Permissions objects already included
Check and refresh the permission buffer
If there are no buttons for copying and pasting in the PFCG transaction, you can simply insert them. Only seven lines are displayed in the dialogue box to maintain field values to properties in transaction PFCG. Up to now it was not possible to insert more than these seven lines at once from the clipboard. However, this may often be necessary in the context of the maintenance of permissions, for example if you want to use entries from other roles. Read how to copy and paste the buttons in the dialogue box to maintain field values to the authorization objects.
The downloading of the table must be monthly. You can also make downloading easier; Frank Buchholz presents programmes that you can use in his blog (see http://wiki.scn.sap.com/wiki/display/Snippets/Show+RFC+Workload+Statistic+to+build+authorizations+for+authorization+object+S_RFC). Optionally, the next step is to identify function groups for the function blocks. You can find them in the AREA field of the ENLFDIR table. However, we recommend granting permissions at the function block level, because function groups often contain a large number of function blocks and the accessibility is expanded unnecessarily.
Assign SAP_NEW to Test
For even more extensive operations on jobs, there must be an authorization for object S_BTCH_ADM, in which the field BTCADMIN (identifier for the batch administrator) has the value 'Y'. This allows cross-client operations on any job. S_BTCH_ADM with value 'Y' thus also contains the objects S_BTCH_JOB action * and S_BTCH_NAM and S_BTCH_NA1 with user/program = *. Therefore, this is a very critical authorization because it allows an identity change. With the changes mentioned in note 1702113, the S_BTCH_ADM object can be used to restrict the authorization assignment more precisely.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
Small companies would theoretically benefit from an authorization tool. However, in many cases the tools are too costly, so the cost-benefit ratio is usually not given.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
Access options and authorizations are defined and controlled in the SAP authorization concept.
This is done by analogy when you use the Central User Administration (ZBV).