User master data
Solution approaches for efficient authorizations
The SAP NetWeaver Application Server ABAP 7.31 changed the way the transaction SU25 works, especially from step 2a to the automatic suggestion value matching with SAP values. Now, this compares which records have been updated using time stamps. This makes it possible to run Step 2a separately for software components installed afterwards. Another advantage is that the objects to be edited can be better identified due to the time stamp. Before SAP NetWeaver 7.31, the applications to be matched for step 2a have been registered with their base release versions, which you can see in the USOB_MOD or TCODE_MOD tables.
Which users have a specific role (PFCG)? To answer this question you start with the transaction PFCG - the mother of all transactions in the environment of SAP roles and authorizations. Select a role and click on the "Users" tab.
Define a user group as mandatory field in the user root
Access to personal data in a company is a sensitive issue. It is essential to manage this access securely and to be able to provide information at any time about who has access to the data, when and in what way - and not just for the sake of the auditor. For this reason, the topic of SAP authorizations is a very important one, especially for the HR department.
"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.
At "www.sap-corner.de" you will also find a lot of useful information on the subject of SAP authorizations.
For an overview of the usage data already stored in the system, see the SWNC_COLLECTOR_GET_DIRECTORY function block (GET_DIR_FROM_CLUSTER = X input parameter).