SAP Authorizations Add External Services from SAP CRM to the User Menu - SAP Stuff

Direkt zum Seiteninhalt
Add External Services from SAP CRM to the User Menu
Limit character set for user ID
You are using the SAP_ALL profile for interface users, and after upgrading to a new Support Package, do you get permission errors? While we cannot recommend using the SAP_ALL profile, we describe how you can resolve this problem in the short term. In newer SAP NetWeaver releases, the SAP_ALL profile no longer contains permissions for the S_RFCACL authorization object. This can lead to permission errors, such as for interface users who have the SAP_ALL profile assigned to them. Please note that we can only recommend using the SAP_ALL profile for absolute emergency users. Therefore, instead of applying this tip, you should preferably clear the permissions of your interface users. To learn how to do this, see Tip 27, "Define S_RFC permissions using usage data." However, such a cleanup of the privileges of your interface users cannot happen overnight. Therefore, we will explain how to resolve the issue in the short term.

The next step is to maintain the permission values. Here, too, you can take advantage of the values of the permission trace. When you switch from the Role menu to the Permissions tab, you will generate startup permissions for all applications on the Role menu and display default permissions from the permissions suggestions. You can now add these suggested values to the trace data by clicking the button trace in the Button bar.
Efficient SAP rollout through central, tool-supported management
In particular, you can derive valuable information about customer transactions, since experience has shown that not all transactions are used. In this context, it is important to mention that you should only use the usage data logged and extracted from the SAP system for the optimisation of SAP role concepts. This information may only be used with the involvement of a co-determination body of your organisation, since this information can of course also be derived from individual users for performance control purposes. However, experience has shown that the use of these data with an early involvement of the institutions of codetermination and the definition of earmarks is uncritical.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

At "www.sap-corner.de" you will also find a lot of useful information on the subject of SAP authorizations.

In case of missing authorizations, SAP Basis also helps with an authorization trace in addition to the well-known SU53 for a more detailed analysis of authorization objects.

SAP Stuff
Zurück zum Seiteninhalt