Create order through role-based permissions
Perform upgrade rework for Y landscapes permission proposal values
The Security Optimisation Service for ABAP contains more security checks than the corresponding section in the EWA. In particular, the number of eligibility checks is higher. A total of 110 eligibility tests are currently defined in the SOS, including 16 critical eligibility tests for HR. The full list of all security checks in the SOS can be found in the SAP Service Marketplace on the page https://service.sap.com/sos via Media Library (Security Optimisation Service > ABAP Checks).
Since the role menu has been adjusted, the PFCG role must now also be adjusted. To do this, go to the Permissions tab and select the Change Permissions Data button. If you are using Expert mode, make sure that the Alten Stand default is read and match with new data. Now the new suggested values for this external service are loaded. After you have maintained the PFCG role, you can generate the profile and insert it immediately.
Lock Inactive Users
If you do not maintain the values or set them to a value other than YES, the role menus of the reference user will not be taken into account when setting up the user menu. The two switches are system-wide; It is therefore not possible to define a specific shape for the client. If you set both switches to YES, you will not be able to tell from the user menu entries whether they are from the reference user's or user's role menus. Reference users have another benefit: You can also use it to inherit the contractual user type. A user inherits the classification of the reference user if they do not have any other role or profile mappings with classification, or if they have not been classified manually.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
If you want to know more about SAP authorizations, visit the website "www.sap-corner.de".
To do this, you define your customer-specific security settings technically in a target system.