Use Custom Permissions
Set password parameters and valid password characters
By correcting SAP Note 1692243, you can now also use the report in a ZBV (Central User Management) environment; It is no longer limited to individual clients. If the role assignment of the ZBV in the SCUM transaction is set to global, it is sufficient if the correction is recorded in the central client. Then it is only possible to execute the report in the central client. Furthermore, you have the option to select the ZBV's subsidiary systems from the Receive System drop-down box in such a way that only the systems in which the role assignment is to be consolidated or deleted are taken into account. In the results list of the consolidated role assignment, you will now be listed in the ZBV-System column the subsidiary systems where consolidation or deletion took place.
Versions are the change documents within the development environment, for example, for changes to ABAP source code or the technical properties of tables. This authorization should only be assigned to an emergency user.
Our offer
In order to be able to act fully at all times in emergency situations, an SAP emergency user must be available who has all authorizations for the entire SAP system (typically by means of the composite profile SAP_ALL). However, this not only makes him a great help, but also extremely dangerous, so that his use must be precisely regulated via a dedicated concept.
Critical permissions are permissions that allow you to view or modify security-related configurations in the SAP system, or perform activities that are critical from a legal or business perspective. This also includes access to sensitive data, which are e.g. personal. Critical permissions are really critical in themselves and pose a risk only if they get into the wrong hands. In any case, when using critical permissions, you should observe the principle of restricting rights. There are no general definitions of risk; Therefore, each company should define the compliance requirements for itself. Identifying critical SAP permissions is an important task and should be performed in every company. Particular attention should be paid not only to the award of transactions but also to the value characteristics of each of the eligible objects. It is important to mention that preventive regular inspections do not have to be burdensome. However, they will lead to greater transparency and security.
If you get into the situation that authorizations are required that were not considered in the role concept, "Shortcut for SAP systems" allows you to assign the complete authorization for the respective authorization object.
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
Over the value assistance (F4) can be called partially the available functions fields to these field.
If you have an older SAP NetWeaver release than 7.00 installed, only two possible values for the customising switch BNAME_RESTRICT are available after the implementation of SAP Note 1731549.