Change management
Authorization tools - advantages and limitations
If you use the option described by us to reload the change documents into a shadow database, you should also run the report SUIM_CTRL_CHG_IDX after each reload operation, marking the field Indexes loaded change documents. In this case, all reverse-loaded change documents shall be taken into account. Before doing so, all index entries must be deleted; This can lead to a long run of the report.
The SAP authorization concept protects transactions, programs, services and information in SAP systems against unauthorized access. Based on the authorization concept, the administrator assigns users the authorizations that determine the actions this user can perform in the SAP system after logging on and being authenticated.
User Information System (SUIM)
Conceptually, the user types Database User and Technical User are distinguished. Database users are users that represent a real person in the database. As soon as a Database User is deleted, all (!) database objects created by this Database User are also deleted. Technical users are users who perform technical tasks in the database. Examples include the SYS and _SYS_REPO users, which allow administrative tasks such as creating a new database object or assigning privileges.
When considering the security of SAP transport landscapes, it is not only the production system that is relevant for auditing. The other systems, including the development systems, must also be included in the risk considerations. The SAP_ALL profile is still frequently used there instead of concrete roles. This article identifies the main risk areas.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
For recommendations on the naming conventions for authorization objects, see SAP Note 395083.
If you want to know more about SAP authorizations, visit the website www.sap-corner.de.
For details on the technical improvements, see SAP Note 1964997.