Maintain transaction start permissions on call CALL TRANSACTION
Generic access to tables
You can use the BAdI SMIME_EMAIL of the SMIME extension spot and implement the CERTIFICATE_RETRIEVAL and CERTIFICATE_SELECTION methods according to your requirements. This BAdI is called whenever an encrypted e-mail is sent. An extension allows you to search for a valid certificate at run time (for example, the one with the longest validity) to the recipient's email address in a source you defined. In the default implementation, the BAdI searches for the certificate in the Trust Manager's address book. For details on the availability of BAdIs, see SAP Note 1835509.
With the new transaction SAIS, you will enter the AIS cockpit, where you will be able to evaluate the various audit structures related to the topic. When performing an audit, under Audit Structure, select one of the existing structures and select a check number in the appropriate field. Audit structures may be subject to different audits; Therefore, you must always select an audit first. To do this, select a verification number or create a new audit. After you select the audit, the audit tree will appear in the cockpit. You can now perform the individual steps of the audit along the definition in the audit tree.
Data ownership concept
If business partners are deposited to the user IDs, the standard evaluation paths lead to a dead end. Adjust it so that the indirect role mapping works anyway. In SAP CRM, you can set up an organisation management, as in SAP HCM. You can maintain organisational units and posts and assign business partners with their user IDs. In SAP CRM, however, there is the specificity that user IDs are not directly assigned to a job, but are usually indirectly assigned by the associated business partner. All persons and organisations involved in business processes are represented as business partners in SAP CRM.
In general, we recommend you to use strong encryption mechanisms and to switch most users to an SSO login. You should then delete the hash values of the user passwords as described above. For release-dependent information on SNC client encryption, see SAP Note 1643878.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
Permissions must be maintained in every SAP system - a task that becomes more difficult the more complex the system landscapes and the greater the number of users.
In SAP CRM, you can set up an organisation management, as in SAP HCM.