Job Management Concept
Parameterization of the operating system, the databases and the SAP system to ensure high-performance and trouble-free operation
For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.
The SAP Security for Administrators training block covers the basics of security when using SAP systems. Participants receive training in basic security measures in the form of prevention and monitoring.
Proof of concept, so that you can gain initial experience
In the default scenario, the support packages in the queue are fully loaded. In the event of an error, you will not be able to resume and complete the playback successfully unless the error(s) are resolved. Prerequisites The queue is already defined. Procedure To set the scenario you want, select Additions Settings. Select the desired scenario. Select Insert Support Package Queue. You can also use this function to restore an aborted commit procedure. The status bar provides information on the progress of the commit and the latest steps of the SAP Patch Manager. During the recording, you may get into the modification comparison (SPDD, SPAU). If you are playing with the default scenario, you must immediately perform the comparison of Dictionary objects (transaction SPDD), whereas when you compare Repository objects (transaction SPAU), you have the choice to skip it first and perform it later (modification comparison [page 22]). The mode is blocked while a Support Package is being introduced. To avoid repeated login, open a second mode before inserting the queue.
As a hint: The menu tab "Jump" allows you to set all namespaces or software components simultaneously to "modifiable" or "non-modifiable". However, before you can rearrange the namespace and software components, you must also adjust the global setting accordingly. With Save or CTRL+S you can now save your new settings and you have already set the system modifiability.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
Your administrator must carefully schedule these tasks when user demand is low so they don't impact performance.
SAP Fiori is the presentation layer of the next generation and is therefore particularly user-friendly.