Analyze user buffer SU56
Understanding SAP HANA Permissions Tests
The selection mask for selecting change documents in the transaction SCUH is divided into four sections: Standard selection (similar to other SUIM reports), output, selection criteria, and distribution parameters. In the default selection you have the option to specify for which model view, for which modifier (Modified by) and for which time period you want to view change documents.
You can also remove customer-specific organisational levels and convert them to a simple permission field. The report PFCG_ORGFIELD_DELETE serves for this purpose. It removes the permission field from the USORG table and changes the permission proposal values to that field. Finally, it goes through all the rolls that contain a shape to the field. However, it does not restore the old location of the field, because summarised values will no longer be separated when the field is elevated to the organisational level. Instead, the aggregated values are entered separately in each field. The PFCG_ORGFIELD_DELETE report also provides a value aid that shows only the customer's organisational levels. You can also use this value aid to determine all customer-specific organisational levels.
Map roles through organisational management
You can greatly facilitate the maintenance of permissions in controlling by defining the RESPAREA field as the organisational level, and thus using your cost centre and profit centre hierarchies. In the SAP system, you can define cost centre hierarchies and profit centre hierarchies. For example, they can map the expiration organisation or a matrix organisation in your company. To facilitate the mapping of permissions for the controlling reports, you can grant permissions to nodes in those hierarchies. You can do this by assigning permissions through the RESPAREA field, which is used in certain authorization objects in the controlling. We would like to facilitate the creation of roles for these permissions by explaining to you which activities are necessary in advance to define the RESPAREA field as an organisational level.
In the IT sector, we have to face new challenges every day. New technologies require us to act accordingly in order to always keep the current system landscape up to date, to strengthen our position on the market and, of course, to gain a technological edge over other competitors. This is also reflected in the corresponding SAP system landscape. Read in the two-part blog series why an authorization concept should be considered as early as possible in a project phase - especially when converting to SAP S/4HANA.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
Misuse of SAP authorizations becomes more difficult and the company is thus protected from significant financial damage as well as reputational damage.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
Even if you find the email address in the AD, we advise you not to send the email from there.