Basics SAP Authorizations including Fiori - Online Training
Coordinate authorisation management in customer-owned programmes
You can set up a nightly background job to match the certificates with your customer's own programme. This requires that the certificates can be obtained through an SAP programme.
You have already created roles for SAP CRM and would like to add additional external services? Nothing easier than that! Create PFCG roles for the SAP CRM Web Client, typically so that you complete the customising of the CRM business role before creating the PFCG role, based on this customising. However, the customising of the CRM business role may be updated. The PFCG role must now also be adjusted, otherwise the newly configured area start pages or the logical links will not be visible. However, there is no automatism for this, as it exists during the initial creation of the role menu. You must apply the adjustment manually in the PFCG role.
Reference User
For an overview of the active values of your security policy, click the Effective button. Note that not only the attributes you have changed are active, but also the suggestion values you have not changed.
It is very important that critical authorizations are generally subject to a monitoring process in order to be able to ensure that they are assigned in a productive system in a very restricted manner or not at all. Law-critical authorizations in particular, such as deleting all change documents, debugging ABAP programs with Replace, and deleting version histories, must never be assigned in a production system, as these authorizations can be used to violate the erasure ban, among other things. It must therefore be ensured that these authorizations have not been assigned to any user, not even to SAP® base administrators.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
Because this transaction shows the last failed permission check.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
To do this, administrators should obtain an overview and the assigned authorizations should be checked regularly.