SAP Authorizations Installing and executing ABAP source code via RFC - SAP Basis

Direkt zum Seiteninhalt
Installing and executing ABAP source code via RFC
Criticality
If you no longer need old audit results, you can archive or delete them with the transaction SAIS via the button (Administration of the Audit Environment). The audit results shall be selected on the basis of the audit structures, the test numbers or the entry date (see figure next page).

Versions are the change documents within the development environment, for example, for changes to ABAP source code or the technical properties of tables. This authorization should only be assigned to an emergency user.
RSRFCCHK
To do this, first define what information should be checked. In the SU20 transaction, verify that the required fields may already exist as permission fields. If you want to check custom fields, you must create your own permission fields in the transaction SU20. Please pay particular attention to the (F4) help provided. When defining customised permission fields, you assign a name in the Field Name field that is in your Customer Name Room and assign the corresponding data element and, if desired, a table name for a value help. The next step is to create your own authorization object and assign your permission fields and, if necessary, default permission fields. If you use the ACTVT field to validate the activity, you must use the Activities allowed button to select the activities that you want to validate from the source code of your programme. For recommendations on the naming conventions for authorization objects, see SAP Note 395083.

The high manual maintenance effort of derived roles during organisational changes bothers you? Use the variants presented in this tip for mass maintenance of role derivations. Especially in large companies, it often happens that a worldwide, integrated ERP system is used, for example, for accounting, distribution or purchasing. You will then have to limit access to the various departments, for example to the appropriate booking groups, sales organisations or purchasing organisations. In the permission environment, you can work with reference roles and role derivations in such cases. This reduces your administrative overhead for maintaining functional permissions and reduces maintenance work for role derivations to fit the so-called organisational fields. However, maintaining the organisational fields can mean enormous manual work for you, as the number of role derivations can become very large. For example, if your company has 100 sales organisations and 20 sales roles, you already have 2,000 role outlets. Here we present possible approaches to reduce this manual effort.

If you get into the situation that authorizations are required that were not considered in the role concept, "Shortcut for SAP systems" allows you to assign the complete authorization for the respective authorization object.

Role selection for mass transport uses the default value help, which offers the Multiple Selection button.

In addition to defining permissions for external RFC access through the S_RFC authorization object, it is possible to prevent external calls to function blocks.
SAP BASIS
Zurück zum Seiteninhalt