SAP Authorizations Maintenance Status - SAP Basis

Direkt zum Seiteninhalt
Maintenance Status
Add New Organisation Levels
Standard users such as SAP* or DDIC should also be implemented correctly in accordance with the authorization concept or SAP's recommendations. An important preparatory action here is to check whether the passwords have been changed for all standard users.

Remove improperly defined SAP Orgebene ($CLASS): This function deletes the $CLASS organisational level that was incorrectly delivered with the GRCPlug-in (Governance, Risk and Compliance). Use the test mode of the report to look at possible corrections in advance.
Permissions checks
There may be other objects associated with the site that you can also assign a PFCG role to. As in our organisation chart, you can assign three different PFCG rolls to the user. You can assign the PFCG roles to either the organisational unit, the post or the post. In this hierarchy, you assign the user as the person of the post. The user is assigned to the person as an attribute and therefore not visible in the organisational model. An HR structure could be mapped via this hierarchy. Since the PFCG roles are not directly assigned to the user but to the objects in the Organisation Management and the user is assigned to the PFCG roles only because of his association with these objects, we speak of an indirect assignment.

For each area, the connection to other modules is the first priority. For example, for the Controlling division, the connection to the Finance division is first established by connecting the accounting area (FI) to the cost accounting area(s). The assignment of the cost accounting area to the result area is then an internal allocation within the controlling. If no allocations are found for certain valid organisational values, one of the two modules or the relevant functional area shall not be used for the organisational units of the enterprise.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

In the only method of the BAdIs, CHANGE_ITEMS, programme the necessary checks, such as on specific data constellations or permissions.

Application Privileges: Application Privileges are specific permissions to access applications based on the features of SAP HANA Extended Applications Services (SAP HANA XS).
SAP BASIS
Zurück zum Seiteninhalt