SAP Authorizations Generic access to tables - NW Admin

Direkt zum Seiteninhalt
Generic access to tables
Authorization concepts - advantages and architecture
Increasingly, it is possible to make use of automation in the security environment. Although these are not yet used by many companies, they are the next step in digital transformation. By using automation intelligently, companies can free up resources for the innovation topics that really matter. In the future, we can expect both the number and power of automation tools to increase. It is therefore only a matter of time before SAP itself also delivers optimized support in the form of tools as standard.

Alternatively, you can maintain this information from the SE93 transaction by selecting a transaction first. You will then be presented with the list of all transactions that can be called from this transaction by using the Tools > Called Transaction Permission menu path. The implementation of SAP Note 1870622 provides a feature enhancement for the SE97 transaction. Among other things, there is the new button Modification Synchronisation. So far, changes in the SE97 transaction have been overwritten by inserting support packages or upgrades. With the modification comparison it is now possible to match your changes with the default values.
Grant permissions for SAP background processing
This type of programming makes sense if large amounts of data have to be read. Before starting to read the data from the database, a DUMMY check can be used to quickly determine whether the user is authorized to access part of the data. However, as can be seen from the table above, a code must not only be secured by a general check, but must be supplemented by later, detailed checks. However, even in this context space (or ' ') does not need to be explicitly authorized.

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.


Many tools that offer to simplify care operations of the transaction PFCG work Excel-based. The complete roll data is stored and processed in Excel. Then the Excel file is uploaded with a special programme and generates roles and role changes. While this all looks very comfortable (and probably is at first), it has its drawbacks in the long run.

"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.

If the note is not implemented, use the USOBT_CD and USOBX_CD tables.

However, you should note that these lists do not contain the evaluations of the whitelists.
NW BASIS
Zurück zum Seiteninhalt