Use automatic synchronisation in central user management
Customise evaluation paths in SAP CRM for indirect role mapping
Permissions in the Permission Tree with status are only deleted if the last transaction associated with the permission has been deleted from the Role menu. Delete and recreate the profile and permissions All permissions are created anew. Previously maintained, changed or manual values will be lost and deleted. The exception here is the values that are filled by the organisation levels.
When it comes to preparing for the auditor, it should definitely be checked whether all critical authorizations, as well as the important parameters, have been correctly assigned or set up in SAP®. The specifications for this should all be defined in the authorization concept documented in writing and must also be consistent with this. In this context in particular, however, it is not always easy to check all the essential points using the SAP® standard on-board tools. This is where the experienced auditors at IBS Schreiber GmbH can provide support.
User Management
The user's access to this program is realized by assigning a role that contains the required transaction including the authorization objects to be checked. A role can contain a large number of authorization objects.
If, after an upgrade or after inserting a support package, you have used the SU25 transaction with steps 1 or 2a to bring suggested values to the latest SAP system state, you must restore the suggested values to the customer's organisation levels with the PFCG_ORGFIELD_UPGRADE report. To do this, you must run the report for each field, with the report's search engine showing only the affected organisation levels.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
If there are no suitable authorizations for the table authorization group, the system checks the name of the table or view, object S_TABU_NAM.
You can also find some useful tips from practice on the subject of SAP authorizations on the page www.sap-corner.de.
The four important concepts of SAP security first require a certain amount of effort.