SAP Authorizations Authorizations in SAP BW, HANA and BW/4HANA - SAP Basis

Direkt zum Seiteninhalt
Authorizations in SAP BW, HANA and BW/4HANA
Starting Web Dynpro ABAP applications
You can limit the recording to a specific user. You can also use the trace to search only for permission errors. The evaluation is similar to the evaluation of the system trace in the transaction ST01. In transaction STAUTHTRACE, however, you can also evaluate for specific authorization objects or for specific permission check return codes (i.e. after positive or negative permission checks). You can also filter multiple entries.

Employees should only be able to access data relevant to their work, country or accounting area in tables? Set up organisational criteria to ensure this. Do you want users to be able to read or maintain specific tables, but only have access to the table contents that are relevant to them? The S_TABU_DIS and S_TABU_NAM permissions objects allow you to access the tables, but if you want a user to see or maintain only parts of the table, these authorization objects will reach their limits.
User and authorization management
Another important authorization object for background processing is the object S_BTCH_NAM, which allows a user to run the steps of a job under another user (see SM36 -> Edit step). Here, a name other than the user's own can be entered in the user field of a step. The prerequisite is that the job scheduler has an authorization for the object S_BTCH_NAM, which contains the name of the step user, and that the step user exists in the same client as the job scheduler itself. From 4.6C: The step user must be of type Dialog, Service, System or Communication.

The SAP standard allows you to evaluate the statistical usage data via a standard function block. The call is made through the transaction SE37. Select here the function block SWNC_GET_WORKLOAD_STATISTIC. The function block is used to write the usage statistics to a temporary table, from which you can extract the data for further use.

The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".

The easiest way is to find customising tables where they are in the SAP standard: in the SAP Introductory Guide (IMG).

Subsequently, fill in the fields of transaction SU01 with the data from the personnel master record.
Zurück zum Seiteninhalt