclude misuse by modified copies of ABAP programmes.
This checks whether the selected user is authorised to run the specified ABAP programme or external command.