Permissions with status
Evaluate licence data through the Central User Management
The downloading of the table must be monthly. You can also make downloading easier; Frank Buchholz presents programmes that you can use in his blog (see http://wiki.scn.sap.com/wiki/display/Snippets/Show+RFC+Workload+Statistic+to+build+authorizations+for+authorization+object+S_RFC). Optionally, the next step is to identify function groups for the function blocks. You can find them in the AREA field of the ENLFDIR table. However, we recommend granting permissions at the function block level, because function groups often contain a large number of function blocks and the accessibility is expanded unnecessarily.
The four important concepts of SAP security first require a certain amount of effort. They not only have to be coordinated, formulated and made available, but also continuously updated and, above all, actively implemented. Nevertheless, the return on investment is high, because they prepare for all eventualities, provide audit security, and also offer a high level of protection for the SAP system and thus for the company itself.
Change management
It is important for consolidated financial statements to have the same number range in the G/L account masters in different company codes. This is ensured by the tools in the FI module. In addition, the master records can be adjusted so that it is possible to work with the different currencies of the company codes across countries.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
As the rolls pass, the value ranges for the field in question are searched within a role. Automatic cleanup occurs by writing both value ranges together in all fields. Therefore, you should clean up these entries before you start and create two different roles if necessary. The PFCG_ORGFIELD_CREATE report provides a test run that allows you to identify all the affected roles. The Status column provides an overview of the status of the permission values. If the status is yellow, there are different value ranges for the field within the role; the role must therefore be adjusted.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
There is the possibility to link multiple tables (join), which makes multiple SE16 queries just one SAP query.
Maintain these in multiple development systems or mandates, and if you now want to transport the rolls with their generated profiles, there is a risk that the profile numbers will be the same, as the profile names consist of the first and third characters of the system ID and a six-digit number.