User Interface Client Permissions
If you only want to translate the description of the role, it is recommended to record the PFCG transaction and to change the source language of the role using the Z_ROLE_SET_MASTERLANG report before the LSMW script runs through. The report on how to change the source language can be found in SAP Note 854311. Similarly, you can use the SECATT (Extended Computer Aided Test Tool, eCATT) transaction to perform the translation instead of the LSMW transaction.
The convenience of configuring and evaluating the Security Audit Log has been improved. For this purpose, the maximum number of marked messages in the detail selection has been increased to 40 events, a forward navigation for the displayed objects has been added and the details selection in transaction SM20 has been supplemented with the technical event names. You will find the corrections and an overview of the required support packages in SAP Note 1963882.
Changes in customizing and various security-relevant changes, such as the maintenance of RFC interfaces, can be viewed via table change logs. This authorization should only be given to an emergency user.
The SU10 transaction, as the user administrator, helps you maintain bulk user master records. You can now also select the user data by login data. You're probably familiar with this. You have blocked users, for example, so that a support package can be included. Some users, such as administrators, are not affected. For collective unlocking, you only want to select users with an administrator lock. The mass maintenance tool for users in the transaction SU10 is available for this purpose. This transaction allows you to select by user and then perform an action on all selected users. Until now, users could only be selected by address data and permission data.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
In addition, critical commands should be prohibited from the outset.
You can define and use your own layout on the home page.