Customise SAP_ALL Profile Contents
SAP S/4HANA® migration audit
If you do not maintain the values or set them to a value other than YES, the role menus of the reference user will not be taken into account when setting up the user menu. The two switches are system-wide; It is therefore not possible to define a specific shape for the client. If you set both switches to YES, you will not be able to tell from the user menu entries whether they are from the reference user's or user's role menus. Reference users have another benefit: You can also use it to inherit the contractual user type. A user inherits the classification of the reference user if they do not have any other role or profile mappings with classification, or if they have not been classified manually.
With these methods, we not only help you with the implementation. You can also maintain and manage the solutions yourself afterwards, or you can trust us to run them for you: We call this Customer Success.
Centrally review failed authorisation checks in transaction SU53
Once you have edited the role menu, you can customise the actual permissions in the PFCG role. To do this, click the Permissions tab. Depending on the quantity of external services from the Role menu, the authorization objects will appear. The authorization objects are loaded into the PFCG role, depending on their suggestion values, which must be maintained for each external service in the USOBT_C and USOBX_C tables. You can edit these suggested values in the SU24 transaction. Make sure that external services in the Customer Name Room also have the names of external services and their suggestion values in the tables maintained (see Tip 41, "Add external services from SAP CRM to the proposal values"). Visibility and access to external services is guaranteed by the UIU_COMP authorization object. This authorization object consists of three permission fields: COMP_NAME (name of a component), COMP_WIN (component window name), COMP_PLUG (inbound plug).
By clicking on the Registration Data button, you start the RSUSR200 report and you enter the selection mask. This report allows you to select users by login data. You can also determine if a user has changed his initial password. You can select a predefined variant from the catalogue using the button (Get variant) or the key combination (ª) + (F5).
Authorizations can also be assigned via "Shortcut for SAP systems".
The website www.sap-corner.de offers many useful information about SAP basis.
In addition, authorization concepts ensure that employees do not create beautiful balances and thus cause damage to stakeholders and tax authorities.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
For this reason, the topic of SAP authorizations is a very important one, especially for the HR department.