SMGW Gateway monitor for instance
Application layer
In addition to proactive monitoring to prevent possible errors or even complete system failures, our SAP Basis team also implements clearly defined authorization concepts. So that unauthorized persons cannot access important data and your employees are protected from unintentional violations.
For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.
I18N Internationalization for SAP
The SAP Basis & Technology department deals intensively with SAP technologies and their application. The possibilities and limits are investigated and corresponding specifications and tools are developed in order to use the technologies profitably. The results and findings are made available to the other alogis areas and implemented in real-life customer projects.
In these cases, you will quickly get the problem under control with a manual user synchronization. This is because the user synchronization checks which roles are assigned to a user and then assigns the current, matching profile. You can run this user synchronization either manually or (my recommendation!) automatically as a background job:
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
And anyway: Biometric security systems and eye transplantation? It's not for nothing a science fiction movie! What does this have to do with RFC security? All right, I can understand your doubts.
On www.sap-corner.de you will also find useful information about SAP basis.
Different levels of personalisation The data can be stored either to the user, to roles or to the system.