Notes 2009

NOTE NOVEMBER 2009

Creation of table authorization groups

A common task is to create a table authorization group to protect
the respective customer specific tables or views.
In the following paragraphs the necessary steps are described.

In a first step it is recommended to define a new authorization group.

1. Definition:

Call transaction SE54 and checkmark the entry “Authorization Groups”.
NOTE OCTOBER 2009

System Parameter Changes

SAP® system parameters are controlled via profiles.
These profiles are stored in text files on the operating system level.
With that profile parameters could be changed on the OS level with the help
of common editors if a person has the necessary access.
Changes that occur on this level will not be logged, if the logging
is not especially activated for the OS level.

Therefore changes should not occur on this level, and access needs
NOTE SEPTEMBER 2009

Cross-system evaluations

When using a CUA [Central User Administration]
some of the information system reports offer an interface
for cross-system evaluations.
One of them is the report RSUSR002.

NOTE JULY 2009

MASS CHANGES

SAP® offers several options to perform mass changes to vendor or customer
master data, general ledger accounts, orders etc.
One way is to apply the changes directly to the corresponding tables in which
the data is stored as for example table LFA1 and LFB1 [contain the general and company code specific data]. The advantage consists in the fact that a high
NOTE JUNE 2009

Report RSUSR003

The report RSUSR003 allows the cross client password review of the
SAP® standard users SAP*, DDIC, SAPCPIC and EARLY WATCH
as well as a check of the respective system login parameters.

In the past when the report was selected for execution it was required to
have matching authorization to change the user group SUPER and
to perform client maintenance.

S_TABU_DIS with ACTVT=02 for DICBERCLS= SS
NOTE MAY 2009

SAP GUI Scripting

I Technical requirements

For activation of the scripting the dynamic parameter 
sapgui/user_scripting needs to be set to TRUE.
[more details OSS NOTE 480149]

The general enabling is to be adjusted via the menu bar under Options.
The checkmarks as displayed below should be activated,
to also prevent the execution of hidden scripts.
NOTE APRIL 2009

Short manual: Analysis authorization

I. Introduction

Starting with NetWeaver all users who want to display data from
authorization-relevant characteristics or navigation attributes in a
query require analysis authorizations. This type of authorization is
not based on the standard authorization concept of SAP®.
The formerly used reporting authorization concept is basically
NOTE MARCH 2009

Cross-system permission comparison

There might be several situations where it is a help to compare
the permission settings of two ore more portal environments.
This is a short guide on how to gather the information,
and then how to get the results.

I    Collect data

1. Log on to the portal where you want to analyze the ACL
  [Access control list]  permissions.
RSS feed