Optimization of SAP licenses by analyzing the activities of your SAP users
Default permissions already included
An SAP authorization concept is used to map relevant legal standards and internal company regulations to the technical protection options within an SAP system. Authorization concepts are thus the key to optimal protection of your system, both externally and internally.
The first step in the cleanup process is therefore to find out whether the current authorization concept is sufficient and a cleanup is the best way forward, or whether a rebuild of the authorization concept is necessary. The focus should be on saving the current authorization concept, since rebuilding it takes more time than cleaning it up.
Note the maintenance status of permissions in roles and their impact
The requirements in the third example to filter the Post Journal Display (transaction FAGLL03) can be implemented using the BAdIs FAGL_ITEMS_CH_DATA. Depending on the permissions granted, certain items or documents should be excluded from display. You can see the definition of BAdIs through the SE18 transaction, and in the SE19 transaction you create an implementation of the BAdIs in the Customer Name Room.
Which applications have similar or identical features? Use application search to find out. Suppose you want to allow access to certain data for specific users or revisors. An auditor can usually view the contents of defined tables; However, in order not to give the auditor permission to use the generic table tools, such as the SE16, SM30 transactions, etc. , you need to verify that the relevant tables may be provided through other transactions. The actual function of the alternative application should not be used.
"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.
With them, therefore, no dialogue login is possible on the SAP system, but only the login via RFC call.
In the SAP system, passwords are locked when the maximum number of allowed password login errors is reached.