SAP Authorizations Existing permissions - SAP Corner

Direkt zum Seiteninhalt
Existing permissions
Deletion of change documents
What roles does my user have (SU01)? We start with a simple question: which roles are actually assigned to your SAP user? With the transaction SU01 you can view your (or other) SAP user. Among a lot of other information, you can find the assigned single and composite roles on the "Roles" tab.

For the transport of PFCG roles with their profiles there is also an SAP notice: Note 1380203. If you enter the correction, it is possible to use separate positions for the third and fourth digits of the generated profile name for the definition. In the SAP standard, the name of a generated profile is composed as follows, for example, if the System ID is ADG: T-AG#####. If your other source systems differ only in the second place of the system ID, the profile name does not indicate from which system the profiles originate.
RSUSR008_009_NEW
Once the programme implementation and documentation have been completed, a functional test will always follow. A corresponding eligibility test should not be forgotten. The permission test must include both a positive and a negative permission test.

SAP authorizations control the access options of users in an SAP system, for example to personal data. Managing this access securely is essential for every company. This makes authorization concepts, authorization tools and automated protection of the SAP system all the more important.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

Then click the Editor tab.

The website www.sap-corner.de offers a lot of useful information about SAP authorizations.


If the status is yellow, there are different value ranges for the field within the role; the role must therefore be adjusted.
SAP Corner
Zurück zum Seiteninhalt