Permissions and User Root Sets Evaluations
Customizing
On the topic of SAP authorizations and SAP S/4HANA, I can recommend the SAP online course by Tobias Harmes as blended learning from Espresso Tutorials for SAP administrators, ABAP developers and people who are currently or will be dealing with SAP authorizations. The online course covers the following topics: - Introduction to the course - Why are SAP authorizations actually important? - How do SAP authorizations work technically? - Developing and maintaining roles - SAP Fiori authorizations/tile authorizations in S/4HANA - Developing authorization checks.
Identify the personnel master record associated with the user ID that you are creating in the SU01 transaction. To do this, search within the personnel data for a personnel number that entered this user ID in the System User Name SAP System (0001) subtype of the Communication (0105) info type. Subsequently, fill in the fields of transaction SU01 with the data from the personnel master record.
Permissions objects already included
Setting the confidentiality or encryption markers in the SEND_EMAIL_FOR_USER method affects the display of the e-mail in Business Communication Services Administration (transaction SCOT). If the email is marked as confidential, it can only be viewed by the sender or the creator of the email. The sender and the creator need not necessarily be identical, for example, if you have entered the system as the sender. The e-mail creator is the one who ran the application in the context of which the e-mail was created. The encryption flag also automatically sets the confidentiality of the email. The e-mail is not stored in the system in encrypted form, but is protected against unauthorised access by the confidentiality flag. However, access by the sender or creator is still possible. You should also note that the subject of the email is not encrypted.
You must set up a message class for later use. To do this, you will be prompted automatically when the transaction GGB0 is first called. If some relevant fields of the complete document are hidden, i.e. not available, please refer to the instructions in the SAPHinweis 413956. Set up validation in the GGB0 transaction (such as GALILEO) and determine the steps of validation. In the validation process, copy the RGGBR000 programme into your Customer Name Room, replacing the last three characters with the number of the client in which the validation will be performed. Then assign your new customer-owned programme with the GCX2 transaction to the GBLR user exit control workspace. This assignment has created the prerequisite for client-dependent user exits. If you want to set up a client-independent user exit, do the same, but use the transaction GCX1.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
The SAP HANA Studio is installed on your workstation.
If you want to know more about SAP authorizations, visit the website www.sap-corner.de.
This is either C (Check) or N (Do Not Check).