Finance, controlling, logistics: As an authorizer, the trade is the same in most modules. However, additional knowledge is required if you want to provide users with reports and analyses from SAP NetWeaver Business Intelligence (BI). We explain how SAP BI authorizations are structured and what you need to keep in mind.
Author Archives: admin
Role types in SAP systems
SAP authorizations function via the assignment of roles, which in turn contain authorizations. Now, SAP knows quite different role types. We explain which SAP roles exist and how you can use them.
Authorization objects that almost always run to error – but are never the real problem
There are a number of authorization objects that run into errors in almost every SU53 and often in the authorization trace, but in the end are almost never the cause of the problem. Today we’ll show you which objects these are, when you can ignore them – and when it’s actually worth checking them more closely.
The most important user transactions
Before the authorization comes the analysis. Which roles, transactions, profiles and authorization objects does a user have? Which ones do they really need? When it comes to these analyses, many roads lead to Rome. The fastest and most secure user transactions (and helpful tables) from our point of view can be found here. What rolesContinue reading “The most important user transactions”
SAP Query: Reports from database tables
With “SAP Query”, you can read out and analyze tables, i.e. bundle and present data in such a way that it can become the basis for decision-making. But authorizing queries can be time-consuming. We show you how it’s done.
Everything new with Fiori
With Fiori, SAP users have to adapt to a whole new way of working. Tiles instead of transactions, groups instead of roles. When everything is up and running, it should make working with SAP easier, more modern and clearer. But until it’s up and running, Fiori will be a pain in the neck for everyone involved – including you as an authorizer. That’s why we’ve summarized the most important tools and sources for setting up and adapting Fiori quickly and smoothly.
Which trace is the right one?
A user cannot execute a certain transaction and we want to find out why. Or a user needs a new, additional role and we need to find out what authorizations he already has in his other roles. There are several reasons to use SAP traces. The most important traces in terms of authorizations are explained here.
PFCGMASSVAL: authorization changes for multiple roles or objects at the same time
With transaction PFCGMASSVAL, SAP has introduced a function that can save a lot of time, especially in authorization management. PFCGMASSVAL allows the change of authorizations across multiple roles and objects in just one step.
General authorizations in SAP HCM
General authorizations are one of a total of 3 authorization concepts in SAP ERP HCM. In HCM, data is stored in so-called infotypes. The most important authorization object is P_ORGIN (HR:Master data), which makes it possible to differentiate between infotypes, subtypes, authorization levels, personnel areas, employee groups, employee subgroups, and organizational keys. A further restrictionContinue reading “General authorizations in SAP HCM”
Authorizations in SAP HCM
Like any other area in the company, the HR area is also managed via authorizations. In this way, it is possible to determine which data (in HCM, the technical term for this is “infotypes”) the HR supervisors, controllers, administrators, etc. can access. A major feature in HCM is the different authorization concepts, which are uniqueContinue reading “Authorizations in SAP HCM”