Set up permission to access Web Dynpro applications using S_START
Customise Permissions After Upgrade
Have you ever tried to manually track who among the users in your SAP system has critical authorizations? Depending on your level of knowledge and experience, this work can take a lot of time. If audits have also been announced, the pressure is particularly high. After all, it is difficult to fulfill all requirements regarding SAP authorizations manually.
Roles can be cut so that, for example, they only have display or change permissions. Furthermore, it could be differentiated between customising, master data and movement data maintenance.
What are SAP authorizations?
How to maintain security policies and map them to your users is described in Tip 5, "Defining User Security Policy." You need a separate security policy for administrators to implement this tip, which is often useful for other reasons. In this security policy, you then set the policy attribute SERVER_LOGON_PRIVILEGE to 1. For example, you can also include the DISABLE_PASSWORD_LOGON policy attribute setting, because administrators often want to be able to log in with a password on the system.
You can use the previously created organisational matrix to either mass create new role derivations (role derivation) or mass update role derivations (derived role organisational values update). For both scenarios, there are separate Web-Dynpro applications, in which you must select the corresponding reference roles.
Authorizations can also be assigned via "Shortcut for SAP systems".
In addition to the date, time and modifier, the evaluation also contains information about the respective model view, the status of the configured system and the action taken (old value and new value).
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
There you can see that the CALL TRANSACTION call has disabled the permission check.