SAP Authorizations Authorization concepts in SAP systems - NW Admin

Direkt zum Seiteninhalt
Authorization concepts in SAP systems
Activity level
If you want to allow users to access only individual table rows, you can use the S_TABU_LIN authorization object, which allows access to specific rows of a table for defined organisational criteria. A prerequisite for this type of permission is that the tables have columns with such organisational values, such as the work, country, accounting area, etc. You must now configure these organisational values in the system as organisational criteria that represent business areas; serve as a bridge between the organisational columns in the tables and the permission field in the authorization object. Since the organisational criteria are found in several tables, this eligibility check need not be bound to specific tables and can be defined across tables.

On the one hand, sensitive company data must not fall into the wrong hands, but on the other hand, they also form an important basis for decisions and strategic company directions. Avoid a scenario of accidentally accessible data or incomplete and thus unusable reports by implementing your SAP BW authorizations properly.
Query Data from a Local Table
You can use the BAdI SMIME_EMAIL of the SMIME extension spot and implement the CERTIFICATE_RETRIEVAL and CERTIFICATE_SELECTION methods according to your requirements. This BAdI is called whenever an encrypted e-mail is sent. An extension allows you to search for a valid certificate at run time (for example, the one with the longest validity) to the recipient's email address in a source you defined. In the default implementation, the BAdI searches for the certificate in the Trust Manager's address book. For details on the availability of BAdIs, see SAP Note 1835509.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.


This function was not part of the standard delivery. With the support package named in SAP Note 1860162, the transaction SAIS_SEARCH_APPL is now delivered. This transaction allows you to verify that other applications have startup properties similar to those available in a particular application. For example, we searched for applications with similar functionality as the PPOME transaction provides.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

However, you want to keep your SU24 data and add to the proposed changes for the new release!

In the course of authorization planning, a company should determine which authorizations are to be considered critical, which roles may receive which critical authorizations or values for critical authorization fields, and so on.
NW BASIS
Zurück zum Seiteninhalt