Retain the values of the permission trace to the role menu
Using eCATT to maintain roles
Authorization tools are only as good as the person using them. Until now, no tool has made it possible to create ready-made authorization concepts with just a single click.
It's never too late to rethink your authorization concept. Start by defining the objective of each role and take advantage of the reporting offered in SAP SuccessFactors.
Features of the SAP authorization concept
This very critical authorization can be used to electronically erase, or manipulate program runs including authorization queries in a variety of ways. This authorization should be assigned only very restrictively, for example developers need the authorization however for their daily work.
If you want to set up a new client or take over the movement data of the productive system in a development system, you should also consider the modification documents. If you have a client copy, you should first delete the indexing of the change documents (table SUIM_CHG_IDX), since you can restore the indexing after the copy. To do this, use the SUIM_CTRL_CHG_IDX report without selecting a date and check the Reset Index box. After the copy has been made, delete the change documents that are dependent on the client; This also applies to the client-independent change documents (e.g., proposed permissions, table logs) if you have copied the client to a new system. In addition, you should remove the shadow database alterations before copying the client and complete the index build after the copy. In any case, check the Reset Index box in the SUIM_CTRL_CHG_IDX report!
Authorizations can also be assigned via "Shortcut for SAP systems".
In complex SAP landscapes where the Central User Administration (ZBV) is used, there may be cases where you want to temporarily remove a subsidiary system from the ZBV without having to delete this system or shut down the entire ZBV, for example if you want to create users in a subsidiary system at short notice.
This reduces your administrative overhead for maintaining functional permissions and reduces the maintenance effort for role derivations to adapt the so-called organisational fields.