Compensating measures for segregation of duties conflicts
SU2X_CHECK_CONSISTENCY & SU24_AUTO_REPAIR
In addition to these requirements, other settings can ensure that the transaction can be performed without verification: Verification of eligibility objects is disabled by check marks (in transaction SU24). This is not possible for SAP NetWeaver and SAP ERP HCM authorization objects, i.e. it does not apply to S_TCODE checking. The checks for specific authorization objects can be globally off for all transactions (in transaction SU24 or SU25). This is only possible if the profile parameter AUTH/NO_CHECK_IN_SOME_CASES is Y. In addition, executable transactions may also result from the assignment of a reference user; the reference user's executable transactions are also taken into account.
A text file is now created under the appropriate path, containing the desired format with the input parameters. Open the data with Microsoft Excel and set your target value list. To do so, delete the line *ECATTDEFAULT. In the VARIANT column, you can simply use a sequential numbering. Save the file in text format, not in any Excel format.
Make sense in maintaining proposal values
When pasting permission field values from the Clipboard, the values are added to the existing entries. You must also separate the value intervals when inserting with the help of the tab stop. If permissions for the individual values do not exist for maintenance, they are rejected, i.e. not taken over. The Insert function from the Clipboard is also available in the dialogue box for maintaining the organisation levels. The Copy to Clipboard and Paste from Clipboard functions are not available if you maintain field values that allow only the selection of fixed values. For example, this is the case in the Activity field.
By default, the transactions from the role menu can be found here as derived authorization values. Over the value assistance (F4) can be called partially the available functions fields to these field.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
Changes without automatic recording: This option allows you to change roles and record them in a transport order; But this will not be forced.
If a login is now made via other authentication methods (such as SSO), these are not affected by the password lock.