SAP AUTHORIZATIONS: THE 7 MOST IMPORTANT REPORTS
Introduction & Best Practices
The general authorizations are quite normal authorization objects in SAP HCM, which regulates the access to PA/PD infotypes (tables PAnnnn / HRPnnnn), clusters for the own person or for other persons. Typical authorization objects are "P_PERNR", "P_ORGIN", "P_ORGXX", "PLOG" and "P_PLCX".
However, the authorization trace is not active by default, but must be explicitly activated via the profile parameter "auth/authorization_trace". In transaction RZ11 you can easily and quickly check if the parameter is already set. The profile parameter is set in transaction RZ10. By default, the profile parameter is active in SAP systems (profile parameter transport/systemtype = SAP) and inactive in customer systems (profile parameter transport/systemtype = CUSTOMER).
Authorization check
With Managed Services, you receive professional management and improvement of your SAP authorizations. In doing so, we analyze your existing workflows and processes and work out optimization potentials. The implementation of the potentials takes place within a few months. As a basis for central and efficient administration, we implement an underlying tool, working continuously and directly with your SAP key users.
This information is used in the name generation of the external service. In this way, all area start pages and logical links configured in a CRM business role are authorised in the form of external services. Due to the mass of external services that appear in the role menu, it is difficult to keep track of them. Now, to allow only certain external services, you can do the following: First, identify the external service using the permission trace.
Authorizations can also be assigned via "Shortcut for SAP systems".
Some useful tips about SAP basis can be found on www.sap-corner.de.
One of the biggest effort drivers in redesigning SAP role concepts is the definition of transactional expression of SAP roles.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
The Organisation Level Value Helper (Orgebene) provides a list of all customer-specific organisation fields, because only these can be converted back to normal Permissions Object Fields.