SAP Authorizations Evaluation of the authorization check SU53 - SAP Admin

Direkt zum Seiteninhalt
Evaluation of the authorization check SU53
Check Profit Centre Permissions in FI
This solution is only available via a support package starting with SAP NetWeaver AS ABAP 731 and requires a kernel patch. For details on the relevant support packages, see SAP Note 1891583. In principle, user login to the application server can then be restricted by setting the new login/server_logon_restriction profile parameter.

You want to document internal system revisions and authorisation monitoring? The new cockpit of the Audit Information System offers you some practical functions. There are several legal requirements that require a regular audit of your SAP system. As a general rule, there are internal and external auditors who carry out such audits. In addition, user and permission management can set up their own monitoring of permissions to avoid unpleasant surprises during audits. Auditor documentation is often standardised in the case of external auditors; for the internal audit or your own monitoring, however, in many cases a suitable documentation is missing. In spite of automated evaluations, external auditors often also demand an activation of the Audit Information System (AIS). We will show you how to activate the AIS and take advantage of the new AIS cockpit.
Challenges in authorization management
You can translate text blocks in permission roles individually using the SE63 transaction. If you need to translate many roles, there are also automation options that we present here. There are several scenarios in which it becomes interesting to translate the texts of permission roles, for example, if your company is acting internationally. Also, you may have taken over a third party company and the SAP systems used there, or you may want to simplify the SAP system landscape by combining different divisions in one system. In all of these cases, you must standardise or translate the texts of the authorisation roles. For pure translation, you can use the transaction SE63, which we explain in the first section of this tip. In general, however, you will need to translate a large number of role texts in these scenarios; Therefore, in the second section we will explain how you can automate the translation using the LSMW (Legacy System Migration Workbench) transaction and will discuss how to set up a custom ABAP programme.

If a transaction is removed from the role menu, the default permission is deleted when mixing. However, this only applies if no further transaction requires this permission and therefore uses the same permission proposal. This applies to both active and inactive default permissions.

Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.

SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.


This improves the completeness of the recorded RFC usage data.

A note box in which data of all kinds can be quickly filed and retrieved. This is what Scribble Papers promises. At first, the program looks very spartan. But once a small structure is in place, you realise the great flexibility of this little helper.


Therefore, use a risk analysis to select the topics and processes that should be at the top of the list when securing.
Zurück zum Seiteninhalt