Adjust tax audit read permissions for each fiscal year
PROGRAM START IN BATCH
Role credentials saved by the last edit are displayed. This option is not recommended if transactions have been changed in the Role menu.
The S_RFCACL authorization object is removed from the SAP_ALL profile by inserting SAP Note 1416085. This notice is included in all newer support packages for the base component; This affects all systems down to base release 4.6C. The reason for this change is that the S_RFCACL authorization object, and especially the expression "total permission" (*), is classified as particularly critical for its fields RFC_SYSID, RFC_CLIENT and RFC_USER. These fields define from which systems and clients or for which user IDs applications should be allowed on the target system. Thus, the overall authorisation for these fields allows the login from any system and client or for any user and thus creates significant security risks.
Perform upgrade rework for Y landscapes permission proposal values
In the PRGN_CUST table, set the customising switch REF_USER_CHECK to E. This prevents you from using other types of users than reference users. This switch only affects new mappings; You should manually clean up any existing mappings of other user types.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
Over the course of time, many companies experience profound changes in the framework conditions that significantly influence SAP® authorization management. Not uncommon are subsequent requirements from the area of compliance (SOX or similar) or the increased need for protection.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
Please note that depending on the results of the RSUSR003 report, a system log message of type E03 is generated.
In this option, the profile generator will match the pre-existing permissions data with the SU24 transaction permission proposals from the role menu.