SAP Authorizations Compare Role Upgrade Permissions Values - SAP Stuff

Direkt zum Seiteninhalt
Compare Role Upgrade Permissions Values
Basic administration
If you want to set the table logger check for multiple tables, you should note that the principles for changing Dictionary objects apply, i.e. you will generate increased system loads in running systems. Therefore, you should make both the modification and the transport of the changes outside of business hours. The SAP system only provides customising tables for table logging by default; so you don't have to worry about performance. Tables that serve to customise typically contain relatively little data that is rarely changed. However, you should not turn on table logging for tables that are subject to mass changes, as there may be performance and disk space issues. This applies to tables with root or movement data. After all, if table logging is enabled, a log entry in the DBTABLOG table is generated for each change to the contents of a logged table.

You cannot increase the retention time afterwards; Therefore, you should adjust the configuration in good time before starting a project. In addition, you should change the settings of the stat/rfcrec and stat/rfc/distinct profile parameters. For example, you should increase the value of stat/rfcrec to 30, and stat/rfc/distinct should be set to 1. This improves the completeness of the recorded RFC usage data. For details on the technical improvements, see SAP Note 1964997.
What are SAP authorizations?
You know that changing your SU24 data involves mixing the roles in question. Previously, the permission administrators had to select roles from, for example, the SUIM transaction to edit them. Often, the remixing of the respective roles is also forgotten. In order to ensure that you can set the mixing mode for the respective roles directly when maintaining the data in the transaction SU24, the function has been provided here with the respective support packages named in SAP Note 1896191. Correction is used to change the mixing mode for PFCG: On/Off/Roles. The function assigns the shuffle mode to the roles, which corresponds to step 2c of the transaction SU25 (see tip 43, "Customise Permissions After an Upgrade"). You can enable this function by using the value Y for the parameter SU2X_SET_FORCE_MIX in the table PRGN_CUST. The status of the mixing mode can be checked by clicking the button Mixing mode for PFCG: Enquire On/Off. By default, this feature is off. The Roles button (Use in Single Roles) identifies all the roles that the selected application contains and displays them directly in the SU24 transaction. You will receive a list of all matching roles in the SUPC transaction by selecting the Also-to-be-matched roles option, and you can now gradually update the roles.

During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.

The website "www.sap-corner.de" offers a lot of useful information about SAP authorizations.

When you run the report, you will notice that the external services for your own developments are not present and therefore do not appear in the role menu.

SAP Stuff
Zurück zum Seiteninhalt