User Information System SUIM
Equal permissions
If you want to understand how to run a permission check in your code, you can use the debugger to move through the permission check step by step. To implement your own permission checks, it may be helpful to see how such checks have been implemented in the SAP standard. In this tip, we show you how to view the source code of permission checks using the debugger in the programme, or how to get to the code locations where the permission checks are implemented.
Do you want to automatically monitor the security settings of your systems and receive convenient evaluations? We will explain how to use configuration validation. If you have a large SAP system landscape in use, the control of the many different security settings can be complex. You define your security requirements for the entire SAP system landscape; they concern, for example, the settings of the profile parameters, the handling of safety instructions or critical permissions that may only be assigned to emergency users. You can define these requirements in the SAP Solution Manager Configuration Validation application and evaluate compliance with these requirements in all systems.
Add External Services from SAP CRM to the User Menu
With regard to the SAP authorization system, roles and the associated authorization objects, fields and values represent the foundation. Therefore, these check criteria are in the special focus of the authorization analysis of security-relevant characteristics of each authorization administrator. The report RSUSRAUTH is used to display role or authorization data in the respective client. The report analyzes all role data that are anchored in the table AGR_1251. This allows you to quickly find and clean up incorrect and security-critical authorizations not only by selecting the maintenance status of the authorizations, but above all by storing certain authorization objects and controlling them. This ad hoc analysis thus offers you a time-saving method of checking many roles at once according to your own critical characteristics. You can then make full use of this program by importing SAP Note 2069683.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
The website "www.sap-corner.de" offers a lot of useful information about SAP authorizations.
Xiting offers you a wide range of services related to SAP Security.