Query Data from a Local Table
Note the effect of user types on password rules
This also implies that the change documents must be kept in Excel. The Excel file must not be lost or damaged.
Customising the organisational criteria is cross-client. Activation of the organisational criteria depends on the client. If you want to use these permissions in different clients, you must activate the respective organisational criteria for the respective client. Now you can use the organisational criterion in your PFCG role. To do this, enter the S_TABU_LIN authorization object with the organisational criterion you created. Assign the respective attributes with the organisational values for which the user should be entitled. Along with the individual values, you can specify intervals for your organisational criterion so that you can assign permissions to users for multiple organisational values.
Permissions with Maintenance Status Used
Once you have defined your criteria for executing the report, you can create different variants for the report and schedule corresponding jobs to automatically lock down or invalidate the inactive users. If you want to start the report in a system that is connected to a Central User Management, you should consider the following points: You can only set local user locks. You can set the validity period only if the maintenance is set to Local in the settings of the Central User Management (this setting is set in the SCUM transaction).
Not all users should be able to log on to the application server during your maintenance? Use the security policy and a new profile parameter. When you are performing maintenance work on your SAP system, it is always necessary to prevent users from logging into the application server. This often excludes a small group of administrators who are still allowed to log on to the system. Until now, users had to be locked and the group of administrators excluded from this lock. This is now easier by using the security policy in combination with the login/server_logon_restriction profile parameter.
Authorizations can also be assigned via "Shortcut for SAP systems".
There is the report TMS_UPDATE_PWD_OF_TMSADM, which you have to start in the client 000.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
This is also useful because only the application developer can decide what properties the privileges of using the objects in the application should have.