Copy the user from the Clipboard to the Transaction SU10 selection
Immediate authorization check - SU53
Before using the system recommendations, we recommend that you implement the corrections in SAP Notes 1554475 and 1577059. It is also necessary that the systems to be managed are connected to the SAP Solution Manager and that in the transaction SMSY were assigned to a productive system and an SAP solution. Then, in the System Recommendations settings, schedule a background job that collects the relevant information about the attached systems. Relevant information is your release and support package stand, as well as SAP notes and their versions. An OSS connection from the SAP Solution Manager, which you have to set up beforehand, will then perform a calculation in the SAP Global Support Backbone, which will determine the necessary information, i.e., that the SAP Solution Manager itself hardly generates any load from the calculation. To automatically check the security level of your systems, you should also schedule this calculation as a background job.
In order to perform an operation in the SAP system, several authorizations may be required. The resulting interrelationships can become very complex. In order to nevertheless offer a procedure that is manageable and easy to handle, the SAP authorization concept was implemented on the basis of authorization objects. Several system elements to be protected form an authorization object.
Authorizations in SAP systems: what admins should look out for
Most client programmes are additions to the standard functionalities or variations of the same. Therefore, when you create your own programmes, you can follow the eligibility checks of the standard programmes or reuse the permissions checks used there.
You can limit the recording to a specific user. You can also use the trace to search only for permission errors. The evaluation is similar to the evaluation of the system trace in the transaction ST01. In transaction STAUTHTRACE, however, you can also evaluate for specific authorization objects or for specific permission check return codes (i.e. after positive or negative permission checks). You can also filter multiple entries.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
There are also different requirements within the system landscape, e.g. on production or development systems.
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
The icon means that the table logger for the selected table is off.