BRF Business Rule Framework
To inherit SAP permissions with different organisational levels
A customized cloud for the most diverse requirements of medium-sized companies is an important backbone for business success. For this purpose, we accompany digitization projects of our customers from a wide range of industries on an equal footing.
With SAP Basis, SAP delivers the foundation of its software. Based on this foundation, SAP applications can be used independently of the operating system and database, interact with each other and be enriched with data. Based on a client/server architecture, SAP Basis includes configuration, a relational database management system, and a graphical user interface.
For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.
The entry screen gives a brief overview of the status of the last queued. In case of incomplete support packages, the last (aborted) step of the SPAM will be displayed. System: Check the correct function of the transport tools using Tool Transport Tool. Make sure there is enough space (the size of the OCS files multiplied by 2) in the transport directory (see the R/3 profile parameter DIR_TRANS with the AL11 transaction or the SE38 transaction and the report RSPARAM). Make sure that there is enough space, especially in the subdirectories trans/EPS/in and trans/data. Use the latest SPAM update. Verify that the SPAM update offered in the SAPNet - R/3 frontend or the SAPNet - Web Frontend is newer than the one available in your system. You can see the version of the SPAM update available in your system in the title bar of the SPAM image. We recommend that you always run the latest SPAM update first [page 14] to avoid problems when playing. The insertion of a SPAM update is analogous to the insertion of support packages. There must be no incomplete support packages in your system. To do this, under Folder in the SPAM, select Aborted Support. Packages and select View. Support packages should not be displayed. The status light should be green. If not, view the detailed status and log information for all support packages in the system. Select Jump Status or Jump Log. Load Activities Support Package [page 15] Define Queue [page 17] Insert Queue [page 20] If necessary: Sync Modifications [Page 22] Verify Protocols [Page 23] Confirm Queue [Page 24].
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
Instead of letting the power consumer determine each parameter individually, the SAP basis can now create meaningful bundles, such as the power server with a lot of processor power, memory and disk space, and the light server in a simpler setup.
However, to use digitally signed notes in your system, you will need to take a few steps to prepare them.