Archive change document management for user and permission management
Audit Information System Cockpit
The panel menus also simplify the maintenance of permissions to the audit structures. You can select the audit structures or area menus you use in role editing and import them into the roles as menus. If you want to set up a constraint on AIS users to specific audit structures or protect individual audits from access, you can use the S_SAIS authorization object. This object controls access to the audit structures or the audit numbers of individual audits.
The concept for in-house developments is obligatory for every company that writes its own software. It specifies requirements, for example, for the structure, naming and documentation of program components, and in particular for dealing with safety-critical aspects. The wording should not be too general, but should explicitly address the special features of programming in SAP.
User & Authorization Management with SIVIS as a Service
You have developed applications yourself and would like to maintain suggestion values for them? The easiest way to do this is with the help of the permission trace. Permission checks are also performed on self-developed applications. These applications must therefore be included in the PFCG rolls. If they are maintained in a role menu, you will notice that in addition to the start permissions (such as S_TCODE), no other authorization objects are added to the PFCG role. The reason for this is that even for customer-specific applications suggestion values must be maintained to ensure that the PFCG role care runs according to the rules and to facilitate the care for you. Up to now, the values of customer-owned applications had to be either manually maintained in the PFCG role, or the suggested values maintenance in the transaction SU24 was performed manually.
The difficulty in assigning permissions to the S_DATASET object is determining the correct values for the FILENAME and PROGRAMME fields. If you have not specified a path in the FILENAME field, only the files in the DIR_HOME directory will be allowed.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
The panel menus also simplify the maintenance of permissions to the audit structures.
Authorization objects can be displayed and recreated in the transaction SU21.