Advantages of authorization tools
What's New from System Trace for Permissions! Here, features have been added that make recording and role maintenance much easier. Permission values in PFCG roles are maintained and debugging requires the use of the system trace for permissions. In the past, SAP customers have asked for more ease of use, since the trace evaluation is sometimes confusing.
For result and market segment accounting, you can define planning authorization objects, the information system, and item-based reports of the information system. In the customising (transaction SPRO), you create them via the following path and then select the corresponding section. Controlling > Income and market segment calculation > Tools > Permissions management > CO-PA specific eligibility objects.
Communication users are also intended for use by people who log on to the SAP system from outside via RFC call. Therefore, dialogue is not possible. If the password is set by the administrator, it will be assigned Initial status. However, an RFC call does not prompt the user to change the password. It therefore often retains this status, even if the user has the possibility to change the password by calling a function block (then: Status Productive). The password rules apply to this type of user. However, this is often not noticed in practice, as password rules for initial passwords are less used.
Authorization objects are defined with the help of transaction SU21. Each SAP transaction is equipped with the required authorization objects in SU24, which control access to specific functions within the respective program. Standard programs / transactions of an ERP system are already equipped with these objects during the initial installation. The same applies to other platforms such as CRM or Solution Manager.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
You must confirm this window.
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
You can view, maintain, and assign table permission groups in transaction SE54 (see Tip 55, "Maintain table permission groups").