Grant spool jobs
Maintaining Authorization Objects (Transaction SU21)
In case of missing authorizations, SAP Basis also helps with an authorization trace in addition to the well-known SU53 for a more detailed analysis of authorization objects. The article "SAP Basis Basic or finding missing authorizations thanks to SU53 or ST01 Trace" describes this in more detail.
The handling of organisational levels in PFCG roles wants to be learned. If these are maintained manually, problems arise when deriving rolls. We will show you how to correct the fields in question. Manually maintained organisational levels (orgons) in PFCG roles cannot be maintained via the Origen button. These organisational levels prevent the inheritance concept from being implemented correctly. You can see that organisational levels have been maintained manually when you enter values via the Ormits button, but the changes are not applied to the authorization object.
User & Authorization Management with SIVIS as a Service
Documents: The documents in the audit structure describe the audit steps. You can create them in accordance with your audit requirements. You can recognise documents by the symbol. Double-click on this icon to open the document.
Sometimes implementation consultants are also confronted with the situation that no authorization concept exists at all. This happens, for example, when changes in SAP SuccessFactors responsibilities occur on the customer side or different implementation partners were active in the past. However, a missing concept can lead to errors in the system. Users cannot perform certain actions, or worse, people see sensitive data that they should not see. This can, in the worst case, constitute a DSGVO violation and lead to a fine for the company.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
This report has two functions: PFCG role consolidation - Identical roles are grouped into a single user base when validity periods overlap or connect directly to each other.
You can also find some useful tips from practice on the subject of SAP authorizations on the page www.sap-corner.de.
This will allow you to view failed permission checks in Web Dynpro applications or other user interfaces, which was not previously possible.