The users of the SAP systems are defined internally within the same SAP systems and there is no need for user management at the operating system or database level, except for those special users defined in the standard installations, such as <sid>adm, SAPServices<adm>, ora<dbsid>,or others, depending on the operating system and database platform. The users are defined and maintained, and the security of the system is enforced in the user master records with the use of the SAP authorizations and role concept. The following sections deal with the general management of user master records and the most important available fields and options, just on the SAP Web Application Server with the ABAP engine.
But the main concern for system administrators and project managers when implementing the SAP solutions is how to enforce the right security methods for users' access to the business information. As we have seen in the first part of this chapter, the SAP system provides a comprehensive and flexible way to protect data and transactions against unauthorized use. In the user master records, users are assigned one or more roles and authorization profiles. These authorization profiles are made of a set of authorizations, which give access privileges for the different elements of the system. Further down, authorizations refer to authorization objects, which contain a range of permitted values for different system or business entities within SAP systems.
Managing roles, profiles, and authorizations is a complex and time-consuming task within SAP implementation projects and later maintenance and support. SAP has designed a tool that reduces the time needed for implementing and managing the authorizations, thus decreasing the implementation costs. This tool is known as the Role Maintenance based on the classical Profile Generator. The Profile Generator is a SAP utility available since release 3.0F of the R/3 Basis kernel, with the goal of making easier the configuration and management of authorizations, profiles, and roles. It can be used for automatically creating roles, authorizations, and profiles and assigning them easily to users. The definition of profiles using the Profile Generator is based on the possibility of grouping functions by roles (known as activity groups in releases of SAP Basis before 4.6C) in a company menu. This menu will be generated using customizing settings and will only include those functions selected by the customers.
Roles form a set of tasks or activities that can be performed in the system, such as running programs, transactions, and other functions that generally represent a job description or job role. In the following sections, all the concepts are introduced with some practical examples dealing with the process of granting access rights and protecting the system elements. A final section of the chapter covers the topic of organizing the user master record management from the point of view of tasks involved in granting access rights to the users.
SAP BASIS Related Interview Questions
|SAP CRM Interview Questions||SAP HR Interview Questions|
|SAP ABAP Interview Questions||SAP HANA Interview Questions|
|SAP Crystal Reports Interview Questions||SAP SOLMAN Interview Questions|
|SAP Security Interview Questions||SAP BPC Interview Questions|
|SAP Netweaver Interview Questions||SAP UI5 Interview Questions|
|SAP Smart Forms Interview Questions|
Sap Basis Tutorial
Sap: From Sap R/3 To Sap Netweaver
The Architecture Of The Sap Web Application Server
Sap Netweaver: An Overview
Using Sap Systems
Upgrading To Sap R/3 Enterprise: The First Step Into Sap Netweaver
The Change And Transport System
Development Options With Sap Solutions: Abap Engine
User Management And Security In Sap Environments
Web Application Server System Management
Performance And Troubleshooting With Sap Solutions
Sap For It Managers: Implementation, Planning, Operation, And Support Of Sap Systems
All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.