A basic role combines almost all authorizations that all users need. It can be assigned automatically when a new user is created in the system, assigned directly, or included in composite or business roles, thus facilitating the rapid assignment of basic SAP authorizations.
Preventing input errors and speeding up processes – to ensure this, parameter transactions are often a good choice. Today, we will explain to you what you need to consider as an authorization professional and how you can restrict parameter transactions.
The standard SAP_ALL and SAP_NEW profiles allow you to assign a user full authorizations for all transactions and functions in the SAP system. It is well known that the profiles represent an enormous security risk. Nevertheless, they are often required for scenarios such as the use of emergency users or for technical users. Find out how to use SAP_ALL and SAP_NEW correctly here.