Evaluate licence data through the Central User Management
Critical authorizations
Each roll can be written to any number of transport orders. Information about existing records of the same role by other administrators does not take place.
Depending on your SAP NetWeaver release status, you must include SAP Note 1731549 or a support package. After that, it is no longer possible to create new users whose names consist only of variants of spaces or non-visible special characters. Changes to existing users are still possible. The customising switch BNAME_RESTRICT, also included in SAP Note 1731549, allows you to control whether you want to allow alternate spaces at certain locations of the user ID.
A complicated role construct
These single roles can also be combined into composite roles. I recently discussed the special features of this in the article "SAP Authorizations Mass Maintenance Single Role Assignments in Composite Roles per Function Module (FuBa) or Transaction Code", but here I would rather discuss the roles and assignment of authorization object field values in role maintenance with the PFCG for an authorization overview.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
The SAP Solution Manager is the central platform for all technically supported services, because information about the connected systems is available when you schedule data collections for these systems via background jobs. The documentation for the safe operation of SAP systems is compiled in the SAP End-to-End Solution Operations Standard for Security (Secure Operations Standard). It provides an overview of security aspects of SAP operations and is designed to guide you through the available information and recommendations and to refer you to relevant content.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
By default, the profile parameter is active in SAP systems (profile parameter transport/systemtype = SAP) and inactive in customer systems (profile parameter transport/systemtype = CUSTOMER).
User master record - Used to log on to the SAP system and grants restricted access to SAP system functions and objects via the authorization profiles specified in the role.