Full verification of user group permissions when creating the user
Restrict Application Server Login
Single role - Created using the role administration tool, it enables the automatic generation of an authorization profile. The role contains the authorization data and the logon menu of the users.
The security check also shows when no redesign is necessary because the authorizations found are compatible with the current concept. The checks allow incorrect authorizations to be identified and rectified without a redesign.
Implementing CRM Role Concept for External Services
In SAP systems, authorization structures grow over the years. If, for example, there is a restructuring in the company or there are new organizations, there is a risk that the authorization concept no longer fits or is implemented correctly.
Customer and vendor totals statements: The Customer or Vendor Accounting Sum. Rate Tables (KNC1/KNC3 or LFC1/LFC3) do not include the Profit Centre field. Therefore, authorisation control with regard to the profit centre is not possible for evaluations such as the customer and vendor balance lists (transactions FD10N or FK10N).
If you get into the situation that authorizations are required that were not considered in the role concept, "Shortcut for SAP systems" allows you to assign the complete authorization for the respective authorization object.
Do you want to keep track of what changes have been made to the Central User Management configuration or the distribution parameters for the User Master's Care? You can manage the change documents centrally.
However, if a company does not have a concept for introducing new SAP authorizations and these are always coupled with new roles, the roles and authorizations will continue to grow.