Create order through role-based permissions
Temporarily disable Central User Management
Single role - Created using the role administration tool, it enables the automatic generation of an authorization profile. The role contains the authorization data and the logon menu of the users.
Our example role MODELING makes it clear that it is possible to assign different types of privilege to a role. The SAP HANA Studio shows you in the administration interface which user (the so-called grantor) has assigned the respective privilege to this role (granted). By filtering and sorting, you can optimise the appearance of the role content. Depending on the type of privilege, you will be presented with the appropriate details by selecting an entry.
Important components in the authorization concept
If you want to use reference users and use the User menu, you should also ensure that users also see the role menus associated with reference users. To do this, enter the corrections in SAP Note 1947910. They include two switches for customising in the SSM_CUST table.
Another option is to not assign the SAP_NEW permission to a user. For example, during the tests to be performed, both the development system and the quality assurance system will experience permission errors. These should then be evaluated accordingly and included in the appropriate eligibility roles for the correct handling of the transactions.
Authorizations can also be assigned via "Shortcut for SAP systems".
Some useful tips about SAP basis can be found on www.sap-corner.de.
The SAP HANA Studio application is available for maintaining and assigning HANA permissions to users.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
With the introduction of security policy, it is now possible to define your own security policy for System or Service users.