Use timestamp in transaction SU25
Lack of know-how
On the one hand, sensitive company data must not fall into the wrong hands, but on the other hand, they also form an important basis for decisions and strategic company directions. Avoid a scenario of accidentally accessible data or incomplete and thus unusable reports by implementing your SAP BW authorizations properly.
Run the System Trace for Permissions (ST01 or STAUTHTRACE transaction) to record permission checks that you want to include in the role (see Tip 31, "Optimise Trace Evaluation"). Applications are logged through the Launch Permissions checks.
BASICS FOR USING SAP REPORTS
In the only method of the BAdIs, CHANGE_ITEMS, programme the necessary checks, such as on specific data constellations or permissions. These can refer to all fields in the FAGLPOSX structure. You do this by specifying that all lines for which the test was not successful will be deleted during the execution of the method. This implementation of the BAdIs complements the Business Transaction Event 1650 described in the second example. You can also use the FB03 transaction to display receipts in the same way that you implement the FB03 filter. In this case, implement the required checks in the BAdI FI_AUTHORITY_ITEM.
The default authorization roles of the new SAP system for consolidation and planning, SAP Group Reporting, are shown in the following graphic. It does not matter whether the system is accessed via the browser (Fiori Launchpad) or via local access (SAP GUI). The authorization roles shown in the graphic merely indicate the technical specifications preset by SAP. However, these can be used as a starting point and adapted accordingly after a copy has been created.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.
When you switch from the Role menu to the Permissions tab, you will generate startup permissions for all applications on the Role menu and display default permissions from the permissions suggestions.
Modified SU24 data is detected and must be matched manually.