SAP Authorizations - Overview HCM Authorization Concepts
You can influence the default behaviour of various transactions and parameters with the customising switches for the maintenance of Session Manager and Profile Generator as well as the user and permission management. The SSM_CID table gives you an overview of all customising switches supplied by SAP, specifying the relevant tables SSM_CUST, SSM_COL, PRGN_CUST and USR_CUST. The short description of the customising switch refers to the relevant and current SAP references. The actual settings can be found in the SSM_CUST, PRGN_CUST and USR_CUST tables.
With apm Suite, you can put together your individual GRC/SOX-compliant solution for SAP authorizations as needed. This is helpful, for example, to optimally manage SAP roles, for the determination of critical rights, the SAP user application, the auditing of emergency users or the password self service. With apm Suite you will never lose track of your compliance in SAP authorization management.
You have read that it is possible to perform mass activities, such as mass roll-offs, using standard means. This is all too complicated for you, and you are still looking for simple solutions for role maintenance? I'm sure you'll have a look at tools from SAP partners that promise to help. In this context, we would like to give you some more information in this tip. There is a very practical occasion: We have too often found a "broken" authorisation system with SAP customers, caused by the incorrect application of additional programmes. Sometimes, the role content was misaligned and the suggestion values were not neatly maintained, so at some point the permission administrators couldn't figure out what to do. Therefore, you should check very well whether the tool you are considering is actually suitable for your purposes.
You can create such an organisational matrix as an Excel file or in ABAP; This depends on how you want to read the data. When using a common standard solution (e.g. SAP Access Control), a corresponding maintenance view is usually offered. We first describe how you can provide automated mass care in the form of a custom development.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
These should be examined closely.
The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.
This checks whether the selected user is authorised to run the specified ABAP programme or external command.